Rev 130 | Rev 137 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<?phpinclude_once ('php/clsLibGTIN.php');include_once ('php/constants.php');error_reporting(E_ALL);// add new entry to wishlistfunction addWishlist($uid, $wlArr) {$nul = 'NULL';$conn = MySessionHandler::getDBSessionId();$created = mysqli_real_escape_string($conn, time());$modified = $created;$uid = mysqli_real_escape_string($conn, $uid);$mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";$rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";$asin = isset($wlArr->{'asin'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'asin'}) . "'" : "NULL";$barcode = (empty($wlArr->{'barcode'}) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr->{'barcode'}) . "'");$title = isset($wlArr->{'title'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'title'}) . "'" : "NULL";$artist = isset($wlArr->{'artist'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'artist'}) . "'" : "NULL";$cond = 'Any';$format = 'Any';$currency = 'USD'; //bugbug$price = 'NULL';$url = isset($wlArr->{'url'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'url'}) . "'" : "NULL";$thumbnail = isset($wlArr->{'thumbnail'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) . "'" : "NULL";$ip = inet_pton($_SERVER['REMOTE_ADDR']);$sql = "INSERTINTO wishlist(id, created, ip, modified, uid, mid, rid, asin, barcode, title, artist, cond, format, currency, price, url, thumbnail)VALUES (NULL, '$created', '$ip', '$modified', '$uid', '$mid', '$rid', " . $asin . ", " . $barcode . ", " . $title . ", " . $artist . ", '$cond', '$format', '$currency', '$price', " . $url . ", " . $thumbnail . ")";if ($result = mysqli_query($conn, $sql)) {return 0;}else {$error = mysqli_errno($conn);if ($error == 1062) {return 1;}else {error_log("MySQL Read Wishlist SQL: " . $sql);error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");return -1;}}return -1;}function checkWishlist($type, $id) {$conn = MySessionHandler::getDBSessionId();if ($type == "master") {$colName = "mid";} else if ($type == "release") {$colName = "rid";} else if ($type == "asin") {$colName = "asin";}$uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);$sql = "SELECT idFROM wishlistWHERE uid = '$uid' and $colName = '$id'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {return true;}}else if (mysqli_errno($conn)) {error_log("MySQL Check Wishlist SQL: " . $sql);error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");return true;}return false;}function getWishlist() {$xh = new Html;$xh->init($_SESSION["htmlIndent"]);if (!isLoggedIn()) {$xh->add_attribute("class", "container bg-warning text-center py-3");$xh->tag('div');$xh->add_attribute("class", "display-6");$xh->tag('p');$xh->add_attribute("class", "material-icons");$xh->tag('i', "error_outline");$xh->tag('span', " Please login to your Find Cheap Music account in order to maintain the wishlist.");$xh->close(); // p$xh->close(); // div$html = $xh->flush();//error_log(print_r($html, 1));return $html;}$conn = MySessionHandler::getDBSessionId();$uid = $_SESSION['sessData']['userID'];$sql = "SELECT *FROM wishlistWHERE uid = '$uid'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {$xh->add_attribute("class", "container");$xh->tag('div');$xh->add_attribute("class", "input-group mt-3");$xh->tag('div');$xh->add_attribute("class", "input-group-prepend");$xh->tag('div');$xh->add_attribute("class", "input-group-text");$xh->tag('span');$xh->add_attribute("class", "material-icons");$xh->tag('i', "search");$xh->close(); // span$xh->close(); // div$xh->add_attribute("type", "text");$xh->add_attribute("class", "form-control");$xh->add_attribute("id", "tableFilter");$xh->add_attribute("placeholder", "Search for..");$xh->add_attribute("aria-label", "Search for entry");$xh->single_tag('input');$xh->add_attribute("id", "tableFilterButton");$xh->add_attribute("class", "input-group-append");$xh->tag('div');$xh->add_attribute("id", "tableFilterReset");$xh->add_attribute("type", "button");$xh->add_attribute("class", "btn rounded");$xh->tag('button');$xh->add_attribute("class", "material-icons");$xh->tag('i', "cancel_presentation");$xh->close(); // button$xh->close(); // div$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));$xh->tag('script');$str = trim('document.addEventListener("DOMContentLoaded", function() {');$str .= trim(' document.getElementById("tableFilter").addEventListener("keyup", function() {');$str .= trim(' filterWishlist();');$str .= trim(' });');$str .= trim(' document.getElementById("tableFilterReset").addEventListener("click", function() {');$str .= trim(' document.getElementById("tableFilter").value = "";');$str .= trim(' filterWishlist();');$str .= trim(' });');$str .= trim('});');$xh->insert_code($str);$xh->close(); // script$xh->close(); // div$xh->add_attribute("method", "post");$xh->add_attribute("action", "/index.php");$xh->tag('form');$xh->insert_code(inputSessionTab());$xh->add_attribute("id", "discogsTitle");$xh->add_attribute("type", "hidden");$xh->add_attribute("name", "discogsTitle");$xh->add_attribute("value", "");$xh->single_tag('input');$xh->add_attribute("id", "discogsArtist");$xh->add_attribute("type", "hidden");$xh->add_attribute("name", "discogsArtist");$xh->add_attribute("value", "");$xh->single_tag('input');$xh->add_attribute("id", "discogsBarcode");$xh->add_attribute("type", "hidden");$xh->add_attribute("name", "discogsBarcode");$xh->add_attribute("value", "");$xh->single_tag('input');$xh->insert_code(inputNonce());$xh->add_attribute("class", "table");$xh->tag('div');$xh->add_attribute("id", "wishlistTable");$xh->add_attribute("class", "table table-striped table-condensed table-hover small");$xh->tag('table');$xh->add_attribute("class", "head-dark table-header-sticky");$xh->tag('thead');$xh->tag('tr');$xh->add_attribute("class", "hide-medium");$xh->tag('th', "");$xh->add_attribute("id", "sortColumn1");$xh->add_attribute("class", "text-left cursor-pointer");$xh->tag('th');$xh->add_attribute("class", "nowrap");$xh->tag('span');$xh->tag('span', "Artist");$xh->add_attribute("class", "d-block d-md-none");$xh->tag('span', "<br>");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");$xh->tag('i', "arrow_drop_up");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");$xh->tag('i', "arrow_drop_down");$xh->close(); // span$xh->close(); // th$xh->add_attribute("id", "sortColumn2");$xh->add_attribute("class", "text-left cursor-pointer");$xh->tag('th');$xh->add_attribute("class", "nowrap");$xh->tag('span');$xh->tag('span', "Title");$xh->add_attribute("class", "d-block d-md-none");$xh->tag('span', "<br>");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");$xh->tag('i', "arrow_drop_up");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");$xh->tag('i', "arrow_drop_down");$xh->close(); // span$xh->close(); // th$xh->add_attribute("id", "sortColumn3");$xh->add_attribute("class", "d-none");$xh->tag('th', "");$xh->add_attribute("id", "sortColumn4");$xh->add_attribute("class", "cursor-pointer hide-medium hide-small");$xh->tag('th');$xh->add_attribute("class", "nowrap");$xh->tag('span');$xh->tag('span', "Barcode");$xh->add_attribute("class", "d-block d-md-none");$xh->tag('span', "<br>");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");$xh->tag('i', "arrow_drop_up");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");$xh->tag('i', "arrow_drop_down");$xh->close(); // span$xh->close(); // th$xh->add_attribute("id", "sortColumn5");$xh->add_attribute("class", "cursor-pointer hide-small");$xh->tag('th');$xh->add_attribute("class", "nowrap");$xh->tag('span');$xh->tag('span', "Condition");$xh->add_attribute("class", "d-block d-md-none");$xh->tag('span', "<br>");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");$xh->tag('i', "arrow_drop_up");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");$xh->tag('i', "arrow_drop_down");$xh->close(); // span$xh->close(); // th$xh->add_attribute("id", "sortColumn6");$xh->add_attribute("class", "cursor-pointer hide-small");$xh->tag('th');$xh->add_attribute("class", "nowrap");$xh->tag('span');$xh->tag('span', "Format");$xh->add_attribute("class", "d-block d-md-none");$xh->tag('span', "<br>");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");$xh->tag('i', "arrow_drop_up");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");$xh->tag('i', "arrow_drop_down");$xh->close(); // span$xh->close(); // th$xh->add_attribute("class", "d-none");$xh->tag('th', "Ceiling Price Plain Number");$xh->add_attribute("id", "sortColumn7");$xh->add_attribute("class", "cursor-pointer");$xh->tag('th');$xh->add_attribute("class", "nowrap");$xh->tag('span');$xh->tag('span', "Price");$xh->add_attribute("class", "d-block d-md-none");$xh->tag('span', "<br>");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");$xh->tag('i', "arrow_drop_up");$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");$xh->tag('i', "arrow_drop_down");$xh->close(); // span$xh->close(); // th$xh->tag('th', "");$xh->add_attribute("class", "d-none");$xh->tag('th', "");$xh->close(); // tr$xh->close(); // thead$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));$xh->tag('script');$str = trim('document.addEventListener("DOMContentLoaded", function() {');$str .= trim(' document.getElementById("sortColumn1").addEventListener("click", function() {');$str .= trim(' sortTable("wishlistTable", 1, "text");');$str .= trim(' });');$str .= trim(' document.getElementById("sortColumn2").addEventListener("click", function() {');$str .= trim(' sortTable("wishlistTable", 2, "text");');$str .= trim(' });');$str .= trim(' document.getElementById("sortColumn4").addEventListener("click", function() {');$str .= trim(' sortTable("wishlistTable", 4, "text");');$str .= trim(' });');$str .= trim(' document.getElementById("sortColumn5").addEventListener("click", function() {');$str .= trim(' sortTable("wishlistTable", 5, "text");');$str .= trim(' });');$str .= trim(' document.getElementById("sortColumn6").addEventListener("click", function() {');$str .= trim(' sortTable("wishlistTable", 6, "text");');$str .= trim(' });');$str .= trim(' document.getElementById("sortColumn7").addEventListener("click", function() {');$str .= trim(' sortTable("wishlistTable", 7, "numeric");');$str .= trim(' });');$str .= trim('});');$xh->insert_code($str);$xh->close(); // script$xh->tag('tbody');while ($row = mysqli_fetch_assoc($result)) {$artist = (empty($row["artist"]) ? "Various" : htmlentities($row["artist"]));$altText = "Image for " . htmlentities($row['title']) . " by " . $artist;$price = print_monetary($row['price'], $row['currency']);$searchTitle = 'Searching for:<br><br><strong>' . htmlentities($row['title']) . " by " . $artist;if ($row['barcode'] !== null) {$searchTitle .= " (" . displayBarcode($row['barcode']) . ")";}$searchTitle .= "</strong>";$xh->add_attribute("class", "border");$xh->add_attribute("data-id", $row['id']);$xh->add_attribute("data-title", htmlentities($row['title']));$xh->add_attribute("data-artist", $artist);$xh->add_attribute("data-barcode", htmlentities($row['barcode']));$xh->add_attribute("data-search-title", $searchTitle);$xh->tag('tr');$xh->add_attribute("class", "hide-medium wl-img");$xh->tag('td');$xh->add_attribute("class", "img-fluid lazyload");$xh->add_attribute("src",PIXEL);$xh->add_attribute("data-src", $row["thumbnail"]);$xh->add_attribute("alt", $altText);$xh->single_tag('img');$xh->close(); // td$xh->tag('td', $artist);$xh->tag('td', htmlentities($row['title']));$xh->add_attribute("class", "d-none");$xh->tag('td', htmlentities($row['barcode']));$xh->add_attribute("class", "hide-medium hide-small");$xh->tag('td', displayBarcode($row['barcode']));$xh->add_attribute("class", "hide-small");$xh->tag('td', $row['cond']);$xh->add_attribute("class", "hide-small");$xh->tag('td', $row['format']);$xh->add_attribute("class", "d-none");$xh->tag('td', $row['price']);$xh->tag('td', $price);$xh->add_attribute("class", "text-nowrap");$xh->tag('td');$xh->add_attribute("id", "wlEditBtn" . $row['id']);$xh->add_attribute("class", "btn btn-sm btn-warning rounded px-1");$xh->add_attribute("type", "button");$xh->add_attribute("data-toggle", "tooltip");$xh->add_attribute("title", "Edit");$xh->add_attribute("aria-label", "Edit Entry");$xh->tag('button');$xh->add_attribute("class", "material-icons");$xh->tag('i', "edit");$xh->close(); // button$xh->tag('span' , " ");$xh->add_attribute("id", "wlDeleteBtn" . $row['id']);$xh->add_attribute("class", "btn btn-sm btn-danger rounded px-1");$xh->add_attribute("type", "button");$xh->add_attribute("data-toggle", "tooltip");$xh->add_attribute("title", "Delete");$xh->add_attribute("aria-label", "Delete Entry");$xh->tag('button');$xh->add_attribute("class", "material-icons");$xh->tag('i', "cancel_presentation");$xh->close(); // button$xh->tag('span' , " ");$xh->add_attribute("id", "wlInfoBtn" . $row['id']);$xh->add_attribute("class", "btn btn-sm btn-info rounded px-1 hide-small");$xh->add_attribute("role", "button");$xh->add_attribute("data-toggle", "tooltip");$xh->add_attribute("title", "Information");$xh->add_attribute("aria-label", "Information for Entry");$xh->add_attribute("href", htmlentities($row['url']));$xh->add_attribute("target", "_blank", "rel", "noreferrer noopener");$xh->tag('a');$xh->add_attribute("class", "material-icons");$xh->tag('i', "info_outline");$xh->close(); // a$xh->tag('span' , " ");$xh->add_attribute("id", "wlSearchBtn" . $row['id']);$xh->add_attribute("type", "submit");$xh->add_attribute("name", "submitBtn");$xh->add_attribute("value", "discogsSearch");$xh->add_attribute("class", "btn btn-sm btn-success rounded px-1");$xh->tag('button');$xh->add_attribute("class", "material-icons");$xh->add_attribute("title", "Search for Store Offers");$xh->add_attribute("aria-label", "Search Store Offers for Entry");$xh->add_attribute("data-toggle", "tooltip");$xh->tag('i', "search");$xh->close(); // button$xh->close(); // td$xh->add_attribute("id", "wlIdRow" . $row['id']);$xh->add_attribute("class", "d-none");$xh->tag('td', "");$xh->close(); // tr}$xh->close(); // tbody$xh->close(); // table$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));$xh->tag('script');$str = trim('document.addEventListener("DOMContentLoaded", function() {');$str .= trim(' document.getElementById("wishlistTable").addEventListener("click", function(event) {');$str .= trim(' e = event.target.closest("button") || event.target.closest("a");');$str .= trim(' tr = event.target.closest("tr");');$str .= trim(' if (e && tr && e.id.startsWith("wlEditBtn")) {');$str .= trim(' var id = tr.getAttribute("data-id");');$str .= trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Wishlist", "eventAction" : "Edit", "eventLabel" : ""});');$str .= trim(' editWishlist(id, e);');$str .= trim(' } else if (e && tr && e.id.startsWith("wlDeleteBtn")) {');$str .= trim(' var id = tr.getAttribute("data-id");');$str .= trim(' var title = tr.getAttribute("data-title");');$str .= trim(' var artist = tr.getAttribute("data-artist");');$str .= trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Wishlist", "eventAction" : "Delete", "eventLabel" : ""});');$str .= trim(' deleteWishlist(id, e, title, artist);');$str .= trim(' } else if (e && tr && e.id.startsWith("wlInfoBtn")) {');$str .= trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Album Info", "eventAction" : "Click", "eventLabel" : ""});');$str .= trim(' } else if (e && tr && e.id.startsWith("wlSearchBtn")) {');$str .= trim(' var title = tr.getAttribute("data-title");');$str .= trim(' var artist = tr.getAttribute("data-artist");');$str .= trim(' var barcode = tr.getAttribute("data-barcode");');$str .= trim(' var searchTitle = tr.getAttribute("data-search-title");');$str .= trim(' document.getElementById("discogsTitle").value = title;');$str .= trim(' document.getElementById("discogsArtist").value = artist;');$str .= trim(' document.getElementById("discogsBarcode").value = barcode;');$str .= trim(' progressBar(searchTitle);');$str .= trim(' if (window.google_tag_manager && window.ga && ga.create) {');$str .= trim(' event.preventDefault();');$str .= trim(' var form = event.target.closest("form");');$str .= trim(' var input = document.createElement("input");');$str .= trim(' input.setAttribute("type", "hidden");');$str .= trim(' input.setAttribute("name", "submitBtn");');$str .= trim(' input.setAttribute("value", "discogsSearch");');$str .= trim(' form.appendChild(input);');$str .= trim(' window.dataLayer.push({ "event" : "search", "search_term" : title + " by " + (artist.length == 0 ? "Various Artists" : artist), "eventCallback": function () {form.submit();}});');$str .= trim(' }');$str .= trim(' }');$str .= trim(' });');$str .= trim('});');$xh->insert_code($str);$xh->close(); // script$xh->close(); // div$xh->close(); // form$xh->add_attribute("class", "modal fade");$xh->add_attribute("id", "editWishlistModal");$xh->tag('div');$xh->add_attribute("class", "modal-dialog");$xh->tag('div');$xh->add_attribute("class", "modal-content");$xh->tag('div');$xh->add_attribute("class", "modal-header bg-secondary");$xh->tag('div');$xh->add_attribute("class", "modal-title display-6");$xh->tag('p', "Edit Wishlist Entry");$xh->close(); // div>$xh->add_attribute("class", "mt-0");$xh->add_attribute("id", "wlMsg");$xh->tag('span', "");$xh->insert_code(inputSessionTab());$xh->add_attribute("type", "hidden");$xh->add_attribute("name", "wlId");$xh->add_attribute("id", "wlId");$xh->single_tag('input');$xh->add_attribute("class", "modal-body");$xh->tag('div');$xh->add_attribute("class", "form-group");$xh->tag('div');$xh->add_attribute("for", "wlArtist");$xh->tag('label', "Artist:");$xh->add_attribute("type", "text");$xh->add_attribute("class", "form-control");$xh->add_attribute("id", "wlArtist");$xh->single_tag('input');$xh->close(); // div$xh->add_attribute("class", "form-group");$xh->tag('div');$xh->add_attribute("for", "wlTitle");$xh->tag('label', "Title:");$xh->add_attribute("type", "text");$xh->add_attribute("class", "form-control");$xh->add_attribute("id", "wlTitle");$xh->single_tag('input');$xh->close(); // div$xh->add_attribute("class", "form-group");$xh->tag('div');$xh->add_attribute("for", "wlBarcode");$xh->tag('label', "Barcode:");$xh->add_attribute("type", "text");$xh->add_attribute("class", "form-control");$xh->add_attribute("id", "wlBarcode");$xh->single_tag('input');$xh->close(); // div$xh->add_attribute("class", "form-group");$xh->tag('div');$xh->add_attribute("for", "wlCond");$xh->tag('label', "Condition:");$xh->add_attribute("class", "form-control");$xh->add_attribute("id", "wlCond");$xh->tag('select');$xh->tag('option', "Any");$xh->tag('option', "New");$xh->tag('option', "Used");$xh->close(); // select$xh->close(); // div$xh->add_attribute("class", "form-group");$xh->tag('div');$xh->add_attribute("for", "wlFormat");$xh->tag('label', "Format:");$xh->add_attribute("class", "form-control");$xh->add_attribute("id", "wlFormat");$xh->tag('select');$xh->tag('option', "Any");$xh->tag('option', "CD");$xh->tag('option', "Record");$xh->tag('option', "Digital");$xh->tag('option', "Book");$xh->close(); // select$xh->close(); // div$xh->add_attribute("class", "form-group");$xh->tag('div');$xh->add_attribute("for", "wlPrice");$xh->tag('label', "Ceiling Price:");$xh->add_attribute("type", "text");$xh->add_attribute("class", "form-control");$xh->add_attribute("id", "wlPrice");$xh->single_tag('input');$xh->close(); // div$xh->close(); // div$xh->add_attribute("class", "modal-footer bg-secondary");$xh->tag('div');$xh->add_attribute("id", "saveEditedWl");$xh->add_attribute("type", "button");$xh->add_attribute("class", "btn btn-success");$xh->add_attribute("name", "submitBtn");$xh->add_attribute("value", "Save");$xh->tag('button', "Save");$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));$xh->tag('script');$str = trim('document.addEventListener("DOMContentLoaded", function() {');$str .= trim(' document.getElementById("saveEditedWl").addEventListener("click", function() {');$str .= trim(' saveEditedWishlist();');$str .= trim(' });');$str .= trim('});');$xh->insert_code($str);$xh->close(); // script$xh->add_attribute("type", "button");$xh->add_attribute("class", "btn btn-danger");$xh->add_attribute("data-dismiss", "modal");$xh->tag('button', "Cancel");$xh->close(); // div$xh->close(); // div$xh->close(); // div$xh->close(); // div$xh->close(); // div}else {$xh->add_attribute("class", "container bg-warning text-center py-3");$xh->tag('div');$xh->add_attribute("class", "display-6");$xh->tag('p');$xh->add_attribute("class", "material-icons");$xh->tag('i', "bookmark");$xh->tag('span', " Your wishlist is currently empty. Add matching albums from the search results.");$xh->close(); // p$xh->close(); // div}}else if (mysqli_errno($conn)) {error_log("MySQL Read Wishlist SQL: " . $sql);error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");}$html = $xh->flush();//error_log(print_r($html, 1));return $html;}function deleteWishlist($uid, $id) {$conn = MySessionHandler::getDBSessionId();$id = mysqli_real_escape_string($conn, $id);$uid = mysqli_real_escape_string($conn, $uid);$sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";if (!($result = mysqli_query($conn, $sql))) {error_log("MySQL Delete Wishlist SQL: " . $sql);error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");return -1;}return 0;}function updateWishlist($uid, $wlArr) {$nul = 'NULL';$conn = MySessionHandler::getDBSessionId();$modified = mysqli_real_escape_string($conn, time());$id = (empty($wlArr['id']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['id']) . "'");$uid = mysqli_real_escape_string($conn, $uid);$barcode = (empty($wlArr['barcode']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['barcode']) . "'");$title = isset($wlArr['title']) ? "'" . mysqli_real_escape_string($conn, $wlArr['title']) . "'" : "NULL";$artist = isset($wlArr['artist']) ? "'" . mysqli_real_escape_string($conn, $wlArr['artist']) . "'" : "NULL";$cond = isset($wlArr['cond']) ? mysqli_real_escape_string($conn, $wlArr['cond']) : "Any";$format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";$currency = 'USD'; //bugbug$price = isset($wlArr['price']) ? "'" . mysqli_real_escape_string($conn, $wlArr['price']) . "'" : "NULL";$sql = "UPDATE wishlistSET modified='$modified', barcode=" . $barcode . ", title=" . $title . ", artist=" . $artist . ", cond='$cond', format='$format', price=" . $price . "WHERE id=$id and uid=$uid";if ($result = mysqli_query($conn, $sql)) {return 0;}else {error_log("MySQL Update Wishlist SQL: " . $sql);error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");return -1;}return -1;}function unsubscribeWishlist($arr) {if (empty($arr['id']) || empty($arr['email'])) {return "";}$conn = MySessionHandler::getDBSessionId();$modified = mysqli_real_escape_string($conn, time());$id = mysqli_real_escape_string($conn, $arr['id']);$email = mysqli_real_escape_string($conn, $arr['email']);$sql = "UPDATE usersSET wlEmailFlag = '0'WHERE id=$id and email='$email'";if (!($result = mysqli_query($conn, $sql))) {error_log("MySQL Update Wishlist SQL: " . $sql);error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");}$xh = new Html;$xh->init($_SESSION["htmlIndent"]);$xh->add_attribute("class", "container text-center bg-warning p-3 rounded");$xh->tag('div');$xh->add_attribute("class", "display-6 font-weight-bold");$xh->tag('p', "The wishlist price check emails for " . $email . " have been turned off.");$xh->tag('p', "You can reinstate the emails at any time by setting the option 'Email Price Checks' for your account back to 'Yes'.");$xh->close(); // div>";$html = $xh->flush();//error_log(print_r($html, 1));return $html;}function checkPriceMonitor() {if (empty($_SESSION['sessData']['userID'])) {unset($_SESSION['priceMonitor']);return -1;}$conn = MySessionHandler::getDBSessionId();$uid = $_SESSION['sessData']['userID'];$sql = "SELECT created, accessFROM pricemonitorWHERE userId = '$uid'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {if ($row = mysqli_fetch_assoc($result)) {$_SESSION['priceMonitor']['created'] = $row['created'];$_SESSION['priceMonitor']['access'] = $row['access'];if ($_SESSION['priceMonitor']['created'] > $_SESSION['priceMonitor']['access']) {$_SESSION['priceMonitor']['newFlag'] = true;} else {$_SESSION['priceMonitor']['newFlag'] = false;}return 0;}}}else if (mysqli_errno($conn)) {error_log("MySQL Read Price Monitor SQL: " . $sql);error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");}return -1;}function getPriceMonitor() {$xh = new Html;$xh->init($_SESSION["htmlIndent"]);if (!isLoggedIn()) {$xh->add_attribute("class", "container bg-warning text-center py-3");$xh->tag('div');$xh->add_attribute("class", "display-6");$xh->tag('p');$xh->add_attribute("class", "material-icons");$xh->tag('i', "error_outline");$xh->tag('span', " Please login to your Find Cheap Music account in order to see the price monitor results.");$xh->close(); // p$xh->close(); // div$html = $xh->flush();//error_log(print_r($html, 1));return $html;}$conn = MySessionHandler::getDBSessionId();$uid = $_SESSION['sessData']['userID'];$sql = "SELECT dataFROM pricemonitorWHERE userId = '$uid'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {if ($row = mysqli_fetch_assoc($result)) {$access = mysqli_real_escape_string($conn, time());$sql = "UPDATE pricemonitorSET access = $accessWHERE userId = '$uid'";if (!($result = mysqli_query($conn, $sql))) {error_log("MySQL Update Price Monitor SQL: " . $sql);error_log("MySQL Update Price Monitor Error: " . mysqli_error($conn) . " (" . $error . ")");}$html = gzdecode(base64_decode($row['data']));$html = str_replace(base64_encode("xxxNONCExxx"), base64_encode($_SESSION["nonce"]), $html);return ($html);}}}else if (mysqli_errno($conn)) {error_log("MySQL Read Price Monitor SQL: " . $sql);error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");}$xh->add_attribute("class", "container bg-warning text-center py-3");$xh->tag('div');$xh->add_attribute("class", "display-6");$xh->tag('p');$xh->add_attribute("class", "material-icons");$xh->tag('i', "bookmark");$xh->tag('span', " Your price monitor list is currently empty.");$xh->close(); // p$xh->close(); // div$html = $xh->flush();//error_log(print_r($html, 1));return $html;}