Rev 52 | Rev 61 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<?phpinclude_once('php/clsLibGTIN.php');include_once('php/constants.php');error_reporting(E_ALL);// add new entry to wishlistfunction addWishlist($uid, $wlArr) {$nul = 'NULL';$conn = MySessionHandler::getDBSessionId();$created = mysqli_real_escape_string($conn, time());$modified = $created;$uid = mysqli_real_escape_string($conn, $uid);$mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";$rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";$barcode = (empty($wlArr->{'barcode'}) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr->{'barcode'}) . "'");$title = isset($wlArr->{'title'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'title'}) . "'" : "NULL";$artist = isset($wlArr->{'artist'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'artist'}) . "'" : "NULL";$format = 'Any';$currency = 'USD'; //bugbug$price = 'NULL';$url = isset($wlArr->{'url'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'url'}) . "'" : "NULL";$thumbnail = isset($wlArr->{'thumbnail'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) . "'" : "NULL";$sql = "INSERTINTO wishlist(id, created, modified, uid, mid, rid, barcode, title, artist, format, currency, price, url, thumbnail)VALUES (NULL, '$created', '$modified', '$uid', '$mid', '$rid', " . $barcode . ", " . $title . ", " . $artist . ", '$format', '$currency', '$price', " . $url . ", " . $thumbnail . ")";if ($result = mysqli_query($conn, $sql)) {return 0;} else {$error = mysqli_errno($conn);if ($error == 1062) {return 1;} else {error_log("MySQL Read Wishlist SQL: " . $sql);error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");return -1;}}return -1;}function checkWishlist($type, $id) {$conn = MySessionHandler::getDBSessionId();$uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);$sql = "SELECT idFROM wishlistWHERE uid = '$uid' and " . ($type == "master" ? "mid" : "rid") . " = '$id'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {return true;}} else if (mysqli_errno($conn)) {error_log("MySQL Check Wishlist SQL: " . $sql);error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");return true;}return false;}function getWishlist() {$str = '';$conn = MySessionHandler::getDBSessionId();$uid = $_SESSION['sessData']['userID'];$sql = "SELECT *FROM wishlistWHERE uid = '$uid'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {$str .= "<div class=\"container\">";$str .= "<div class=\"input-group mt-3\">";$str .= "<div class=\"input-group-prepend\">";$str .= "<span class=\"input-group-text\"><i class=\"fas fa-search\"></i></span>";$str .= "</div>";$str .= "<input type=\"text\" class=\"form-control\" id=\"tableFilter\" onkeyup=\"filterWishlist();\" placeholder=\"Search for names..\">";$str .= "<div class=\"input-group-append\" id=\"tableFilterButton\">";$str .= "<button type=\"button\" class=\"btn rounded\" onclick=\"document.getElementById('tableFilter').value='';filterWishlist();\"><i class=\"fas fa-window-close\"></i></button>";$str .= "</div>";$str .= "</div>";$str .= "<div class=\"table-responsive\">";$str .= "<table id=\"wishlistTable\" class=\"table table-striped table-condensed small\">";$str .= "<thead class=\"thead-dark sticky-top\">";$str .= "<tr><th></th>";$str .= "<th class=\"text-left cursor-pointer\" onclick=\"sortTable('wishlistTable', 1, 'text')\"><span class=\"nowrap\">Artist <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"text-left cursor-pointer\" onclick=\"sortTable('wishlistTable', 2, 'text')\"><span class=\"text-nowrap\">Title <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"d-none\"></th>";$str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 4, 'text')\"><span class=\"text-nowrap\">Barcode <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 5, 'text')\"><span class=\"text-nowrap\">Format <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"d-none\">Ceiling Price Number</th>";$str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 6, 'currency')\"><span class=\"text-nowrap\">Price <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th></th><th class=\"d-none\"></th></tr></thead>";$str .= "<tbody>";while($row = mysqli_fetch_assoc($result)) {$artist = (empty($row["artist"]) ? "Various" : sanitizeInput2($row["artist"]));$altText = "Image for " . sanitizeInput2($row['title']) . " by " . $artist;$price = print_monetary($row['price'], $row['currency']);$searchTitle = 'Searching for:<br><br><strong>' . sanitizeInput2($row['title']) . " by " . $artist;if ($row['barcode'] !== null) {$searchTitle .= " (" . displayBarcode($row['barcode']) . ")";}$searchTitle .= "</strong>";$str .= "<form method=\"post\" action=\"/index.php\">";$str .= " <input type=\"hidden\" name=\"sessionTab\" value=\"" . MySessionHandler::getSessionTab() . "\">";$str .= " <input type=\"hidden\" name=\"discogsTitle\" value=\"" . sanitizeInput2($row['title']) . "\">";$str .= " <input type=\"hidden\" name=\"discogsArtist\" value=\"" . sanitizeInput2($row['artist']) . "\">";$str .= " <input type=\"hidden\" name=\"discogsBarcode\" value=\"" . $row['barcode'] . "\">";$str .= "<tr>";$str .= "<td><img class=\"img-fluid wishlist-img\" src=\"" . $row["thumbnail"] . "\" alt=\"$altText\"></td>";$str .= "<td>$artist</td>";$str .= "<td>" . $row['title'] . "</td>";$str .= "<td class=\"d-none\">" . $row['barcode'] . "</td>";$str .= "<td>" . displayBarcode($row['barcode']) . "</td>";$str .= "<td>" . $row['format'] . "</td>";$str .= "<td class=\"d-none\">" . $row['price'] . "</td>";$str .= "<td>" . $price . "</td>";$str .= "<td><span class=\"text-nowrap\"><button class=\"btn rounded btn-wishlist\" type=\"button\" onclick=\"editWishlist('" . $row["id"] . "',this); return true;\" data-toggle=\"tooltip\" title=\"Edit\"><i class=\"fas fa-edit\"></i></button>";$str .= "<button class=\"btn rounded btn-wishlist\" type=\"button\" onclick=\"deleteWishlist('" . $row["id"] . "',this,'" . sanitizeInput2($row['title']) . "','" . $artist . "'); return true;\" data-toggle=\"tooltip\" title=\"Delete\"><i class=\"fas fa-window-close btn-wishlist-delete\"></i></button>";$str .= "<button class=\"btn rounded btn-wishlist\" type=\"button\" data-toggle=\"tooltip\" title=\"Information\"><a href=\"" . $row['url'] . "\" target=\"_blank\"><i class=\"fas fa-info-circle\"></i></a></button>";$str .= "<button type=\"submit\" name=\"submit\" value=\"discogsSearch\" class=\"btn rounded btn-wishlist\" onclick=\"progressBar('" . sanitizeInput2($searchTitle) . "');\"><i class=\"fas fa-search\" title=\"Search for Sales Offers\" data-toggle=\"tooltip\"></i></button></span></td>";$str .= "<td class=\"d-none\" id=\"wlIdRow" . $row['id'] . "\"></td>";$str .= "</tr>";$str .= "</form>";}$str .= "</tbody>";$str .= "</table>";$str .= "</div>";$str .= '<div class="modal fade" id="editWishlistModal">';$str .= ' <div class="modal-dialog">';$str .= ' <div class="modal-content">';$str .= ' <div class="modal-header bg-primary">';$str .= ' <h4 class="modal-title">Edit Wishlist Entry</h4>';$str .= ' </div>';$str .= ' <span class="mt-0" id="wlMsg"></span>';$str .= ' <input type="hidden" name="sessionTab" value="' . MySessionHandler::getSessionTab() . '">';$str .= ' <input type="hidden" name="wlId" id="wlId">';$str .= ' <div class="modal-body">';$str .= ' <div class="form-group">';$str .= ' <label for="wlArtist">Artist:</label>';$str .= ' <input type="text" class="form-control" id="wlArtist">';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlTitle">Title:</label>';$str .= ' <input type="text" class="form-control" id="wlTitle">';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlBarcode">Barcode:</label>';$str .= ' <input type="text" class="form-control" id="wlBarcode">';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlFormat">Format:</label>';$str .= ' <select class="form-control" id="wlFormat">';$str .= ' <option>Any</option>';$str .= ' <option>CD</option>';$str .= ' <option>Record</option>';$str .= ' <option>Digital</option>';$str .= ' <option>Book</option>';$str .= ' </select>';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlPrice">Ceiling Price:</label>';$str .= ' <input type="text" class="form-control" id="wlPrice">';$str .= ' </div>';$str .= ' </div>';$str .= ' <div class="modal-footer bg-primary">';$str .= ' <button type="button" class="btn btn-success" name="submit" value="Save" onclick="saveEditedWishlist(); return true;">Save</button>';$str .= ' <button type="button" class="btn btn-danger" data-dismiss="modal">Cancel</button>';$str .= ' </div>';$str .= ' </div>';$str .= ' </div>';$str .= '</div>';$str .= '</div>';} else {$str .= "<div class=\"container bg-warning text-center py-3\"><h3><i class=\"fas fa-bookmark\"></i> Your wishlist is currently empty. Add matching albums from the search results.</h3></div>";}} else if (mysqli_errno($conn)) {error_log("MySQL Read Wishlist SQL: " . $sql);error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");}return $str;}function deleteWishlist($uid, $id) {$conn = MySessionHandler::getDBSessionId();$id = mysqli_real_escape_string($conn, $id);$uid = mysqli_real_escape_string($conn, $uid);$sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";if (!($result = mysqli_query($conn, $sql))) {error_log("MySQL Delete Wishlist SQL: " . $sql);error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");return -1;}return 0;}function updateWishlist($uid, $wlArr) {$nul = 'NULL';$conn = MySessionHandler::getDBSessionId();$modified = mysqli_real_escape_string($conn, time());$id = (empty($wlArr['id']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['id']) . "'");$uid = mysqli_real_escape_string($conn, $uid);$barcode = (empty($wlArr['barcode']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['barcode']) . "'");$title = isset($wlArr['title']) ? "'" . mysqli_real_escape_string($conn, $wlArr['title']) . "'" : "NULL";$artist = isset($wlArr['artist']) ? "'" . mysqli_real_escape_string($conn, $wlArr['artist']) . "'" : "NULL";$format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";$currency = 'USD'; //bugbug$price = isset($wlArr['price']) ? "'" . mysqli_real_escape_string($conn, $wlArr['price']) . "'" : "NULL";$sql = "UPDATE wishlistSET modified='$modified', barcode=" . $barcode . ", title=" . $title . ", artist=" . $artist . ", format='$format', price=" . $price . "WHERE id=$id and uid=$uid";if ($result = mysqli_query($conn, $sql)) {return 0;} else {error_log("MySQL Update Wishlist SQL: " . $sql);error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");return -1;}return -1;}