Rev 79 | Rev 86 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<?phpinclude_once ('php/clsLibGTIN.php');include_once ('php/constants.php');error_reporting(E_ALL);// add new entry to wishlistfunction addWishlist($uid, $wlArr) {$nul = 'NULL';$conn = MySessionHandler::getDBSessionId();$created = mysqli_real_escape_string($conn, time());$modified = $created;$uid = mysqli_real_escape_string($conn, $uid);$mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";$rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";$asin = isset($wlArr->{'asin'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'asin'}) . "'" : "NULL";$barcode = (empty($wlArr->{'barcode'}) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr->{'barcode'}) . "'");$title = isset($wlArr->{'title'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'title'}) . "'" : "NULL";$artist = isset($wlArr->{'artist'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'artist'}) . "'" : "NULL";$cond = 'Any';$format = 'Any';$currency = 'USD'; //bugbug$price = 'NULL';$url = isset($wlArr->{'url'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'url'}) . "'" : "NULL";$thumbnail = isset($wlArr->{'thumbnail'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) . "'" : "NULL";$sql = "INSERTINTO wishlist(id, created, modified, uid, mid, rid, asin, barcode, title, artist, cond, format, currency, price, url, thumbnail)VALUES (NULL, '$created', '$modified', '$uid', '$mid', '$rid', " . $asin . ", " . $barcode . ", " . $title . ", " . $artist . ", '$cond', '$format', '$currency', '$price', " . $url . ", " . $thumbnail . ")";if ($result = mysqli_query($conn, $sql)) {return 0;}else {$error = mysqli_errno($conn);if ($error == 1062) {return 1;}else {error_log("MySQL Read Wishlist SQL: " . $sql);error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");return -1;}}return -1;}function checkWishlist($type, $id) {$conn = MySessionHandler::getDBSessionId();if ($type == "master") {$colName = "mid";} else if ($type == "release") {$colName = "rid";} else if ($type == "asin") {$colName = "asin";}$uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);$sql = "SELECT idFROM wishlistWHERE uid = '$uid' and $colName = '$id'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {return true;}}else if (mysqli_errno($conn)) {error_log("MySQL Check Wishlist SQL: " . $sql);error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");return true;}return false;}function getWishlist() {$str = '';$conn = MySessionHandler::getDBSessionId();$uid = $_SESSION['sessData']['userID'];$sql = "SELECT *FROM wishlistWHERE uid = '$uid'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {$str .= "<div class=\"container\">";$str .= "<div class=\"input-group mt-3\">";$str .= "<div class=\"input-group-prepend\">";$str .= "<span class=\"input-group-text\"><i class=\"fas fa-search\"></i></span>";$str .= "</div>";$str .= "<input type=\"text\" class=\"form-control\" id=\"tableFilter\" onkeyup=\"filterWishlist();\" placeholder=\"Search for..\">";$str .= "<div class=\"input-group-append\" id=\"tableFilterButton\">";$str .= "<button type=\"button\" class=\"btn rounded\" onclick=\"document.getElementById('tableFilter').value='';filterWishlist();\"><i class=\"fas fa-window-close\"></i></button>";$str .= "</div>";$str .= "</div>";$str .= "<form method=\"post\" action=\"/index.php\">";$str .= "<input type=\"hidden\" name=\"sessionTab\" value=\"" . MySessionHandler::getSessionTab() . "\">";$str .= "<input id=\"discogsTitle\" type=\"hidden\" name=\"discogsTitle\" value=\"\">";$str .= "<input id=\"discogsArtist\" type=\"hidden\" name=\"discogsArtist\" value=\"\">";$str .= "<input id=\"discogsBarcode\" type=\"hidden\" name=\"discogsBarcode\" value=\"\">";$str .= "<div class=\"table\">";$str .= "<table id=\"wishlistTable\" class=\"table table-striped table-condensed table-hover small bg-info\">";$str .= "<thead class=\"thead-dark table-header-sticky\">";$str .= "<tr><th></th>";$str .= "<th class=\"text-left cursor-pointer\" onclick=\"sortTable('wishlistTable', 1, 'text')\"><span class=\"nowrap\">Artist <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"text-left cursor-pointer\" onclick=\"sortTable('wishlistTable', 2, 'text')\"><span class=\"text-nowrap\">Title <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"d-none\"></th>";$str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 4, 'text')\"><span class=\"text-nowrap\">Barcode <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 5, 'text')\"><span class=\"text-nowrap\">Condition <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 6, 'text')\"><span class=\"text-nowrap\">Format <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th class=\"d-none\">Ceiling Price Number</th>";$str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 7, 'currency')\"><span class=\"text-nowrap\">Price <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";$str .= "<th></th><th class=\"d-none\"></th></tr></thead>";$str .= "<tbody>";while ($row = mysqli_fetch_assoc($result)) {$artist = (empty($row["artist"]) ? "Various" : sanitizeInput2($row["artist"]));$altText = "Image for " . sanitizeInput2($row['title']) . " by " . $artist;$price = print_monetary($row['price'], $row['currency']);$searchTitle = 'Searching for:<br><br><strong>' . sanitizeInput2($row['title']) . " by " . $artist;if ($row['barcode'] !== null) {$searchTitle .= " (" . displayBarcode($row['barcode']) . ")";}$searchTitle .= "</strong>";$str .= "<tr>";$str .= "<td><img class=\"img-fluid wishlist-img\" src=\"" . $row["thumbnail"] . "\" alt=\"" . $altText . "\"></td>";$str .= "<td>$artist</td>";$str .= "<td>" . $row['title'] . "</td>";$str .= "<td class=\"d-none\">" . $row['barcode'] . "</td>";$str .= "<td>" . displayBarcode($row['barcode']) . "</td>";$str .= "<td>" . $row['cond'] . "</td>";$str .= "<td>" . $row['format'] . "</td>";$str .= "<td class=\"d-none\">" . $row['price'] . "</td>";$str .= "<td>" . $price . "</td>";$str .= "<td><span class=\"text-nowrap\"><button class=\"btn rounded btn-wishlist\" type=\"button\" onclick=\"editWishlist('" . $row["id"] . "',this); return true;\" data-toggle=\"tooltip\" title=\"Edit\"><i class=\"fas fa-edit\"></i></button>";$str .= "<button class=\"btn rounded btn-wishlist\" type=\"button\" onclick=\"deleteWishlist('" . $row["id"] . "',this,'" . sanitizeInput2($row['title']) . "','" . $artist . "'); return true;\" data-toggle=\"tooltip\" title=\"Delete\"><i class=\"fas fa-window-close\"></i></button>";$str .= "<a class=\"btn rounded btn-wishlist\" role=\"button\" data-toggle=\"tooltip\" title=\"Information\" href=\"" . $row['url'] . "\" target=\"_blank\"><i class=\"fas fa-info-circle\"></i></a>";$str .= "<button type=\"submit\" name=\"submit\" value=\"discogsSearch\" class=\"btn rounded btn-wishlist\" onclick=\"document.getElementById('discogsTitle').value = '" . sanitizeInput2($row['title']) . "';document.getElementById('discogsArtist').value = '" . sanitizeInput2($row['artist']) . "';document.getElementById('discogsBarcode').value = '" . sanitizeInput2($row['barcode']) . "';progressBar('" . sanitizeInput2($searchTitle) . "');\"><i class=\"fas fa-search\" title=\"Search for Sales Offers\" data-toggle=\"tooltip\"></i></button></span></td>";$str .= "<td class=\"d-none\" id=\"wlIdRow" . $row['id'] . "\"></td>";$str .= "</tr>";}$str .= "</tbody>";$str .= "</table>";$str .= "</div>";$str .= "</form>";$str .= '<div class="modal fade" id="editWishlistModal">';$str .= ' <div class="modal-dialog">';$str .= ' <div class="modal-content">';$str .= ' <div class="modal-header bg-primary">';$str .= ' <h4 class="modal-title">Edit Wishlist Entry</h4>';$str .= ' </div>';$str .= ' <span class="mt-0" id="wlMsg"></span>';$str .= ' <input type="hidden" name="sessionTab" value="' . MySessionHandler::getSessionTab() . '">';$str .= ' <input type="hidden" name="wlId" id="wlId">';$str .= ' <div class="modal-body">';$str .= ' <div class="form-group">';$str .= ' <label for="wlArtist">Artist:</label>';$str .= ' <input type="text" class="form-control" id="wlArtist">';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlTitle">Title:</label>';$str .= ' <input type="text" class="form-control" id="wlTitle">';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlBarcode">Barcode:</label>';$str .= ' <input type="text" class="form-control" id="wlBarcode">';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlCond">Condition:</label>';$str .= ' <select class="form-control" id="wlCond">';$str .= ' <option>Any</option>';$str .= ' <option>New</option>';$str .= ' <option>Used</option>';$str .= ' </select>';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlFormat">Format:</label>';$str .= ' <select class="form-control" id="wlFormat">';$str .= ' <option>Any</option>';$str .= ' <option>CD</option>';$str .= ' <option>Record</option>';$str .= ' <option>Digital</option>';$str .= ' <option>Book</option>';$str .= ' </select>';$str .= ' </div>';$str .= ' <div class="form-group">';$str .= ' <label for="wlPrice">Ceiling Price:</label>';$str .= ' <input type="text" class="form-control" id="wlPrice">';$str .= ' </div>';$str .= ' </div>';$str .= ' <div class="modal-footer bg-primary">';$str .= ' <button type="button" class="btn btn-success" name="submit" value="Save" onclick="saveEditedWishlist(); return true;">Save</button>';$str .= ' <button type="button" class="btn btn-danger" data-dismiss="modal">Cancel</button>';$str .= ' </div>';$str .= ' </div>';$str .= ' </div>';$str .= '</div>';$str .= '</div>';}else {$str .= "<div class=\"container bg-warning text-center py-3\"><h3><i class=\"fas fa-bookmark\"></i> Your wishlist is currently empty. Add matching albums from the search results.</h3></div>";}}else if (mysqli_errno($conn)) {error_log("MySQL Read Wishlist SQL: " . $sql);error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");}return $str;}function deleteWishlist($uid, $id) {$conn = MySessionHandler::getDBSessionId();$id = mysqli_real_escape_string($conn, $id);$uid = mysqli_real_escape_string($conn, $uid);$sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";if (!($result = mysqli_query($conn, $sql))) {error_log("MySQL Delete Wishlist SQL: " . $sql);error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");return -1;}return 0;}function updateWishlist($uid, $wlArr) {$nul = 'NULL';$conn = MySessionHandler::getDBSessionId();$modified = mysqli_real_escape_string($conn, time());$id = (empty($wlArr['id']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['id']) . "'");$uid = mysqli_real_escape_string($conn, $uid);$barcode = (empty($wlArr['barcode']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['barcode']) . "'");$title = isset($wlArr['title']) ? "'" . mysqli_real_escape_string($conn, $wlArr['title']) . "'" : "NULL";$artist = isset($wlArr['artist']) ? "'" . mysqli_real_escape_string($conn, $wlArr['artist']) . "'" : "NULL";$cond = isset($wlArr['cond']) ? mysqli_real_escape_string($conn, $wlArr['cond']) : "Any";$format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";$currency = 'USD'; //bugbug$price = isset($wlArr['price']) ? "'" . mysqli_real_escape_string($conn, $wlArr['price']) . "'" : "NULL";$sql = "UPDATE wishlistSET modified='$modified', barcode=" . $barcode . ", title=" . $title . ", artist=" . $artist . ", cond='$cond', format='$format', price=" . $price . "WHERE id=$id and uid=$uid";if ($result = mysqli_query($conn, $sql)) {return 0;}else {error_log("MySQL Update Wishlist SQL: " . $sql);error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");return -1;}return -1;}function unsubscribeWishlist($arr) {$conn = MySessionHandler::getDBSessionId();$modified = mysqli_real_escape_string($conn, time());$id = mysqli_real_escape_string($conn, $arr['id']);$email = mysqli_real_escape_string($conn, $arr['email']);$sql = "UPDATE usersSET wlEmailFlag = '0'WHERE id=$id and email='$email'";if (!($result = mysqli_query($conn, $sql))) {error_log("MySQL Update Wishlist SQL: " . $sql);error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");}$str = "<div class=\"container text-center bg-warning p-3 rounded\">";$str .= "<p class=\"display-6 font-weight-bold\">The wishlist price check emails for " . $email . " have been turned off</p>";$str .= "<p>You can reinstate the emails at any time by setting the option 'Email Price Checks' for your account back to 'Yes'.</p>";$str .= "</div>";return $str;}function checkPriceMonitor() {if (empty($_SESSION['sessData']['userID'])) {unset($_SESSION['priceMonitor']);return -1;}$conn = MySessionHandler::getDBSessionId();$uid = $_SESSION['sessData']['userID'];$sql = "SELECT created, accessFROM pricemonitorWHERE userId = '$uid'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {if ($row = mysqli_fetch_assoc($result)) {$_SESSION['priceMonitor']['created'] = $row['created'];$_SESSION['priceMonitor']['access'] = $row['access'];if (!empty($_SESSION['priceMonitor']['created']) && !empty($_SESSION['priceMonitor']['access'])&& $_SESSION['priceMonitor']['created'] > $_SESSION['priceMonitor']['access']) {$_SESSION['priceMonitor']['newFlag'] = true;} else {$_SESSION['priceMonitor']['newFlag'] = false;}return 0;}}}else if (mysqli_errno($conn)) {error_log("MySQL Read Price Monitor SQL: " . $sql);error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");}return -1;}function getPriceMonitor() {$conn = MySessionHandler::getDBSessionId();$uid = $_SESSION['sessData']['userID'];$sql = "SELECT dataFROM pricemonitorWHERE userId = '$uid'";if ($result = mysqli_query($conn, $sql)) {if (mysqli_num_rows($result) > 0) {if ($row = mysqli_fetch_assoc($result)) {$access = mysqli_real_escape_string($conn, time());$sql = "UPDATE pricemonitorSET access = $accessWHERE userId = '$uid'";if (!($result = mysqli_query($conn, $sql))) {error_log("MySQL Update Price Monitor SQL: " . $sql);error_log("MySQL Update Price Monitor Error: " . mysqli_error($conn) . " (" . $error . ")");}return($row['data']);}}}else if (mysqli_errno($conn)) {error_log("MySQL Read Price Monitor SQL: " . $sql);error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");}return "";}