Rev 127 | Rev 134 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
include_once ('php/clsLibGTIN.php');
include_once ('php/constants.php');
// add new entry to wishlist
function addWishlist($uid, $wlArr) {
$nul = 'NULL';
$conn = MySessionHandler::getDBSessionId();
$created = mysqli_real_escape_string($conn, time());
$modified = $created;
$uid = mysqli_real_escape_string($conn, $uid);
$mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";
$rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";
$asin = isset($wlArr->{'asin'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'asin'}) . "'" : "NULL";
$barcode = (empty($wlArr->{'barcode'}) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr->{'barcode'}) . "'");
$title = isset($wlArr->{'title'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'title'}) . "'" : "NULL";
$artist = isset($wlArr->{'artist'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'artist'}) . "'" : "NULL";
$cond = 'Any';
$format = 'Any';
$currency = 'USD'; //bugbug
$price = 'NULL';
$url = isset($wlArr->{'url'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'url'}) . "'" : "NULL";
$thumbnail = isset($wlArr->{'thumbnail'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) . "'" : "NULL";
$ip = inet_pton($_SERVER['REMOTE_ADDR']);
$sql = "INSERT
INTO wishlist
(id, created, ip, modified, uid, mid, rid, asin, barcode, title, artist, cond, format, currency, price, url, thumbnail)
VALUES (NULL, '$created', '$ip', '$modified', '$uid', '$mid', '$rid', " . $asin . ", " . $barcode . ", " . $title . ", " . $artist . ", '$cond', '$format', '$currency', '$price', " . $url . ", " . $thumbnail . ")";
if ($result = mysqli_query($conn, $sql)) {
return 0;
else {
$error = mysqli_errno($conn);
if ($error == 1062) {
return 1;
else {
error_log("MySQL Read Wishlist SQL: " . $sql);
error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");
return -1;
return -1;
function checkWishlist($type, $id) {
$conn = MySessionHandler::getDBSessionId();
if ($type == "master") {
$colName = "mid";
} else if ($type == "release") {
$colName = "rid";
} else if ($type == "asin") {
$colName = "asin";
$uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);
$sql = "SELECT id
FROM wishlist
WHERE uid = '$uid' and $colName = '$id'";
if ($result = mysqli_query($conn, $sql)) {
if (mysqli_num_rows($result) > 0) {
return true;
else if (mysqli_errno($conn)) {
error_log("MySQL Check Wishlist SQL: " . $sql);
error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
return true;
return false;
function getWishlist() {
$xh = new Html;
if (!isLoggedIn()) {
$xh->add_attribute("class", "container bg-warning text-center py-3");
$xh->add_attribute("class", "display-6");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "error_outline");
$xh->tag('span', " Please login to your Find Cheap Music account in order to maintain the wishlist.");
$xh->close(); // p
$xh->close(); // div
$html = $xh->flush();
//error_log(print_r($html, 1));
return $html;
$conn = MySessionHandler::getDBSessionId();
$uid = $_SESSION['sessData']['userID'];
$sql = "SELECT *
FROM wishlist
WHERE uid = '$uid'";
if ($result = mysqli_query($conn, $sql)) {
if (mysqli_num_rows($result) > 0) {
$xh->add_attribute("class", "container");
$xh->add_attribute("class", "input-group mt-3");
$xh->add_attribute("class", "input-group-prepend");
$xh->add_attribute("class", "input-group-text");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "search");
$xh->close(); // span
$xh->close(); // div
$xh->add_attribute("type", "text");
$xh->add_attribute("class", "form-control");
$xh->add_attribute("id", "tableFilter");
$xh->add_attribute("placeholder", "Search for..");
$xh->add_attribute("aria-label", "Search for entry");
$xh->add_attribute("id", "tableFilterButton");
$xh->add_attribute("class", "input-group-append");
$xh->add_attribute("id", "tableFilterReset");
$xh->add_attribute("type", "button");
$xh->add_attribute("class", "btn rounded");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "cancel_presentation");
$xh->close(); // button
$xh->close(); // div
$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));
$str = trim('document.addEventListener("DOMContentLoaded", function() {');
$str .= trim(' document.getElementById("tableFilter").addEventListener("keyup", function() {');
$str .= trim(' filterWishlist();');
$str .= trim(' });');
$str .= trim(' document.getElementById("tableFilterReset").addEventListener("click", function() {');
$str .= trim(' document.getElementById("tableFilter").value = "";');
$str .= trim(' filterWishlist();');
$str .= trim(' });');
$str .= trim('});');
$xh->close(); // script
$xh->close(); // div
$xh->add_attribute("method", "post");
$xh->add_attribute("action", "/index.php");
$xh->add_attribute("id", "discogsTitle");
$xh->add_attribute("type", "hidden");
$xh->add_attribute("name", "discogsTitle");
$xh->add_attribute("value", "");
$xh->add_attribute("id", "discogsArtist");
$xh->add_attribute("type", "hidden");
$xh->add_attribute("name", "discogsArtist");
$xh->add_attribute("value", "");
$xh->add_attribute("id", "discogsBarcode");
$xh->add_attribute("type", "hidden");
$xh->add_attribute("name", "discogsBarcode");
$xh->add_attribute("value", "");
$xh->add_attribute("class", "table");
$xh->add_attribute("id", "wishlistTable");
$xh->add_attribute("class", "table table-striped table-condensed table-hover small");
$xh->add_attribute("class", "head-dark table-header-sticky");
$xh->add_attribute("class", "hide-medium");
$xh->tag('th', "");
$xh->add_attribute("id", "sortColumn1");
$xh->add_attribute("class", "text-left cursor-pointer");
$xh->add_attribute("class", "nowrap");
$xh->tag('span', "Artist");
$xh->add_attribute("class", "d-block d-md-none");
$xh->tag('span', "<br>");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");
$xh->tag('i', "arrow_drop_up");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");
$xh->tag('i', "arrow_drop_down");
$xh->close(); // span
$xh->close(); // th
$xh->add_attribute("id", "sortColumn2");
$xh->add_attribute("class", "text-left cursor-pointer");
$xh->add_attribute("class", "nowrap");
$xh->tag('span', "Title");
$xh->add_attribute("class", "d-block d-md-none");
$xh->tag('span', "<br>");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");
$xh->tag('i', "arrow_drop_up");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");
$xh->tag('i', "arrow_drop_down");
$xh->close(); // span
$xh->close(); // th
$xh->add_attribute("id", "sortColumn3");
$xh->add_attribute("class", "d-none");
$xh->tag('th', "");
$xh->add_attribute("id", "sortColumn4");
$xh->add_attribute("class", "cursor-pointer hide-medium hide-small");
$xh->add_attribute("class", "nowrap");
$xh->tag('span', "Barcode");
$xh->add_attribute("class", "d-block d-md-none");
$xh->tag('span', "<br>");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");
$xh->tag('i', "arrow_drop_up");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");
$xh->tag('i', "arrow_drop_down");
$xh->close(); // span
$xh->close(); // th
$xh->add_attribute("id", "sortColumn5");
$xh->add_attribute("class", "cursor-pointer hide-small");
$xh->add_attribute("class", "nowrap");
$xh->tag('span', "Condition");
$xh->add_attribute("class", "d-block d-md-none");
$xh->tag('span', "<br>");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");
$xh->tag('i', "arrow_drop_up");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");
$xh->tag('i', "arrow_drop_down");
$xh->close(); // span
$xh->close(); // th
$xh->add_attribute("id", "sortColumn6");
$xh->add_attribute("class", "cursor-pointer hide-small");
$xh->add_attribute("class", "nowrap");
$xh->tag('span', "Format");
$xh->add_attribute("class", "d-block d-md-none");
$xh->tag('span', "<br>");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");
$xh->tag('i', "arrow_drop_up");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");
$xh->tag('i', "arrow_drop_down");
$xh->close(); // span
$xh->close(); // th
$xh->add_attribute("class", "d-none");
$xh->tag('th', "Ceiling Price Plain Number");
$xh->add_attribute("id", "sortColumn7");
$xh->add_attribute("class", "cursor-pointer");
$xh->add_attribute("class", "nowrap");
$xh->tag('span', "Price");
$xh->add_attribute("class", "d-block d-md-none");
$xh->tag('span', "<br>");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");
$xh->tag('i', "arrow_drop_up");
$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");
$xh->tag('i', "arrow_drop_down");
$xh->close(); // span
$xh->close(); // th
$xh->tag('th', "");
$xh->add_attribute("class", "d-none");
$xh->tag('th', "");
$xh->close(); // tr
$xh->close(); // thead
$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));
$str = trim('document.addEventListener("DOMContentLoaded", function() {');
$str .= trim(' document.getElementById("sortColumn1").addEventListener("click", function() {');
$str .= trim(' sortTable("wishlistTable", 1, "text");');
$str .= trim(' });');
$str .= trim(' document.getElementById("sortColumn2").addEventListener("click", function() {');
$str .= trim(' sortTable("wishlistTable", 2, "text");');
$str .= trim(' });');
$str .= trim(' document.getElementById("sortColumn4").addEventListener("click", function() {');
$str .= trim(' sortTable("wishlistTable", 4, "text");');
$str .= trim(' });');
$str .= trim(' document.getElementById("sortColumn5").addEventListener("click", function() {');
$str .= trim(' sortTable("wishlistTable", 5, "text");');
$str .= trim(' });');
$str .= trim(' document.getElementById("sortColumn6").addEventListener("click", function() {');
$str .= trim(' sortTable("wishlistTable", 6, "text");');
$str .= trim(' });');
$str .= trim(' document.getElementById("sortColumn7").addEventListener("click", function() {');
$str .= trim(' sortTable("wishlistTable", 7, "numeric");');
$str .= trim(' });');
$str .= trim('});');
$xh->close(); // script
while ($row = mysqli_fetch_assoc($result)) {
$artist = (empty($row["artist"]) ? "Various" : htmlentities($row["artist"]));
$altText = "Image for " . htmlentities($row['title']) . " by " . $artist;
$price = print_monetary($row['price'], $row['currency']);
$searchTitle = 'Searching for:<br><br><strong>' . htmlentities($row['title']) . " by " . $artist;
if ($row['barcode'] !== null) {
$searchTitle .= " (" . displayBarcode($row['barcode']) . ")";
$searchTitle .= "</strong>";
$xh->add_attribute("class", "border");
$xh->add_attribute("data-id", $row['id']);
$xh->add_attribute("data-title", htmlentities($row['title']));
$xh->add_attribute("data-artist", $artist);
$xh->add_attribute("data-barcode", htmlentities($row['barcode']));
$xh->add_attribute("data-search-title", $searchTitle);
$xh->add_attribute("class", "hide-medium wl-img");
$xh->add_attribute("class", "img-fluid lazyload");
$xh->add_attribute("data-src", $row["thumbnail"]);
$xh->add_attribute("alt", $altText);
$xh->close(); // td
$xh->tag('td', $artist);
$xh->tag('td', htmlentities($row['title']));
$xh->add_attribute("class", "d-none");
$xh->tag('td', htmlentities($row['barcode']));
$xh->add_attribute("class", "hide-medium hide-small");
$xh->tag('td', displayBarcode($row['barcode']));
$xh->add_attribute("class", "hide-small");
$xh->tag('td', $row['cond']);
$xh->add_attribute("class", "hide-small");
$xh->tag('td', $row['format']);
$xh->add_attribute("class", "d-none");
$xh->tag('td', $row['price']);
$xh->tag('td', $price);
$xh->add_attribute("class", "text-nowrap");
$xh->add_attribute("id", "wlEditBtn" . $row['id']);
$xh->add_attribute("class", "btn btn-sm btn-warning rounded px-1");
$xh->add_attribute("type", "button");
$xh->add_attribute("data-toggle", "tooltip");
$xh->add_attribute("title", "Edit");
$xh->add_attribute("aria-label", "Edit Entry");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "edit");
$xh->close(); // button
$xh->tag('span' , " ");
$xh->add_attribute("id", "wlDeleteBtn" . $row['id']);
$xh->add_attribute("class", "btn btn-sm btn-danger rounded px-1");
$xh->add_attribute("type", "button");
$xh->add_attribute("data-toggle", "tooltip");
$xh->add_attribute("title", "Delete");
$xh->add_attribute("aria-label", "Delete Entry");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "cancel_presentation");
$xh->close(); // button
$xh->tag('span' , " ");
$xh->add_attribute("id", "wlInfoBtn" . $row['id']);
$xh->add_attribute("class", "btn btn-sm btn-info rounded px-1 hide-small");
$xh->add_attribute("role", "button");
$xh->add_attribute("data-toggle", "tooltip");
$xh->add_attribute("title", "Information");
$xh->add_attribute("aria-label", "Information for Entry");
$xh->add_attribute("href", htmlentities($row['url']));
$xh->add_attribute("target", "_blank", "rel", "noreferrer noopener");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "info_outline");
$xh->close(); // a
$xh->tag('span' , " ");
$xh->add_attribute("id", "wlSearchBtn" . $row['id']);
$xh->add_attribute("type", "submit");
$xh->add_attribute("name", "submit");
$xh->add_attribute("value", "discogsSearch");
$xh->add_attribute("class", "btn btn-sm btn-success rounded px-1");
$xh->add_attribute("class", "material-icons");
$xh->add_attribute("title", "Search for Store Offers");
$xh->add_attribute("aria-label", "Search Store Offers for Entry");
$xh->add_attribute("data-toggle", "tooltip");
$xh->tag('i', "search");
$xh->close(); // button
$xh->close(); // td
$xh->add_attribute("id", "wlIdRow" . $row['id']);
$xh->add_attribute("class", "d-none");
$xh->tag('td', "");
$xh->close(); // tr
$xh->close(); // tbody
$xh->close(); // table
$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));
$str = trim('document.addEventListener("DOMContentLoaded", function() {');
$str .= trim(' document.getElementById("wishlistTable").addEventListener("click", function(event) {');
$str .= trim(' e ="button") ||"a");');
$str .= trim(' tr ="tr");');
$str .= trim(' if (e && tr &&"wlEditBtn")) {');
$str .= trim(' var id = tr.getAttribute("data-id");');
$str .= trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Wishlist", "eventAction" : "Edit", "eventLabel" : ""});');
$str .= trim(' editWishlist(id, e);');
$str .= trim(' } else if (e && tr &&"wlDeleteBtn")) {');
$str .= trim(' var id = tr.getAttribute("data-id");');
$str .= trim(' var title = tr.getAttribute("data-title");');
$str .= trim(' var artist = tr.getAttribute("data-artist");');
$str .= trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Wishlist", "eventAction" : "Delete", "eventLabel" : ""});');
$str .= trim(' deleteWishlist(id, e, title, artist);');
$str .= trim(' } else if (e && tr &&"wlInfoBtn")) {');
$str .= trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Album Info", "eventAction" : "Click", "eventLabel" : ""});');
$str .= trim(' } else if (e && tr &&"wlSearchBtn")) {');
/* bugbug Merge with htmlTools.php (search_term)*/
$str .= trim(' var title = tr.getAttribute("data-title");');
$str .= trim(' var artist = tr.getAttribute("data-artist");');
$str .= trim(' var barcode = tr.getAttribute("data-barcode");');
$str .= trim(' var searchTitle = tr.getAttribute("data-search-title");');
$str .= trim(' document.getElementById("discogsTitle").value = title;');
$str .= trim(' document.getElementById("discogsArtist").value = artist;');
$str .= trim(' document.getElementById("discogsBarcode").value = barcode;');
$str .= trim(' progressBar(searchTitle);');
$str .= trim(' }');
$str .= trim(' });');
$str .= trim('});');
$xh->close(); // script
$xh->close(); // div
$xh->close(); // form
$xh->add_attribute("class", "modal fade");
$xh->add_attribute("id", "editWishlistModal");
$xh->add_attribute("class", "modal-dialog");
$xh->add_attribute("class", "modal-content");
$xh->add_attribute("class", "modal-header bg-secondary");
$xh->add_attribute("class", "modal-title display-6");
$xh->tag('p', "Edit Wishlist Entry");
$xh->close(); // div>
$xh->add_attribute("class", "mt-0");
$xh->add_attribute("id", "wlMsg");
$xh->tag('span', "");
$xh->add_attribute("type", "hidden");
$xh->add_attribute("name", "wlId");
$xh->add_attribute("id", "wlId");
$xh->add_attribute("class", "modal-body");
$xh->add_attribute("class", "form-group");
$xh->add_attribute("for", "wlArtist");
$xh->tag('label', "Artist:");
$xh->add_attribute("type", "text");
$xh->add_attribute("class", "form-control");
$xh->add_attribute("id", "wlArtist");
$xh->close(); // div
$xh->add_attribute("class", "form-group");
$xh->add_attribute("for", "wlTitle");
$xh->tag('label', "Title:");
$xh->add_attribute("type", "text");
$xh->add_attribute("class", "form-control");
$xh->add_attribute("id", "wlTitle");
$xh->close(); // div
$xh->add_attribute("class", "form-group");
$xh->add_attribute("for", "wlBarcode");
$xh->tag('label', "Barcode:");
$xh->add_attribute("type", "text");
$xh->add_attribute("class", "form-control");
$xh->add_attribute("id", "wlBarcode");
$xh->close(); // div
$xh->add_attribute("class", "form-group");
$xh->add_attribute("for", "wlCond");
$xh->tag('label', "Condition:");
$xh->add_attribute("class", "form-control");
$xh->add_attribute("id", "wlCond");
$xh->tag('option', "Any");
$xh->tag('option', "New");
$xh->tag('option', "Used");
$xh->close(); // select
$xh->close(); // div
$xh->add_attribute("class", "form-group");
$xh->add_attribute("for", "wlFormat");
$xh->tag('label', "Format:");
$xh->add_attribute("class", "form-control");
$xh->add_attribute("id", "wlFormat");
$xh->tag('option', "Any");
$xh->tag('option', "CD");
$xh->tag('option', "Record");
$xh->tag('option', "Digital");
$xh->tag('option', "Book");
$xh->close(); // select
$xh->close(); // div
$xh->add_attribute("class", "form-group");
$xh->add_attribute("for", "wlPrice");
$xh->tag('label', "Ceiling Price:");
$xh->add_attribute("type", "text");
$xh->add_attribute("class", "form-control");
$xh->add_attribute("id", "wlPrice");
$xh->close(); // div
$xh->close(); // div
$xh->add_attribute("class", "modal-footer bg-secondary");
$xh->add_attribute("id", "saveEditedWl");
$xh->add_attribute("type", "button");
$xh->add_attribute("class", "btn btn-success");
$xh->add_attribute("name", "submit");
$xh->add_attribute("value", "Save");
$xh->tag('button', "Save");
$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));
$str = trim('document.addEventListener("DOMContentLoaded", function() {');
$str .= trim(' document.getElementById("saveEditedWl").addEventListener("click", function() {');
$str .= trim(' saveEditedWishlist();');
$str .= trim(' });');
$str .= trim('});');
$xh->close(); // script
$xh->add_attribute("type", "button");
$xh->add_attribute("class", "btn btn-danger");
$xh->add_attribute("data-dismiss", "modal");
$xh->tag('button', "Cancel");
$xh->close(); // div
$xh->close(); // div
$xh->close(); // div
$xh->close(); // div
$xh->close(); // div
else {
$xh->add_attribute("class", "container bg-warning text-center py-3");
$xh->add_attribute("class", "display-6");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "bookmark");
$xh->tag('span', " Your wishlist is currently empty. Add matching albums from the search results.");
$xh->close(); // p
$xh->close(); // div
else if (mysqli_errno($conn)) {
error_log("MySQL Read Wishlist SQL: " . $sql);
error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
$html = $xh->flush();
//error_log(print_r($html, 1));
return $html;
function deleteWishlist($uid, $id) {
$conn = MySessionHandler::getDBSessionId();
$id = mysqli_real_escape_string($conn, $id);
$uid = mysqli_real_escape_string($conn, $uid);
$sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";
if (!($result = mysqli_query($conn, $sql))) {
error_log("MySQL Delete Wishlist SQL: " . $sql);
error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
return -1;
return 0;
function updateWishlist($uid, $wlArr) {
$nul = 'NULL';
$conn = MySessionHandler::getDBSessionId();
$modified = mysqli_real_escape_string($conn, time());
$id = (empty($wlArr['id']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['id']) . "'");
$uid = mysqli_real_escape_string($conn, $uid);
$barcode = (empty($wlArr['barcode']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['barcode']) . "'");
$title = isset($wlArr['title']) ? "'" . mysqli_real_escape_string($conn, $wlArr['title']) . "'" : "NULL";
$artist = isset($wlArr['artist']) ? "'" . mysqli_real_escape_string($conn, $wlArr['artist']) . "'" : "NULL";
$cond = isset($wlArr['cond']) ? mysqli_real_escape_string($conn, $wlArr['cond']) : "Any";
$format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";
$currency = 'USD'; //bugbug
$price = isset($wlArr['price']) ? "'" . mysqli_real_escape_string($conn, $wlArr['price']) . "'" : "NULL";
$sql = "UPDATE wishlist
SET modified='$modified', barcode=" . $barcode . ", title=" . $title . ", artist=" . $artist . ", cond='$cond', format='$format', price=" . $price . "
WHERE id=$id and uid=$uid";
if ($result = mysqli_query($conn, $sql)) {
return 0;
else {
error_log("MySQL Update Wishlist SQL: " . $sql);
error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");
return -1;
return -1;
function unsubscribeWishlist($arr) {
if (empty($arr['id']) || empty($arr['email'])) {
return "";
$conn = MySessionHandler::getDBSessionId();
$modified = mysqli_real_escape_string($conn, time());
$id = mysqli_real_escape_string($conn, $arr['id']);
$email = mysqli_real_escape_string($conn, $arr['email']);
$sql = "UPDATE users
SET wlEmailFlag = '0'
WHERE id=$id and email='$email'";
if (!($result = mysqli_query($conn, $sql))) {
error_log("MySQL Update Wishlist SQL: " . $sql);
error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");
$xh = new Html;
$xh->add_attribute("class", "container text-center bg-warning p-3 rounded");
$xh->add_attribute("class", "display-6 font-weight-bold");
$xh->tag('p', "The wishlist price check emails for " . $email . " have been turned off.");
$xh->tag('p', "You can reinstate the emails at any time by setting the option 'Email Price Checks' for your account back to 'Yes'.");
$xh->close(); // div>";
$html = $xh->flush();
//error_log(print_r($html, 1));
return $html;
function checkPriceMonitor() {
if (empty($_SESSION['sessData']['userID'])) {
return -1;
$conn = MySessionHandler::getDBSessionId();
$uid = $_SESSION['sessData']['userID'];
$sql = "SELECT created, access
FROM pricemonitor
WHERE userId = '$uid'";
if ($result = mysqli_query($conn, $sql)) {
if (mysqli_num_rows($result) > 0) {
if ($row = mysqli_fetch_assoc($result)) {
$_SESSION['priceMonitor']['created'] = $row['created'];
$_SESSION['priceMonitor']['access'] = $row['access'];
if ($_SESSION['priceMonitor']['created'] > $_SESSION['priceMonitor']['access']) {
$_SESSION['priceMonitor']['newFlag'] = true;
} else {
$_SESSION['priceMonitor']['newFlag'] = false;
return 0;
else if (mysqli_errno($conn)) {
error_log("MySQL Read Price Monitor SQL: " . $sql);
error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
return -1;
function getPriceMonitor() {
$xh = new Html;
if (!isLoggedIn()) {
$xh->add_attribute("class", "container bg-warning text-center py-3");
$xh->add_attribute("class", "display-6");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "error_outline");
$xh->tag('span', " Please login to your Find Cheap Music account in order to see the price monitor results.");
$xh->close(); // p
$xh->close(); // div
$html = $xh->flush();
//error_log(print_r($html, 1));
return $html;
$conn = MySessionHandler::getDBSessionId();
$uid = $_SESSION['sessData']['userID'];
$sql = "SELECT data
FROM pricemonitor
WHERE userId = '$uid'";
if ($result = mysqli_query($conn, $sql)) {
if (mysqli_num_rows($result) > 0) {
if ($row = mysqli_fetch_assoc($result)) {
$access = mysqli_real_escape_string($conn, time());
$sql = "UPDATE pricemonitor
SET access = $access
WHERE userId = '$uid'";
if (!($result = mysqli_query($conn, $sql))) {
error_log("MySQL Update Price Monitor SQL: " . $sql);
error_log("MySQL Update Price Monitor Error: " . mysqli_error($conn) . " (" . $error . ")");
$html = gzdecode(base64_decode($row['data']));
$html = str_replace(base64_encode("xxxNONCExxx"), base64_encode($_SESSION["nonce"]), $html);
return ($html);
else if (mysqli_errno($conn)) {
error_log("MySQL Read Price Monitor SQL: " . $sql);
error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
$xh->add_attribute("class", "container bg-warning text-center py-3");
$xh->add_attribute("class", "display-6");
$xh->add_attribute("class", "material-icons");
$xh->tag('i', "bookmark");
$xh->tag('span', " Your price monitor list is currently empty.");
$xh->close(); // p
$xh->close(); // div
$html = $xh->flush();
//error_log(print_r($html, 1));
return $html;