added create and eedit note functionality (flawed)

2025-06-27 09:56:46 +02:00 · 2025-06-27 09:56:46 +02:00 · 24c8f38c4d
commit 24c8f38c4d
parent 1e9705aa13
4 changed files with 50 additions and 12 deletions
--- a/Controller/NotesController.php
+++ b/Controller/NotesController.php
@ -46,10 +46,11 @@ class NotesController
                $_POST['content'], 
                $_SESSION['user_id']
            );
+            exit();
            
            if ($note) {
                // Redirect to show notes page after successful creation
-                header('Location: ?controller=Notes&page=showNotes');
+                header('Location: ?controller=Notes&page=showNotes&do=showNotes');
                exit();
            } else {
                // If creation failed, show error message and stay on the form
@ -69,7 +70,7 @@ class NotesController
            
            if ($note) {
                // Redirect to show notes page after successful creation
-                header('Location: ?controller=Notes&page=showNotes');
+                header('Location: ?controller=Notes&page=showNotes&do=showNotes');
                exit();
            } else {
                // If creation failed, show error message and stay on the form
--- a/Controller/WelcomeController.php
+++ b/Controller/WelcomeController.php
@ -2,13 +2,11 @@

 namespace ppa\Controller;

-/**
- * Description of Welcome
- *
- * @author reich
- */
 class WelcomeController
 {
+    private $notesModel;
+    private $view;
+    
    public function setView(\ppa\Library\View $view)
    {
        $this->view = $view;
@ -16,5 +14,36 @@ class WelcomeController

    function showWelcome() 
    {
+        if ($this->notesModel === null) {
+            $this->notesModel = new \ppa\Model\NotesModel();
+        }
+
+        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+            if ($_POST['action'] === 'create_note') {
+                $this->notesModel->createNote(
+                    $_POST['title'], 
+                    $_POST['content'], 
+                    $_SESSION['user_id']
+                );
+                exit();
+            }
+            else if ($_POST['action'] === 'update_note') {
+                $this->notesModel->editNote(
+                    $_POST['note_id'], 
+                    $_POST['title'], 
+                    $_POST['content'], 
+                    $_SESSION['user_id']
+                );
+                exit();
+            }
+            else if ($_POST['action'] === 'delete_note') {
+                $this->notesModel->deleteNote(
+                    $_POST['note_id'], 
+                    $_SESSION['user_id']
+                );
+                exit();
+            }
+            header('Location: ?controller=Notes&page=showNotes&do=showNotes');
+        }
    }
 }
--- a/JavaScript/script.js
+++ b/JavaScript/script.js
@ -86,7 +86,7 @@ document.addEventListener('DOMContentLoaded', () => {
                
                // Use handleAjaxForm for consistency
                const formData = new FormData(tempForm);
-                fetch('index.php', {
+                fetch('?controller=Notes&do=showNotes', {
                    method: 'POST',
                    body: formData
                })
--- a/Model/NotesModel.php
+++ b/Model/NotesModel.php
@ -81,7 +81,7 @@ class NotesModel extends Database
        if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
        if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
        try {
-            if (isAdmin()) { // Admin can update any note, user_id for record not changed
+            if ($this->isAdmin()) { // Admin can update any note, user_id for record not changed
                $stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ?");
                $params = [trim($title), $content, $noteId];
            } else { // User can only update their own note
@ -94,8 +94,8 @@ class NotesModel extends Database
                return ['success' => true, 'message' => 'Note updated successfully.'];
            }
            // Check if note exists if rowCount is 0
-            $checkStmt = isAdmin() ? $pdo->prepare("SELECT id FROM notes WHERE id=?") : $pdo->prepare("SELECT id FROM notes WHERE id=? AND user_id=?");
-            $checkParams = isAdmin() ? [$noteId] : [$noteId, $userId];
+            $checkStmt = $this->isAdmin() ? $pdo->prepare("SELECT id FROM notes WHERE id=?") : $pdo->prepare("SELECT id FROM notes WHERE id=? AND user_id=?");
+            $checkParams = $this->isAdmin() ? [$noteId] : [$noteId, $userId];
            $checkStmt->execute($checkParams);
            if ($checkStmt->fetch()) {
                return ['success' => true, 'message' => 'No changes made to the note.']; // Or false if you prefer
@ -111,7 +111,7 @@ class NotesModel extends Database
        $pdo = $this->linkDB();
        if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
        try {
-            if (isAdmin()) { // Admin can delete any note
+            if ($this->isAdmin()) { // Admin can delete any note
                $stmt = $pdo->prepare("DELETE FROM notes WHERE id = ?");
                $params = [$noteId];
            } else { // User can only delete their own note
@ -129,4 +129,12 @@ class NotesModel extends Database
            return ['success' => false, 'message' => 'Failed to delete note.'];
        }
    }
+
+    function isLoggedIn() {
+        return isset($_SESSION['user_id']);
+    }
+    
+    function isAdmin() {
+        return $this->isLoggedIn() && isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
+    }
 }