PBBFA23CIV/EIANotesApp
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of http://git.pb.bib.de/PBBFA23CIV/EIANotesApp

Browse Source
This commit is contained in:
David Kalemi
2025-06-23 11:13:55 +02:00
parent 3d4e1532c7 80cb9f2818
commit 6cceae17d0
7 changed files with 263 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
Model/NotesModel.php
View File

@@ -61,4 +61,72 @@ class NotesModel extends Database
return null;
}
}
function createNote($title, $content, $userId) {
$pdo = $this->linkDB();
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
try {
$stmt = $pdo->prepare("INSERT INTO notes (user_id, title, content) VALUES (?, ?, ?)");
$stmt->execute([$userId, trim($title), $content]); // user_id is current session user
return ['success' => true, 'message' => 'Note created successfully.'];
} catch (PDOException $e) {
error_log("Create Note Error: " . $e->getMessage());
return ['success' => false, 'message' => 'Failed to create note.'];
}
}
function editNote($noteId, $userId, $title, $content) {
$pdo = $this->linkDB();
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
try {
if (isAdmin()) { // Admin can update any note, user_id for record not changed
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ?");
$params = [trim($title), $content, $noteId];
} else { // User can only update their own note
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ? AND user_id = ?");
$params = [trim($title), $content, $noteId, $userId];
}
$stmt->execute($params);
if ($stmt->rowCount() > 0) {
return ['success' => true, 'message' => 'Note updated successfully.'];
}
// Check if note exists if rowCount is 0
$checkStmt = isAdmin() ? $pdo->prepare("SELECT id FROM notes WHERE id=?") : $pdo->prepare("SELECT id FROM notes WHERE id=? AND user_id=?");
$checkParams = isAdmin() ? [$noteId] : [$noteId, $userId];
$checkStmt->execute($checkParams);
if ($checkStmt->fetch()) {
return ['success' => true, 'message' => 'No changes made to the note.']; // Or false if you prefer
}
return ['success' => false, 'message' => 'Note not found or permission denied.'];
} catch (PDOException $e) {
error_log("Update Note Error: " . $e->getMessage());
return ['success' => false, 'message' => 'Failed to update note.'];
}
}
function deleteNote($noteId, $userId) {
$pdo = $this->linkDB();
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
try {
if (isAdmin()) { // Admin can delete any note
$stmt = $pdo->prepare("DELETE FROM notes WHERE id = ?");
$params = [$noteId];
} else { // User can only delete their own note
$stmt = $pdo->prepare("DELETE FROM notes WHERE id = ? AND user_id = ?");
$params = [$noteId, $userId];
}
$stmt->execute($params);
if ($stmt->rowCount() > 0) {
return ['success' => true, 'message' => 'Note deleted successfully.'];
}
return ['success' => false, 'message' => 'Note not found or permission denied.'];
} catch (PDOException $e) {
error_log("Delete Note Error: " . $e->getMessage());
return ['success' => false, 'message' => 'Failed to delete note.'];
}
}
}