Merge branch 'main' of http://git.pb.bib.de/PBBFA23CIV/EIANotesApp

2025-06-23 11:13:55 +02:00
parent 3d4e1532c7 80cb9f2818
commit 6cceae17d0
7 changed files with 263 additions and 6 deletions
--- a/Views/Notes/createNote.phtml
+++ b/Views/Notes/createNote.phtml
@@ -0,0 +1,67 @@
+<?php 
+use ppa\Model\NotesModel;
+include dirname(__DIR__).'/header.phtml';
+
+$parsedown = new Parsedown();
+$parsedown->setSafeMode(true);
+
+$this->notesModel = new \ppa\Model\NotesModel();
+
+$isEditMode = false;
+$note = null;
+if ($isEditMode) {
+    $noteId = $_GET['id'] ?? 0;
+    $note = $this->notesModel->getNoteById($noteId, $_SESSION['user_id']);
+    if (!$note) {
+        echo "<div class='alert alert-danger'>Note not found or you don't have permission to edit it.</div>";
+        echo "<a href='?controller=Notes&page=showNotes&do=showNotes' class='button secondary'>Back to Dashboard</a>";
+    }
+}
+
+function isLoggedIn() {
+    return isset($_SESSION['user_id']);
+}
+
+function isAdmin() {
+    return false;// isLoggedIn() && isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
+}
+
+function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
+    return htmlspecialchars((string)$data, $flags, $encoding);
+}
+?>
+
+<div class="container">
+
+<div class="page-header">
+    <h2><?php echo $isEditMode ? 'Edit Note' . (isAdmin() && $note && $note['user_id'] != $_SESSION['user_id'] ? ' (Admin Edit - Owner: '.sanitize($note['owner_username']).')' : '') : 'Create New Note'; ?></h2>
+        <a href="?controller=Notes&page=showNotes&do=showNotes" class="button secondary">Cancel</a>
+</div>
+
+<div id="drop-zone">Drag & drop a .txt or .md file here, or fill manually.</div>
+
+<form id="note-form" method="POST">
+    <input type="hidden" name="action" value="<?php echo $isEditMode ? 'update_note' : 'create_note'; ?>">
+    <?php if ($isEditMode && $note): ?>
+        <input type="hidden" name="note_id" value="<?php echo sanitize($note['id']); ?>">
+    <?php endif; ?>
+    <div class="form-group">
+        <label for="title">Title:</label>
+        <input type="text" id="title" name="title" value="<?php echo $isEditMode && $note ? sanitize($note['title']) : ''; ?>" required>
+    </div>
+    <div class="form-group">
+        <label for="content">Content (Markdown supported):</label>
+        <textarea id="content" name="content" rows="10" required><?php echo $isEditMode && $note ? sanitize($note['content']) : ''; ?></textarea>
+    </div>
+    <div class="form-group">
+        <label>Live Markdown Preview:</label>
+        <div id="markdown-preview" class="markdown-preview">
+            <?php if($isEditMode && $note && !empty($note['content'])) echo $parsedown->text(sanitize($note['content'])); else echo "Start typing or drop a file to see preview..."; ?>
+        </div>
+    </div>
+    <div class="form-actions">
+        <button type="submit" class="button"><?php echo $isEditMode ? 'Update Note' : 'Create Note'; ?></button>
+    </div>
+</form>
+
+</div>
--- a/Views/Notes/editNote.phtml
+++ b/Views/Notes/editNote.phtml
@@ -0,0 +1,67 @@
+<?php 
+use ppa\Model\NotesModel;
+include dirname(__DIR__).'/header.phtml';
+
+$parsedown = new Parsedown();
+$parsedown->setSafeMode(true);
+
+$this->notesModel = new \ppa\Model\NotesModel();
+
+$isEditMode = true;
+$note = null;
+if ($isEditMode) {
+    $noteId = $_GET['id'] ?? 0;
+    $note = $this->notesModel->getNoteById($noteId, $_SESSION['user_id']);
+    if (!$note) {
+        echo "<div class='alert alert-danger'>Note not found or you don't have permission to edit it.</div>";
+        echo "<a href='?controller=Notes&page=showNotes&do=showNotes' class='button secondary'>Back to Dashboard</a>";
+    }
+}
+
+function isLoggedIn() {
+    return isset($_SESSION['user_id']);
+}
+
+function isAdmin() {
+    return false;// isLoggedIn() && isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
+}
+
+function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
+    return htmlspecialchars((string)$data, $flags, $encoding);
+}
+?>
+
+<div class="container">
+
+<div class="page-header">
+    <h2><?php echo $isEditMode ? 'Edit Note' . (isAdmin() && $note && $note['user_id'] != $_SESSION['user_id'] ? ' (Admin Edit - Owner: '.sanitize($note['owner_username']).')' : '') : 'Create New Note'; ?></h2>
+        <a href="?controller=Notes&page=showNotes&do=showNotes" class="button secondary">Cancel</a>
+</div>
+
+<div id="drop-zone">Drag & drop a .txt or .md file here, or fill manually.</div>
+
+<form id="note-form" method="POST">
+    <input type="hidden" name="action" value="<?php echo $isEditMode ? 'update_note' : 'create_note'; ?>">
+    <?php if ($isEditMode && $note): ?>
+        <input type="hidden" name="note_id" value="<?php echo sanitize($note['id']); ?>">
+    <?php endif; ?>
+    <div class="form-group">
+        <label for="title">Title:</label>
+        <input type="text" id="title" name="title" value="<?php echo $isEditMode && $note ? sanitize($note['title']) : ''; ?>" required>
+    </div>
+    <div class="form-group">
+        <label for="content">Content (Markdown supported):</label>
+        <textarea id="content" name="content" rows="10" required><?php echo $isEditMode && $note ? sanitize($note['content']) : ''; ?></textarea>
+    </div>
+    <div class="form-group">
+        <label>Live Markdown Preview:</label>
+        <div id="markdown-preview" class="markdown-preview">
+            <?php if($isEditMode && $note && !empty($note['content'])) echo $parsedown->text(sanitize($note['content'])); else echo "Start typing or drop a file to see preview..."; ?>
+        </div>
+    </div>
+    <div class="form-actions">
+        <button type="submit" class="button"><?php echo $isEditMode ? 'Update Note' : 'Create Note'; ?></button>
+    </div>
+</form>
+
+</div>
--- a/Views/Notes/showNoteDetails.phtml
+++ b/Views/Notes/showNoteDetails.phtml
@@ -25,9 +25,9 @@ $parsedown->setSafeMode(true);
            </div>
            
            <div class="note-actions">
-                <a href="?controller=NotesController&page=showNotes" class="button">Back to Notes</a>
+                <a href="?controller=Notes&page=showNotes&do=showNotes" class="button">Back to Notes</a>
                <?php if (isset($note['id'])): ?>
-                    <a href="?controller=NotesController&page=editNote&note_id=<?php echo (int)$note['id']; ?>" class="button">Edit Note</a>
+                    <a href="?controller=Notes&do=editNote&id=<?php echo (int)$note['id']; ?>" class="button">Edit Note</a>
                <?php endif; ?>
            </div>
        </div>
@@ -35,7 +35,7 @@ $parsedown->setSafeMode(true);
        <div class="error-message">
            <h2>Note Not Found</h2>
            <p><?php echo htmlspecialchars($error ?? 'The requested note could not be found.'); ?></p>
-            <a href="?controller=NotesController&page=showNotes" class="button">Back to Notes</a>
+            <a href="?controller=Notes&page=showNotes&do=showNotes" class="button">Back to Notes</a>
        </div>
    <?php endif; ?>
 </div>
--- a/Views/Notes/showNotes.phtml
+++ b/Views/Notes/showNotes.phtml
@@ -1,7 +1,5 @@
 <?php include dirname(__DIR__).'/header.phtml'; ?>

-<h2>Notes</h2>
-
 <div class="container">
 <?php
    $parsedown = new Parsedown();
@@ -14,6 +12,7 @@
    function isAdmin() {
        return false;// isLoggedIn() && isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
    }
+    
    function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
        return htmlspecialchars((string)$data, $flags, $encoding);
    }
@@ -21,6 +20,11 @@
    $sortBy = $_GET['sort_by'] ?? 'updated_at';
    $sortOrder = strtoupper($_GET['sort_order'] ?? 'DESC'); // Ensure uppercase for comparison
    ?>
+    <div class="page-header">
+        <h2><?php echo isAdmin() ? "All Users' Notes" : "My Notes"; ?></h2>
+        <a href="?controller=Notes&do=createNote" class="button">Create New Note</a>
+    </div>
+
    <table class="notes-table">
        <thead>
            <tr>
@@ -51,7 +55,7 @@
                    </td>
                    <td><?php echo date("d.m.Y H:i", strtotime($note['updated_at'])); ?></td>
                    <td class="actions-cell">
-                        <a href="index.php?page=edit_note&id=<?php echo $note['id']; ?>" class="button">Edit</a>
+                        <a href="?controller=Notes&do=editNote&id=<?php echo $note['id']; ?>" class="button">Edit</a>
                        <button class="button danger delete-note-btn" data-note-id="<?php echo $note['id']; ?>">Delete</button>
                    </td>
                </tr>
--- a/Views/header.phtml
+++ b/Views/header.phtml
@@ -5,6 +5,7 @@
        <meta charset="UTF-8" />
        <meta name="viewport" content="width=device-width">
        <link href="CSS/style.css" rel="stylesheet" type="text/css" />
+        <script src="https://cdnjs.cloudflare.com/ajax/libs/showdown/2.1.0/showdown.min.js"></script>
        <script src="JavaScript/script.js"></script>
     </head>
    <body>