From 020bdc8c899314e6d20a9741c113d3676439ee3a Mon Sep 17 00:00:00 2001
From: Felix Ivo <fx.ivo@web.de>
Date: Mon, 16 Jun 2025 13:55:54 +0200
Subject: [PATCH 1/3] user id and role is handled by session

---
 Controller/NotesController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Controller/NotesController.php b/Controller/NotesController.php
index 0bbce1e..c1e5fe4 100644
--- a/Controller/NotesController.php
+++ b/Controller/NotesController.php
@@ -20,8 +20,8 @@ class NotesController
     {
         $sortBy = $_GET['sort_by'] ?? 'updated_at';
         $sortOrder = strtoupper($_GET['sort_order'] ?? 'DESC');
-        $isAdmin = false;
-        $userid = 2; //$_SESSION['user_id'];
+        $isAdmin = $_SESSION['role'] === 'admin';
+        $userid = $_SESSION['user_id'];
 
         $this->view->setVars([
             "notes" => $this->notesModel->selectNotesForUser($userid, $isAdmin, $sortBy, $sortOrder)

From cb7d71f4a7314652132e8185d28738fd5ed49365 Mon Sep 17 00:00:00 2001
From: Felix Ivo <fx.ivo@web.de>
Date: Mon, 16 Jun 2025 14:21:32 +0200
Subject: [PATCH 2/3] moved javascript include to header

---
 Views/Notes/showNotes.phtml | 3 +--
 Views/header.phtml          | 1 +
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Views/Notes/showNotes.phtml b/Views/Notes/showNotes.phtml
index 0a03519..1a9a6c8 100644
--- a/Views/Notes/showNotes.phtml
+++ b/Views/Notes/showNotes.phtml
@@ -1,5 +1,4 @@
-<?php include dirname(__DIR__).'/header.phtml'; ?>   
-<script src="JavaScript/script.js"></script>
+<?php include dirname(__DIR__).'/header.phtml'; ?>
 
 <h2>Notes</h2>
 
diff --git a/Views/header.phtml b/Views/header.phtml
index b612258..3197948 100644
--- a/Views/header.phtml
+++ b/Views/header.phtml
@@ -5,6 +5,7 @@
         <meta charset="UTF-8" />
         <meta name="viewport" content="width=device-width">
         <link href="CSS/style.css" rel="stylesheet" type="text/css" />
+        <script src="JavaScript/script.js"></script>
      </head>
     <body>
         <header>

From 75742157b70bb2bf63daf9bdcbaaacd9c8e0e0df Mon Sep 17 00:00:00 2001
From: Felix Ivo <fx.ivo@web.de>
Date: Mon, 16 Jun 2025 14:22:51 +0200
Subject: [PATCH 3/3] removed ajax form handling for login

---
 JavaScript/script.js | 60 --------------------------------------------
 1 file changed, 60 deletions(-)

diff --git a/JavaScript/script.js b/JavaScript/script.js
index f95ba11..015ff62 100644
--- a/JavaScript/script.js
+++ b/JavaScript/script.js
@@ -58,12 +58,6 @@ document.addEventListener('DOMContentLoaded', () => {
         if(passwordInput.value) passwordInput.dispatchEvent(new Event('input'));
     }
 
-    // --- AJAX Form Submissions ---
-    handleAjaxForm('login-form');
-    handleAjaxForm('register-form');
-    handleAjaxForm('note-form');
-    handleAjaxForm('logout-form'); // Added for logout
-
     // --- Delete Note Confirmation and AJAX ---
     document.querySelectorAll('.delete-note-btn').forEach(button => {
         button.addEventListener('click', function(e) {
@@ -188,60 +182,6 @@ document.addEventListener('DOMContentLoaded', () => {
     });
 }); // End DOMContentLoaded
 
-function handleAjaxForm(formId) { // Removed successRedirectPage, rely on JSON
-    const form = document.getElementById(formId);
-    if (form) {
-        form.addEventListener('submit', function(e) {
-            e.preventDefault();
-            const formData = new FormData(form);
-            const action = formData.get('action'); // Get action from FormData
-            
-            if (action === 'register') {
-                const password = formData.get('password');
-                const confirmPassword = formData.get('confirm_password');
-                if (password !== confirmPassword) {
-                    displayMessage('Passwords do not match.', 'danger');
-                    return;
-                }
-                
-                let criteriaMet = 0;
-                const criteriaElements = document.querySelectorAll('#password-strength ul li');
-                criteriaElements.forEach(li => {
-                    if (li.classList.contains('valid')) {
-                        criteriaMet++;
-                    }
-                });
-
-                if (criteriaMet < criteriaElements.length) { // Check if all criteria are met
-                    displayMessage('Password does not meet all requirements.', 'danger');
-                    return;
-                }
-            }
-
-            fetch('index.php', {
-                method: 'POST',
-                body: formData
-            })
-            .then(response => response.json())
-            .then(data => {
-                if (data.message) { // Display message if provided
-                    displayMessage(data.message, data.success ? 'success' : 'danger');
-                }
-                if (data.success && data.redirect) {
-                    setTimeout(() => { window.location.href = data.redirect; }, data.message ? 1000 : 0); // Delay if message shown
-                } else if (data.success && (action === 'create_note' || action === 'update_note')) {
-                    // Specific redirect for note actions if not overridden by data.redirect
-                    setTimeout(() => { window.location.href = 'index.php?page=dashboard'; }, data.message ? 1000 : 0);
-                }
-            })
-            .catch(error => {
-                console.error('Error:', error);
-                displayMessage('A network error occurred. Please try again.', 'danger');
-            });
-        });
-    }
-}
-
 function displayMessage(message, type = 'info') {
     const existingAlert = document.querySelector('#alert-container .alert');
     if (existingAlert) {