diff --git a/Controller/NotesController.php b/Controller/NotesController.php index c1e5fe4..c2b4ffe 100644 --- a/Controller/NotesController.php +++ b/Controller/NotesController.php @@ -28,4 +28,12 @@ class NotesController ]); } + public function showNoteDetails() + { + $noteId = $_GET['id']; + $note = $this->notesModel->getNoteById($noteId); + $this->view->setVars([ + "note" => $note + ]); + } } \ No newline at end of file diff --git a/Model/NotesModel.php b/Model/NotesModel.php index b77ac92..2e47ae1 100644 --- a/Model/NotesModel.php +++ b/Model/NotesModel.php @@ -43,4 +43,22 @@ class NotesModel extends Database return false; } } + + function getNoteById($noteId) { + $pdo = $this->linkDB(); + if (!$pdo) return null; + try { + if ($_SESSION['role'] === 'admin') { // Admin can fetch any note + $stmt = $pdo->prepare("SELECT n.*, u.username as owner_username FROM notes n JOIN users u ON n.user_id = u.id WHERE n.id = ?"); + $stmt->execute([$noteId]); + } else { // Regular user can only fetch their own notes + $stmt = $pdo->prepare("SELECT * FROM notes WHERE id = ? AND user_id = ?"); + $stmt->execute([$noteId, $_SESSION['user_id']]); + } + return $stmt->fetch(); + } catch (PDOException $e) { + error_log("Get Note Error: " . $e->getMessage()); + return null; + } + } } \ No newline at end of file diff --git a/Views/Notes/showNoteDetails.phtml b/Views/Notes/showNoteDetails.phtml new file mode 100644 index 0000000..934deed --- /dev/null +++ b/Views/Notes/showNoteDetails.phtml @@ -0,0 +1,43 @@ + + +setSafeMode(true); +?> + +
+ +
+
+

+
+ + Owner: + + + Last updated: + +
+
+ +
+ text($note['content'] ?? ''); ?> +
+ +
+ Back to Notes + + Edit Note + +
+
+ +
+

Note Not Found

+

+ Back to Notes +
+ +
+ + \ No newline at end of file diff --git a/Views/Notes/showNotes.phtml b/Views/Notes/showNotes.phtml index 1a9a6c8..09eecae 100644 --- a/Views/Notes/showNotes.phtml +++ b/Views/Notes/showNotes.phtml @@ -38,7 +38,7 @@ - +