edit and create notes first push

2025-06-23 10:48:57 +02:00
parent ff1234d561
commit d21da71585
6 changed files with 243 additions and 4 deletions
--- a/Model/NotesModel.php
+++ b/Model/NotesModel.php
@@ -61,4 +61,72 @@ class NotesModel extends Database
            return null;
        }
    }
+
+    function createNote($title, $content, $userId) {
+        $pdo = $this->linkDB();
+        if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
+        if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
+        try {
+            $stmt = $pdo->prepare("INSERT INTO notes (user_id, title, content) VALUES (?, ?, ?)");
+            $stmt->execute([$userId, trim($title), $content]); // user_id is current session user
+            return ['success' => true, 'message' => 'Note created successfully.'];
+        } catch (PDOException $e) {
+            error_log("Create Note Error: " . $e->getMessage());
+            return ['success' => false, 'message' => 'Failed to create note.'];
+        }
+    }
+
+    function editNote($noteId, $userId, $title, $content) {
+        $pdo = $this->linkDB();
+        if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
+        if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
+        try {
+            if (isAdmin()) { // Admin can update any note, user_id for record not changed
+                $stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ?");
+                $params = [trim($title), $content, $noteId];
+            } else { // User can only update their own note
+                $stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ? AND user_id = ?");
+                $params = [trim($title), $content, $noteId, $userId];
+            }
+            $stmt->execute($params);
+    
+            if ($stmt->rowCount() > 0) {
+                return ['success' => true, 'message' => 'Note updated successfully.'];
+            }
+            // Check if note exists if rowCount is 0
+            $checkStmt = isAdmin() ? $pdo->prepare("SELECT id FROM notes WHERE id=?") : $pdo->prepare("SELECT id FROM notes WHERE id=? AND user_id=?");
+            $checkParams = isAdmin() ? [$noteId] : [$noteId, $userId];
+            $checkStmt->execute($checkParams);
+            if ($checkStmt->fetch()) {
+                return ['success' => true, 'message' => 'No changes made to the note.']; // Or false if you prefer
+            }
+            return ['success' => false, 'message' => 'Note not found or permission denied.'];
+        } catch (PDOException $e) {
+            error_log("Update Note Error: " . $e->getMessage());
+            return ['success' => false, 'message' => 'Failed to update note.'];
+        }
+    }
+    
+    function deleteNote($noteId, $userId) {
+        $pdo = $this->linkDB();
+        if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
+        try {
+            if (isAdmin()) { // Admin can delete any note
+                $stmt = $pdo->prepare("DELETE FROM notes WHERE id = ?");
+                $params = [$noteId];
+            } else { // User can only delete their own note
+                $stmt = $pdo->prepare("DELETE FROM notes WHERE id = ? AND user_id = ?");
+                $params = [$noteId, $userId];
+            }
+            $stmt->execute($params);
+    
+            if ($stmt->rowCount() > 0) {
+                return ['success' => true, 'message' => 'Note deleted successfully.'];
+            }
+            return ['success' => false, 'message' => 'Note not found or permission denied.'];
+        } catch (PDOException $e) {
+            error_log("Delete Note Error: " . $e->getMessage());
+            return ['success' => false, 'message' => 'Failed to delete note.'];
+        }
+    }
 }