added priority to notes
This commit is contained in:
@@ -12,7 +12,7 @@ class NotesModel extends Database
|
||||
$erg = array();
|
||||
|
||||
// Whitelist of allowed sort columns
|
||||
$allowedSortColumns = ['id', 'title', 'owner_username', 'updated_at'];
|
||||
$allowedSortColumns = ['id', 'title', 'owner_username', 'updated_at', 'priority'];
|
||||
$allowedSortOrders = ['ASC', 'DESC'];
|
||||
|
||||
$sortBy = in_array($sortBy, $allowedSortColumns) ? $sortBy : 'updated_at';
|
||||
@@ -20,15 +20,17 @@ class NotesModel extends Database
|
||||
|
||||
try {
|
||||
if ($isAdmin) {
|
||||
$sql = "SELECT n.*, u.username AS owner_username
|
||||
$sql = "SELECT n.id, n.title, n.content, n.created_at, n.updated_at, u.username AS owner_username, p.name AS priority
|
||||
FROM notes n
|
||||
JOIN users u ON n.user_id = u.id
|
||||
JOIN priority p ON n.priority = p.id
|
||||
JOIN users u ON n.user_id = u.id
|
||||
ORDER BY {$sortBy} {$sortOrder}";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute();
|
||||
} else {
|
||||
$sql = "SELECT id, title, content, created_at, updated_at
|
||||
FROM notes
|
||||
$sql = "SELECT n.id, n.title, n.content, n.created_at, n.updated_at, p.name AS priority
|
||||
FROM notes n
|
||||
JOIN priority p ON n.priority = p.id
|
||||
WHERE user_id = :userid
|
||||
ORDER BY {$sortBy} {$sortOrder}";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
@@ -62,13 +64,13 @@ class NotesModel extends Database
|
||||
}
|
||||
}
|
||||
|
||||
function createNote($title, $content, $userId) {
|
||||
function createNote($title, $content, $userId, $priority) {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
|
||||
if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
|
||||
try {
|
||||
$stmt = $pdo->prepare("INSERT INTO notes (user_id, title, content) VALUES (?, ?, ?)");
|
||||
$stmt->execute([$userId, trim($title), $content]); // user_id is current session user
|
||||
$stmt = $pdo->prepare("INSERT INTO notes (user_id, title, content, priority) VALUES (?, ?, ?, ?)");
|
||||
$stmt->execute([$userId, trim($title), $content, $priority]); // user_id is current session user
|
||||
return ['success' => true, 'message' => 'Note created successfully.'];
|
||||
} catch (PDOException $e) {
|
||||
error_log("Create Note Error: " . $e->getMessage());
|
||||
@@ -76,17 +78,17 @@ class NotesModel extends Database
|
||||
}
|
||||
}
|
||||
|
||||
function editNote($noteId, $title, $content, $userId) {
|
||||
function editNote($noteId, $title, $content, $userId, $priority) {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
|
||||
if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
|
||||
try {
|
||||
if ($this->isAdmin()) { // Admin can update any note, user_id for record not changed
|
||||
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ?");
|
||||
$params = [trim($title), $content, $noteId];
|
||||
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ?, priority = ? WHERE id = ?");
|
||||
$params = [trim($title), $content, $priority, $noteId];
|
||||
} else { // User can only update their own note
|
||||
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ? AND user_id = ?");
|
||||
$params = [trim($title), $content, $noteId, $userId];
|
||||
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ?, priority = ? WHERE id = ? AND user_id = ?");
|
||||
$params = [trim($title), $content, $priority, $noteId, $userId];
|
||||
}
|
||||
$stmt->execute($params);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user