PBBFA23CIV/EIANotesApp
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of http://git.pb.bib.de/PBBFA23CIV/EIANotesApp

Browse Source
This commit is contained in:
David Kalemi 2025-06-23 09:58:54 +02:00
commit ff1234d561
6 changed files with 91 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Controller/NotesController.php
View File

@ -28,4 +28,12 @@ class NotesController
]); ]);
} }
public function showNoteDetails()
{
$noteId = $_GET['id'];
$note = $this->notesModel->getNoteById($noteId);
$this->view->setVars([
"note" => $note
]);
}
} }

18
Model/NotesModel.php
View File

@ -43,4 +43,22 @@ class NotesModel extends Database
return false; return false;
} }
} }
function getNoteById($noteId) {
$pdo = $this->linkDB();
if (!$pdo) return null;
try {
if ($_SESSION['role'] === 'admin') { // Admin can fetch any note
$stmt = $pdo->prepare("SELECT n.*, u.username as owner_username FROM notes n JOIN users u ON n.user_id = u.id WHERE n.id = ?");
$stmt->execute([$noteId]);
} else { // Regular user can only fetch their own notes
$stmt = $pdo->prepare("SELECT * FROM notes WHERE id = ? AND user_id = ?");
$stmt->execute([$noteId, $_SESSION['user_id']]);
}
return $stmt->fetch();
} catch (PDOException $e) {
error_log("Get Note Error: " . $e->getMessage());
return null;
}
}
} }

43
Views/Notes/showNoteDetails.phtml Normal file
View File

@ -0,0 +1,43 @@
<?php include dirname(__DIR__).'/header.phtml'; ?>
<?php
$parsedown = new Parsedown();
$parsedown->setSafeMode(true);
?>
<div class="container">
<?php if (isset($note) && $note): ?>
<div class="note-details">
<div class="note-header">
<h2><?php echo htmlspecialchars($note['title'] ?? ''); ?></h2>
<div class="note-meta">
<?php if (($isAdmin ?? false) && isset($note['owner_username'])): ?>
<span class="note-owner">Owner: <?php echo htmlspecialchars($note['owner_username']); ?></span>
<?php endif; ?>
<span class="note-date">
Last updated: <?php echo isset($note['updated_at']) ? date("d.m.Y H:i", strtotime($note['updated_at'])) : 'N/A'; ?>
</span>
</div>
</div>
<div class="note-content">
<?php echo $parsedown->text($note['content'] ?? ''); ?>
</div>
<div class="note-actions">
<a href="?controller=NotesController&page=showNotes" class="button">Back to Notes</a>
<?php if (isset($note['id'])): ?>
<a href="?controller=NotesController&page=editNote&note_id=<?php echo (int)$note['id']; ?>" class="button">Edit Note</a>
<?php endif; ?>
</div>
</div>
<?php else: ?>
<div class="error-message">
<h2>Note Not Found</h2>
<p><?php echo htmlspecialchars($error ?? 'The requested note could not be found.'); ?></p>
<a href="?controller=NotesController&page=showNotes" class="button">Back to Notes</a>
</div>
<?php endif; ?>
</div>
<?php include dirname(__DIR__).'/footer.phtml'; ?>

2
Views/Notes/showNotes.phtml
View File

@ -38,7 +38,7 @@
<?php foreach ($notes as $note): ?> <?php foreach ($notes as $note): ?>
<tr> <tr>
<td><?php echo sanitize($note['id']); ?></td> <td><?php echo sanitize($note['id']); ?></td>
<td><a href="index.php?page=view_note&id=<?php echo $note['id']; ?>"><?php echo sanitize($note['title']); ?></a></td> <td><a href="?controller=Notes&do=showNoteDetails&id=<?php echo $note['id']; ?>"><?php echo sanitize($note['title']); ?></a></td>
<?php if (isAdmin()): ?> <?php if (isAdmin()): ?>
<td><?php echo sanitize($note['owner_username']); ?></td> <td><?php echo sanitize($note['owner_username']); ?></td>
<?php endif; ?> <?php endif; ?>

1
Views/User/showUserLoginForm.phtml
View File

@ -1,5 +1,4 @@
<?php include dirname(__DIR__).'/header.phtml'; ?> <?php include dirname(__DIR__).'/header.phtml'; ?>
<script src="JavaScript/script.js"></script>
<div class="form-container"> <div class="form-container">
<h2>Login</h2> <h2>Login</h2>
<form id="login-form" method="POST"> <form id="login-form" method="POST">

24
Views/header.phtml
View File

@ -8,13 +8,27 @@
<script src="JavaScript/script.js"></script> <script src="JavaScript/script.js"></script>
</head> </head>
<body> <body>
<header> <header class="top-bar">
<div class="wrapper"> <h1>Notes App <?php if($_SESSION['role'] === 'admin') echo "<span style='font-size:0.7em; color:#ffdd57;'>(Admin Panel)</span>"; ?></h1>
<div class="button"> <?php if (isset($_SESSION['user_id'])): ?>
<a href="?controller=User&do=showUserLoginForm">Anmelden</a> <div class="user-info">
<span>Welcome, <?php echo htmlspecialchars($_SESSION['username'], ENT_QUOTES, 'UTF-8'); ?>!</span>
<form id="logout-form" method="POST" style="display: inline;">
<input type="hidden" name="action" value="logout">
<button type="submit" class="icon-button" title="Logout"></button>
</form>
<!-- <button class="icon-button" title="More options">⋮</button> -->
</div> </div>
<h1>Notes<span>.de</span></h1> <?php else: ?>
<div class="user-info">
<?php if (!isset($_SESSION['user_id'])): ?>
<a href="?controller=User&do=showUserLoginForm">Login</a>
<?php endif; ?>
<?php if (!isset($_SESSION['user_id'])): ?>
<a href="?controller=User&do=showUserRegisterForm">Register</a>
<?php endif; ?>
</div> </div>
<?php endif; ?>
</header> </header>
<nav> <nav>
<ul> <ul>