Compare commits
14 Commits
ce59837500
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
5ef5de9b98 | ||
|
|
92e162283e | ||
|
|
26fb9b54b6 | ||
|
|
b4fcc4892c | ||
|
|
58e0f1eafd | ||
|
|
9bca8fd1d1 | ||
| bb9424232c | |||
| e8766ecc26 | |||
|
|
c5ebde8b20 | ||
|
|
4ae6971b9c | ||
|
|
0799db48f0 | ||
|
|
9db4d93ce3 | ||
|
|
aabd6288fe | ||
|
|
48f1fb8923 |
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@@ -0,0 +1 @@
|
||||
uploads
|
||||
@@ -338,4 +338,19 @@ button.danger {
|
||||
font-size: 0.8em;
|
||||
color: #6A5ACD;
|
||||
display: inline-block;
|
||||
}
|
||||
|
||||
.style_low {
|
||||
background-color: darkseagreen;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.style_mid {
|
||||
background-color: moccasin;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.style_high {
|
||||
background-color: lightcoral;
|
||||
font-weight: bold;
|
||||
}
|
||||
@@ -50,7 +50,8 @@ class NotesController
|
||||
$note = $this->notesModel->createNote(
|
||||
$_POST['title'],
|
||||
$_POST['content'],
|
||||
$_SESSION['user_id']
|
||||
$_SESSION['user_id'],
|
||||
$_POST['priority']
|
||||
);
|
||||
|
||||
if ($note) {
|
||||
@@ -75,17 +76,18 @@ class NotesController
|
||||
$noteId,
|
||||
$_POST['title'],
|
||||
$_POST['content'],
|
||||
$_SESSION['user_id']
|
||||
$_SESSION['user_id'],
|
||||
$_POST['priority']
|
||||
);
|
||||
|
||||
|
||||
if ($note) {
|
||||
// Redirect to show notes page after successful creation
|
||||
// Redirect to show notes page after successful update
|
||||
header('Location: ?controller=Notes&page=showNotes&do=showNotes');
|
||||
exit();
|
||||
} else {
|
||||
// If creation failed, show error message and stay on the form
|
||||
// If update failed, show error message and stay on the form
|
||||
$this->view->setVars([
|
||||
'error' => 'Failed to create note. Please try again.'
|
||||
'error' => 'Failed to update note. Please try again.'
|
||||
]);
|
||||
}
|
||||
}
|
||||
@@ -101,4 +103,39 @@ class NotesController
|
||||
header("Location: ?controller=Notes&page=showNotes&do=showNotes");
|
||||
exit();
|
||||
}
|
||||
|
||||
public function fileManager()
|
||||
{
|
||||
# Redirect zum Login wenn kein User eingeloggt ist
|
||||
if(!Isset($_SESSION['role']))
|
||||
{
|
||||
header("Location: ?controller=User&do=showUserLoginForm");
|
||||
}
|
||||
# Redirect zum Welcome wenn kein User kein Admin ist
|
||||
if(!Isset($_SESSION['role']) || $_SESSION['role'] !== 'admin')
|
||||
{
|
||||
header("Location: ?controller=Welcome&do=showWelcome");
|
||||
}
|
||||
|
||||
$sortBy = $_GET['sort_by'] ?? 'uploaded_at';
|
||||
$sortOrder = strtoupper($_GET['sort_order'] ?? 'DESC');
|
||||
$isAdmin = $_SESSION['role'] === 'admin';
|
||||
$userid = $_SESSION['user_id'];
|
||||
|
||||
$files = $this->notesModel->selectFiles($userid, true, $sortBy, $sortOrder);
|
||||
$this->view->setVars([
|
||||
"files" => $files
|
||||
]);
|
||||
}
|
||||
|
||||
public function deleteFile()
|
||||
{
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['file_id'])) {
|
||||
$fileId = $_POST['file_id'];
|
||||
$this->notesModel->deleteFile($fileId, $_SESSION['user_id']);
|
||||
}
|
||||
|
||||
header("Location: ?controller=Notes&do=fileManager");
|
||||
exit();
|
||||
}
|
||||
}
|
||||
@@ -12,7 +12,7 @@ class NotesModel extends Database
|
||||
$erg = array();
|
||||
|
||||
// Whitelist of allowed sort columns
|
||||
$allowedSortColumns = ['id', 'title', 'owner_username', 'updated_at'];
|
||||
$allowedSortColumns = ['id', 'title', 'owner_username', 'updated_at', 'priority'];
|
||||
$allowedSortOrders = ['ASC', 'DESC'];
|
||||
|
||||
$sortBy = in_array($sortBy, $allowedSortColumns) ? $sortBy : 'updated_at';
|
||||
@@ -20,15 +20,17 @@ class NotesModel extends Database
|
||||
|
||||
try {
|
||||
if ($isAdmin) {
|
||||
$sql = "SELECT n.*, u.username AS owner_username
|
||||
$sql = "SELECT n.id, n.title, n.content, n.created_at, n.updated_at, u.username AS owner_username, p.name AS priority
|
||||
FROM notes n
|
||||
JOIN users u ON n.user_id = u.id
|
||||
JOIN priority p ON n.priority = p.id
|
||||
JOIN users u ON n.user_id = u.id
|
||||
ORDER BY {$sortBy} {$sortOrder}";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute();
|
||||
} else {
|
||||
$sql = "SELECT id, title, content, created_at, updated_at
|
||||
FROM notes
|
||||
$sql = "SELECT n.id, n.title, n.content, n.created_at, n.updated_at, p.name AS priority
|
||||
FROM notes n
|
||||
JOIN priority p ON n.priority = p.id
|
||||
WHERE user_id = :userid
|
||||
ORDER BY {$sortBy} {$sortOrder}";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
@@ -43,6 +45,37 @@ class NotesModel extends Database
|
||||
return false;
|
||||
}
|
||||
}
|
||||
public function selectFiles($userid, $isAdmin = false, $sortBy = 'updated_at', $sortOrder = 'DESC')
|
||||
{
|
||||
$pdo = $this->linkDB();
|
||||
$erg = array();
|
||||
|
||||
// Whitelist of allowed sort columns
|
||||
$allowedSortColumns = ['id', 'original_filename', 'stored_filename', 'note_id', 'owner_username', 'uploaded_at', 'file_size'];
|
||||
$allowedSortOrders = ['ASC', 'DESC'];
|
||||
|
||||
$sortBy = in_array($sortBy, $allowedSortColumns) ? $sortBy : 'uploaded_at';
|
||||
$sortOrder = in_array(strtoupper($sortOrder), $allowedSortOrders) ? strtoupper($sortOrder) : 'DESC';
|
||||
|
||||
try {
|
||||
if ($isAdmin) {
|
||||
$sql = "SELECT f.*, n.title AS note_title, u.username AS owner_username
|
||||
FROM files f
|
||||
JOIN notes n ON f.note_id = n.id
|
||||
JOIN users u ON n.user_id = u.id
|
||||
ORDER BY {$sortBy} {$sortOrder}";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
$erg = $stmt->fetchAll(\PDO::FETCH_ASSOC);
|
||||
return $erg;
|
||||
|
||||
} catch (PDOException $e) {
|
||||
error_log("Database Error in selectFiles: " . $e->getMessage());
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
function getNoteById($noteId) {
|
||||
$pdo = $this->linkDB();
|
||||
@@ -62,13 +95,18 @@ class NotesModel extends Database
|
||||
}
|
||||
}
|
||||
|
||||
function createNote($title, $content, $userId) {
|
||||
function createNote($title, $content, $userId, $priority) {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
|
||||
if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
|
||||
try {
|
||||
$stmt = $pdo->prepare("INSERT INTO notes (user_id, title, content) VALUES (?, ?, ?)");
|
||||
$stmt->execute([$userId, trim($title), $content]); // user_id is current session user
|
||||
$stmt = $pdo->prepare("INSERT INTO notes (user_id, title, content, priority) VALUES (?, ?, ?, ?)");
|
||||
$stmt->execute([$userId, trim($title), $content, $priority]); // user_id is current session user
|
||||
$noteId = $pdo->lastInsertId();
|
||||
$uploadResult = $this->uploadFiles($noteId);
|
||||
if (!$uploadResult['success']) {
|
||||
return $uploadResult;
|
||||
}
|
||||
return ['success' => true, 'message' => 'Note created successfully.'];
|
||||
} catch (PDOException $e) {
|
||||
error_log("Create Note Error: " . $e->getMessage());
|
||||
@@ -76,19 +114,24 @@ class NotesModel extends Database
|
||||
}
|
||||
}
|
||||
|
||||
function editNote($noteId, $title, $content, $userId) {
|
||||
function editNote($noteId, $title, $content, $userId, $priority) {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
|
||||
if (empty(trim($title))) return ['success' => false, 'message' => 'Title is required.'];
|
||||
try {
|
||||
if ($this->isAdmin()) { // Admin can update any note, user_id for record not changed
|
||||
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ?");
|
||||
$params = [trim($title), $content, $noteId];
|
||||
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ?, priority = ? WHERE id = ?");
|
||||
$params = [trim($title), $content, $priority, $noteId];
|
||||
} else { // User can only update their own note
|
||||
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ? WHERE id = ? AND user_id = ?");
|
||||
$params = [trim($title), $content, $noteId, $userId];
|
||||
$stmt = $pdo->prepare("UPDATE notes SET title = ?, content = ?, priority = ? WHERE id = ? AND user_id = ?");
|
||||
$params = [trim($title), $content, $priority, $noteId, $userId];
|
||||
}
|
||||
$stmt->execute($params);
|
||||
|
||||
$uploadResult = $this->uploadFiles($noteId);
|
||||
if (!$uploadResult['success']) {
|
||||
return $uploadResult;
|
||||
}
|
||||
|
||||
if ($stmt->rowCount() > 0) {
|
||||
return ['success' => true, 'message' => 'Note updated successfully.'];
|
||||
@@ -130,6 +173,32 @@ class NotesModel extends Database
|
||||
}
|
||||
}
|
||||
|
||||
function getUploadedFiles($noteId) {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return [];
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT * FROM files WHERE note_id = ?");
|
||||
$stmt->execute([$noteId]);
|
||||
return $stmt->fetchAll(\PDO::FETCH_ASSOC);
|
||||
} catch (PDOException $e) {
|
||||
error_log("Get Uploaded Files Error: " . $e->getMessage());
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
function getFileCount() {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return 0;
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT COUNT(*) FROM files");
|
||||
$stmt->execute();
|
||||
return $stmt->fetchColumn();
|
||||
} catch (PDOException $e) {
|
||||
error_log("Get Files Count Error: " . $e->getMessage());
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
function getNoteCount() {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return 0;
|
||||
@@ -150,4 +219,78 @@ class NotesModel extends Database
|
||||
function isAdmin() {
|
||||
return $this->isLoggedIn() && isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
|
||||
}
|
||||
|
||||
public function uploadFiles($noteId) {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
|
||||
|
||||
$uploadDir = __DIR__ . '/../Uploads/';
|
||||
$uploadedFileNames = [];
|
||||
|
||||
if (!file_exists($uploadDir)) {
|
||||
mkdir($uploadDir, 0777, true);
|
||||
}
|
||||
|
||||
if (isset($_FILES['attachments']) && !empty($_FILES['attachments']['name'][0])) {
|
||||
$files = $_FILES['attachments'];
|
||||
|
||||
foreach ($files['name'] as $key => $name) {
|
||||
if ($files['error'][$key] === UPLOAD_ERR_OK) {
|
||||
$tmpName = $files['tmp_name'][$key];
|
||||
$safeFilename = basename($name);
|
||||
$uniqueFilename = time() . '-' . preg_replace('/[^A-Za-z0-9.\-]/', '_', $safeFilename);
|
||||
$destination = $uploadDir . $uniqueFilename;
|
||||
|
||||
if (move_uploaded_file($tmpName, $destination)) {
|
||||
$uploadedFileNames[] = $uniqueFilename;
|
||||
|
||||
$stmt = $pdo->prepare("INSERT INTO files (note_id, original_filename, stored_filename, file_type, file_size, uploaded_at) VALUES (?, ?, ?, ?, ?, ?)");
|
||||
$stmt->execute([$noteId, $safeFilename, $uniqueFilename, $files['type'][$key], $files['size'][$key], date('Y-m-d H:i:s')]);
|
||||
} else {
|
||||
$errmsg = "Error: Could not move uploaded file '$safeFilename'.";
|
||||
}
|
||||
} else {
|
||||
$errmsg = "Error uploading file '$name'. Error code: " . $files['error'][$key];
|
||||
}
|
||||
}
|
||||
}
|
||||
if (isset($errmsg)) {
|
||||
return ['success' => false, 'message' => $errmsg];
|
||||
}
|
||||
return ['success' => true, 'message' => 'Files uploaded successfully.', 'fileNames' => $uploadedFileNames];
|
||||
}
|
||||
|
||||
public function deleteFile($fileId, $userId) {
|
||||
$pdo = $this->linkDB();
|
||||
if (!$pdo) return ['success' => false, 'message' => 'Database error.'];
|
||||
try {
|
||||
// Delete the local file
|
||||
$stmt = $pdo->prepare("SELECT stored_filename FROM files WHERE id = ?");
|
||||
$stmt->execute([$fileId]);
|
||||
$file = $stmt->fetch();
|
||||
if ($file) {
|
||||
$filePath = __DIR__ . '/../Uploads/' . $file['stored_filename'];
|
||||
if (file_exists($filePath)) {
|
||||
unlink($filePath);
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->isAdmin()) { // Admin can delete any file
|
||||
$stmt = $pdo->prepare("DELETE FROM files WHERE id = ?");
|
||||
$params = [$fileId];
|
||||
} else { // User can only delete their own files
|
||||
$stmt = $pdo->prepare("DELETE FROM files WHERE id = ? AND note_id IN (SELECT id FROM notes WHERE user_id = ?)");
|
||||
$params = [$fileId, $userId];
|
||||
}
|
||||
$stmt->execute($params);
|
||||
|
||||
if ($stmt->rowCount() > 0) {
|
||||
return ['success' => true, 'message' => 'File deleted successfully.'];
|
||||
}
|
||||
return ['success' => false, 'message' => 'File not found or permission denied.'];
|
||||
} catch (PDOException $e) {
|
||||
error_log("Delete File Error: " . $e->getMessage());
|
||||
return ['success' => false, 'message' => 'Failed to delete file.'];
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -2,6 +2,16 @@
|
||||
use ppa\Model\NotesModel;
|
||||
include dirname(__DIR__).'/header.phtml';
|
||||
|
||||
//// Test write permissions
|
||||
//// This is the directory we will upload files to.
|
||||
//$uploadDir = __DIR__ . '/../Uploads/';
|
||||
//if (!file_exists($uploadDir)) {
|
||||
// mkdir($uploadDir, 0777, true);
|
||||
//}
|
||||
//$testFile = $uploadDir . 'test_write.txt';
|
||||
//$testContent = 'Test write operation at ' . date('Y-m-d H:i:s');
|
||||
//$writeResult = file_put_contents($testFile, $testContent);
|
||||
|
||||
$parsedown = new Parsedown();
|
||||
$parsedown->setSafeMode(true);
|
||||
|
||||
@@ -26,12 +36,16 @@ function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
|
||||
|
||||
<div class="page-header">
|
||||
<h2>Create New Note</h2>
|
||||
<a href="?controller=Notes&page=showNotes&do=showNotes" class="button secondary">Cancel</a>
|
||||
<a href="?controller=Notes&page=showNotes&do=showNotes" class="button secondary">Cancel</a>
|
||||
</div>
|
||||
|
||||
<label class="error-message"><?php if (isset($errmsg)):?>
|
||||
<?php echo $errmsg;?>
|
||||
<?php endif; ?></label>
|
||||
|
||||
<div id="drop-zone">Drag & drop a .txt or .md file here, or fill manually.</div>
|
||||
|
||||
<form id="note-form" method="POST">
|
||||
<form id="note-form" method="POST" enctype="multipart/form-data">
|
||||
<input type="hidden" name="action" value="create_note">
|
||||
<div class="form-group">
|
||||
<label for="title">Title:</label>
|
||||
@@ -47,6 +61,20 @@ function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
|
||||
Start typing or drop a file to see preview...
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Priorität:</label>
|
||||
<select name="priority" id="priority">
|
||||
<option value="1">LOW</option>
|
||||
<option value="2">MID</option>
|
||||
<option value="3">HIGH</option>
|
||||
</select>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label for="attachments">Attach Files:</label>
|
||||
<input type="file" id="attachments" name="attachments[]" multiple>
|
||||
</div>
|
||||
|
||||
<div class="form-actions">
|
||||
<button type="submit" class="button">Create Note</button>
|
||||
</div>
|
||||
@@ -54,4 +82,4 @@ function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
|
||||
<input type="hidden" name="do" value="createNote">
|
||||
</form>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
@@ -15,6 +15,8 @@ if (!$note) {
|
||||
echo "<a href='?controller=Notes&page=showNotes&do=showNotes' class='button secondary'>Back to Dashboard</a>";
|
||||
}
|
||||
|
||||
$files = $this->notesModel->getUploadedFiles($noteId);
|
||||
|
||||
function isLoggedIn() {
|
||||
return isset($_SESSION['user_id']);
|
||||
}
|
||||
@@ -37,7 +39,7 @@ function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
|
||||
|
||||
<div id="drop-zone">Drag & drop a .txt or .md file here, or fill manually.</div>
|
||||
|
||||
<form id="note-form" method="POST">
|
||||
<form id="note-form" method="POST" enctype="multipart/form-data">
|
||||
<input type="hidden" name="action" value="update_note">
|
||||
<input type="hidden" name="note_id" value="<?php echo sanitize($note['id']); ?>">
|
||||
<div class="form-group">
|
||||
@@ -54,11 +56,34 @@ function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
|
||||
<?php if($note && !empty($note['content'])) echo $parsedown->text(sanitize($note['content'])); else echo "Start typing or drop a file to see preview..."; ?>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Priorität:</label>
|
||||
<select name="priority" id="priority">
|
||||
<option value="1">LOW</option>
|
||||
<option value="2">MID</option>
|
||||
<option value="3">HIGH</option>
|
||||
</select>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="attachments">Attach additional Files:</label>
|
||||
<input type="file" id="attachments" name="attachments[]" multiple>
|
||||
</div>
|
||||
<?php if($files && count($files) > 0): ?>
|
||||
<div class="form-group">
|
||||
<label>Files currently attached:</label>
|
||||
<ul>
|
||||
<?php foreach($files as $file): ?>
|
||||
<li>
|
||||
<a href="<?php echo substr($_SERVER['PHP_SELF'], 0, -9).'Uploads/'.$file['stored_filename']; ?>" download target="_blank"><?php echo htmlspecialchars($file['original_filename']); ?></a>
|
||||
</li>
|
||||
<?php endforeach; ?>
|
||||
</ul>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<div class="form-actions">
|
||||
<button type="submit" class="button">Update Note</button>
|
||||
</div>
|
||||
<input type="hidden" name="controller" value="Notes">
|
||||
<input type="hidden" name="do" value="editNote">
|
||||
</form>
|
||||
|
||||
</div>
|
||||
|
||||
64
Views/Notes/fileManager.phtml
Normal file
64
Views/Notes/fileManager.phtml
Normal file
@@ -0,0 +1,64 @@
|
||||
<?php include dirname(__DIR__).'/header.phtml'; ?>
|
||||
|
||||
<div class="container">
|
||||
<?php
|
||||
function isLoggedIn() {
|
||||
return isset($_SESSION['user_id']);
|
||||
}
|
||||
|
||||
function isAdmin() {
|
||||
return isLoggedIn() && isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
|
||||
}
|
||||
|
||||
function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
|
||||
return htmlspecialchars((string)$data, $flags, $encoding);
|
||||
}
|
||||
|
||||
$sortBy = $_GET['sort_by'] ?? 'uploaded_at';
|
||||
$sortOrder = strtoupper($_GET['sort_order'] ?? 'DESC'); // Ensure uppercase for comparison
|
||||
?>
|
||||
<div class="page-header">
|
||||
<h2>All Users' Files</h2>
|
||||
</div>
|
||||
|
||||
<?php if (isset($errmsg)): ?>
|
||||
<label class="error-message"><?php echo $errmsg; ?></label>
|
||||
<?php endif; ?>
|
||||
|
||||
<table class="notes-table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th data-sort="id">File ID <span class="sort-icon"><?php if($sortBy === 'id') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th data-sort="original_filename">Original File Name <span class="sort-icon"><?php if($sortBy === 'original_filename') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th data-sort="stored_filename">Stored File Name <span class="sort-icon"><?php if($sortBy === 'stored_filename') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th data-sort="note_id">Note ID <span class="sort-icon"><?php if($sortBy === 'note_id') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th data-sort="owner_username">Owner <span class="sort-icon"><?php if($sortBy === 'owner_username') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th data-sort="uploaded_at">Uploaded At <span class="sort-icon"><?php if($sortBy === 'uploaded_at') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th data-sort="file_size">File Size <span class="sort-icon"><?php if($sortBy === 'file_size') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th>Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php foreach ($files as $file): ?>
|
||||
<tr>
|
||||
<td><?php echo sanitize($file['id']); ?></td>
|
||||
<td><a href="<?php echo substr($_SERVER['PHP_SELF'], 0, -9).'Uploads/'.$file['stored_filename']; ?>"><?php echo sanitize($file['stored_filename']); ?></a></td>
|
||||
<td><?php echo sanitize($file['stored_filename']); ?></td>
|
||||
<td><?php echo sanitize($file['note_id']); ?></td>
|
||||
<td><?php echo sanitize($file['owner_username']); ?></td>
|
||||
<td><?php echo date("d.m.Y H:i", strtotime($file['uploaded_at'])); ?></td>
|
||||
<td><?php echo round(sanitize($file['file_size']) / 1024, 2) . ' KB'; ?></td>
|
||||
<td class="actions-cell">
|
||||
<form method="POST" action="?controller=Notes&do=deleteFile" onsubmit="return confirm('Are you sure you want to delete this file?');" style="display: inline;">
|
||||
<input type="hidden" name="file_id" value="<?php echo $file['id']; ?>">
|
||||
<button type="submit" class="button danger">Delete</button>
|
||||
<input type="hidden" name="controller" value="Notes">
|
||||
<input type="hidden" name="do" value="deleteFile">
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<?php include dirname(__DIR__).'/footer.phtml'; ?>
|
||||
@@ -3,6 +3,9 @@
|
||||
<?php
|
||||
$parsedown = new Parsedown();
|
||||
$parsedown->setSafeMode(true);
|
||||
|
||||
$this->notesModel = new \ppa\Model\NotesModel();
|
||||
$files = $this->notesModel->getUploadedFiles($note['id']);
|
||||
?>
|
||||
|
||||
<div class="container">
|
||||
@@ -24,6 +27,19 @@ $parsedown->setSafeMode(true);
|
||||
<?php echo $parsedown->text($note['content'] ?? ''); ?>
|
||||
</div>
|
||||
|
||||
<div class="note-files">
|
||||
<?php if (isset($files) && count($files) > 0): ?>
|
||||
<h3>Attached Files:</h3>
|
||||
<ul>
|
||||
<?php foreach ($files as $file): ?>
|
||||
<li>
|
||||
<a href="<?php echo substr($_SERVER['PHP_SELF'], 0, -9).'Uploads/'.$file['stored_filename']; ?>" download target="_blank"><?php echo htmlspecialchars($file['original_filename']); ?></a>
|
||||
</li>
|
||||
<?php endforeach; ?>
|
||||
</ul>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
|
||||
<div class="note-actions">
|
||||
<a href="?controller=Notes&page=showNotes&do=showNotes" class="button">Back to Notes</a>
|
||||
<?php if (isset($note['id'])): ?>
|
||||
|
||||
@@ -25,6 +25,10 @@
|
||||
<a href="?controller=Notes&do=createNote" class="button">Create New Note</a>
|
||||
</div>
|
||||
|
||||
<?php if (isset($errmsg)): ?>
|
||||
<label class="error-message"><?php echo $errmsg; ?></label>
|
||||
<?php endif; ?>
|
||||
|
||||
<table class="notes-table">
|
||||
<thead>
|
||||
<tr>
|
||||
@@ -35,6 +39,7 @@
|
||||
<?php endif; ?>
|
||||
<th>Content (Preview)</th>
|
||||
<th data-sort="updated_at">Last Edited <span class="sort-icon"><?php if($sortBy === 'updated_at') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th data-sort="priority">Priority<span class="sort-icon"><?php if($sortBy === 'priority') echo $sortOrder === 'ASC' ? '▲' : '▼'; ?></span></th>
|
||||
<th>Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
@@ -54,6 +59,13 @@
|
||||
?>
|
||||
</td>
|
||||
<td><?php echo date("d.m.Y H:i", strtotime($note['updated_at'])); ?></td>
|
||||
<?php
|
||||
if($note['priority'] === 'LOW') echo ('<td class="style_low";>');
|
||||
elseif($note['priority'] === 'MID') echo ('<td class="style_mid";>');
|
||||
elseif($note['priority'] === 'HIGH') echo ('<td class="style_high";>');
|
||||
echo sanitize($note['priority']);
|
||||
echo ('</td>')
|
||||
?>
|
||||
<td class="actions-cell">
|
||||
<a href="?controller=Notes&do=editNote&id=<?php echo $note['id']; ?>" class="button">Edit</a>
|
||||
<form method="POST" action="?controller=Notes&do=deleteNote" onsubmit="return confirm('Are you sure you want to delete this note?');" style="display: inline;">
|
||||
|
||||
@@ -26,7 +26,14 @@ $this->userModel = new \ppa\Model\UserModel();
|
||||
echo $this->userModel->getUserCount();
|
||||
?>
|
||||
Users
|
||||
</b>
|
||||
</b><br>
|
||||
|
||||
<b style="font-size: 20px; margin: 20px">
|
||||
<?php
|
||||
echo $this->notesModel->getFileCount();
|
||||
?>
|
||||
Files
|
||||
</b><br>
|
||||
|
||||
<?php include dirname(__DIR__).'/footer.phtml'; ?>
|
||||
|
||||
|
||||
@@ -16,6 +16,9 @@
|
||||
<ul>
|
||||
<li><a href="?controller=Welcome&do=showWelcome">Welcome!</a></li>
|
||||
<li><a href="?controller=Notes&do=showNotes">Notes</a></li>
|
||||
<?php if (isset($_SESSION['role']) && $_SESSION['role'] === 'admin'): ?>
|
||||
<li><a href="?controller=Notes&do=fileManager">File Manager</a></li>
|
||||
<?php endif; ?>
|
||||
</ul>
|
||||
</nav>
|
||||
|
||||
@@ -25,7 +28,6 @@
|
||||
<form id="logout-form" method="POST" style="display: inline;">
|
||||
<a class="icon-button" href="?controller=User&do=logoutUser">→</a>
|
||||
</form>
|
||||
<!-- <button class="icon-button" title="More options">⋮</button> -->
|
||||
</div>
|
||||
<?php else: ?>
|
||||
<div class="user-info">
|
||||
|
||||
Reference in New Issue
Block a user