83 lines
3.1 KiB
PHTML
83 lines
3.1 KiB
PHTML
<?php
|
|
use ppa\Model\NotesModel;
|
|
include dirname(__DIR__).'/header.phtml';
|
|
|
|
$parsedown = new Parsedown();
|
|
$parsedown->setSafeMode(true);
|
|
|
|
$this->notesModel = new \ppa\Model\NotesModel();
|
|
|
|
$note = null;
|
|
$noteId = $_GET['id'] ?? 0;
|
|
$note = $this->notesModel->getNoteById($noteId, $_SESSION['user_id']);
|
|
if (!$note) {
|
|
echo "<div class='alert alert-danger'>Note not found or you don't have permission to edit it.</div>";
|
|
echo "<a href='?controller=Notes&page=showNotes&do=showNotes' class='button secondary'>Back to Dashboard</a>";
|
|
}
|
|
|
|
$files = $this->notesModel->getUploadedFiles($noteId);
|
|
|
|
function isLoggedIn() {
|
|
return isset($_SESSION['user_id']);
|
|
}
|
|
|
|
function isAdmin() {
|
|
return isLoggedIn() && isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
|
|
}
|
|
|
|
function sanitize($data, $flags = ENT_QUOTES, $encoding = 'UTF-8') {
|
|
return htmlspecialchars((string)$data, $flags, $encoding);
|
|
}
|
|
?>
|
|
|
|
<div class="container">
|
|
|
|
<div class="page-header">
|
|
<h2><?php echo 'Edit Note' . (isAdmin() && $note && $note['user_id'] != $_SESSION['user_id'] ? ' (Admin Edit - Owner: '.sanitize($note['owner_username']).')' : '') ?></h2>
|
|
<a href="?controller=Notes&page=showNotes&do=showNotes" class="button secondary">Cancel</a>
|
|
</div>
|
|
|
|
<div id="drop-zone">Drag & drop a .txt or .md file here, or fill manually.</div>
|
|
|
|
<form id="note-form" method="POST" enctype="multipart/form-data">
|
|
<input type="hidden" name="action" value="update_note">
|
|
<input type="hidden" name="note_id" value="<?php echo sanitize($note['id']); ?>">
|
|
<div class="form-group">
|
|
<label for="title">Title:</label>
|
|
<input type="text" id="title" name="title" value="<?php echo $note ? sanitize($note['title']) : ''; ?>" required>
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="content">Content (Markdown supported):</label>
|
|
<textarea id="content" name="content" rows="10" required><?php echo $note ? sanitize($note['content']) : ''; ?></textarea>
|
|
</div>
|
|
<div class="form-group">
|
|
<label>Live Markdown Preview:</label>
|
|
<div id="markdown-preview" class="markdown-preview">
|
|
<?php if($note && !empty($note['content'])) echo $parsedown->text(sanitize($note['content'])); else echo "Start typing or drop a file to see preview..."; ?>
|
|
</div>
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="attachments">Attach additional Files:</label>
|
|
<input type="file" id="attachments" name="attachments[]" multiple>
|
|
</div>
|
|
<?php if($files && count($files) > 0): ?>
|
|
<div class="form-group">
|
|
<label>Files currently attached:</label>
|
|
<ul>
|
|
<?php foreach($files as $file): ?>
|
|
<li>
|
|
<a href="/EIANotesApp/Uploads/<?php echo $file['stored_filename']; ?>" download target="_blank"><?php echo htmlspecialchars($file['original_filename']); ?></a>
|
|
</li>
|
|
<?php endforeach; ?>
|
|
</ul>
|
|
</div>
|
|
<?php endif; ?>
|
|
<div class="form-actions">
|
|
<button type="submit" class="button">Update Note</button>
|
|
</div>
|
|
<input type="hidden" name="controller" value="Notes">
|
|
<input type="hidden" name="do" value="editNote">
|
|
</form>
|
|
|
|
</div>
|