qemudb/admin/editAppNote.php

<?php
/****************/
/* Edit AppNote */
/****************/

include("path.php");
include(BASE."include/"."incl.php");
require(BASE."include/"."application.php");

if(!is_numeric($_REQUEST['noteId']))
{
    errorpage('Wrong note ID');
    exit;
}  

/* Get note data */
$sQuery = "SELECT * from appNotes where noteId = {$_REQUEST['noteId']}";
$hResult = query_appdb($sQuery);
$ob = mysql_fetch_object($hResult);

/* Check for privs */
if(!loggedin() || (!havepriv("admin") && !$_SESSION['current']->is_maintainer($ob->appId,$ob->versionId)) )
{
    errorpage("Insufficient Privileges!");
    exit;
}

if(isset($_REQUEST['sub']))
{
    $sOldNoteTitle = $ob->noteTitle;
    $sOldNoteDesc  = $ob->noteDesc;
    
    $sFullAppName = "Application: ".lookupAppName($ob->appId)." Version: ".lookupVersionName($ob->appId, $ob->versionId);
    
    /* Start of e-mail */
    $ms = APPDB_ROOT."appview.php?appId={$ob->appId}&versionId={$ob->versionId}"."\n";
    $ms .= "\n";
            
    $sEmail = getNotifyEmailAddressList($ob->appId, $ob->versionId);
    
    if ($_REQUEST['sub'] == 'Delete')
    {
        // delete Note
        query_appdb("DELETE from `appNotes` where noteId = {$_REQUEST['noteId']}");
       
        if($sEmail)
        {
            $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." deleted note from ".$sFullAppName."\n";
            $ms .= "\n";
            $ms .= "title: ".$sOldNoteTitle."\n";
            $ms .= "\n";
            $ms .= $sOldNoteDesc."\n";
            $ms .= "\n";
            $ms .= STANDARD_NOTIFY_FOOTER;

            mail(stripslashes($sEmail), "[AppDB] ".$sFullAppName ,$ms);
        } else
        {
            $sEmail = "no one";
        }
        
        addmsg("mesage sent to: ".$sEmail, 'green');
        // success
        addmsg("Note Deleted.", "green");
    } 
    else if ($_REQUEST['sub'] == 'Update')
    {
        $sUpdate = compile_update_string(array( 'noteTitle' => $_REQUEST['noteTitle'],
                                               'noteDesc'  => $_REQUEST['noteDesc']));
        
        query_appdb("UPDATE appNotes SET $sUpdate WHERE noteId = {$_REQUEST['noteId']}");
        
        if($sEmail)
        {
            $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." changed note for ".$sFullAppName."\n";
            $ms .= "From --------------------------\n";
            $ms .= "title: ".$sOldNoteTitle."\n";
            $ms .= "\n";
            $ms .= $sOldNoteDesc."\n";
            $ms .= "To --------------------------\n";
            $ms .= "title: ".$_REQUEST['noteTitle']."\n";
            $ms .= "\n";
            $ms .= $_REQUEST['noteDesc']."\n";
            $ms .= "\n";
            $ms .= STANDARD_NOTIFY_FOOTER;

            mail(stripslashes($sEmail), "[AppDB] ".$sFullAppName ,$ms);

        } else
        {
            $sEmail = "no one";
        }
        addmsg("mesage sent to: ".$sEmail, green);

        addmsg("Note Updated", "green");
    }
    
    redirect(apidb_fullurl("appview.php?appId={$ob->appId}&versionId={$ob->versionId}"));
}
else
{
    if (!isset($_REQUEST['preview']))
    {
        $_REQUEST['noteTitle'] = $ob->noteTitle;
        $_REQUEST['noteDesc']  = $ob->noteDesc;
        $_REQUEST['appId'] = $ob->appId;
        $_REQUEST['versionId'] = $ob->versionId;
    }
    // show form
    apidb_header("Edit Application Note");

    echo "<form method=post action='editAppNote.php'>\n";
    echo html_frame_start("Edit Application Note {$_REQUEST['noteId']}", "90%","",0);
    echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'");
    echo '<tr><td colspan=2 class=color4>';
    echo '<center><b>You can use html to make your Warning, Howto or Note look better.</b></center>';
    echo '</td></tr>',"\n";

    echo add_br($_REQUEST['noteDesc']);
    
    echo '<input type=hidden name="noteId" value='.$_REQUEST['noteId'].'>';
    
    if ($_REQUEST['noteTitle'] == "HOWTO" || $_REQUEST['noteTitle'] == "WARNING")
    {
        echo '<tr><td class=color1>Title (Do not change)</td>';
        echo '<td class=color0><input size=80% type="text" name="noteTitle" type="text" value="'.$_REQUEST['noteTitle'].'"></td></tr>',"\n";
    }
    else
    {
        echo '<tr><td class=color1>Title</td><td class=color0><input size=80% type="text" name="noteTitle" type="text" value="'.$_REQUEST['noteTitle'].'"></td></tr>',"\n";
    }
    echo '<tr><td class=color4>Description</td><td class=color0>', "\n";
    echo '<textarea cols=50 rows=10 name="noteDesc">'.stripslashes($_REQUEST['noteDesc']).'</textarea></td></tr>',"\n";
    echo '<tr><td colspan=2 align=center class=color3>',"\n";
    echo '<input type="submit" name=preview value="Preview">&nbsp',"\n";
    echo '<input type="submit" name=sub value="Update">&nbsp',"\n";
    echo '<input type="submit" name=sub value="Delete"></td></tr>',"\n";

    echo html_table_end();
    echo html_frame_end();
    
    echo html_back_link();

}

apidb_footer();

?>
- replaced tons of tabs with spaces - replaced <? with <?php for compatibility sake (see TODO and CODING_STANDARD to know more) - improved overall code lisibility 2004-12-12 03:51:51 +00:00			`<?php`
			`/****************/`
			`/* Edit AppNote */`
			`/****************/`
Initial revision 2004-03-15 16:22:00 +00:00
			`include("path.php");`
			`include(BASE."include/"."incl.php");`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`require(BASE."include/"."application.php");`
Initial revision 2004-03-15 16:22:00 +00:00
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`if(!is_numeric($_REQUEST['noteId']))`
Initial revision 2004-03-15 16:22:00 +00:00			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`errorpage('Wrong note ID');`
Initial revision 2004-03-15 16:22:00 +00:00			`exit;`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`}`

			`/* Get note data */`
			`$sQuery = "SELECT * from appNotes where noteId = {$_REQUEST['noteId']}";`
			`$hResult = query_appdb($sQuery);`
			`$ob = mysql_fetch_object($hResult);`
Initial revision 2004-03-15 16:22:00 +00:00
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`/* Check for privs */`
			`if(!loggedin() \|\| (!havepriv("admin") && !$_SESSION['current']->is_maintainer($ob->appId,$ob->versionId)) )`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`errorpage("Insufficient Privileges!");`
			`exit;`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`}`
Initial revision 2004-03-15 16:22:00 +00:00
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`if(isset($_REQUEST['sub']))`
Initial revision 2004-03-15 16:22:00 +00:00			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`$sOldNoteTitle = $ob->noteTitle;`
			`$sOldNoteDesc = $ob->noteDesc;`

			`$sFullAppName = "Application: ".lookupAppName($ob->appId)." Version: ".lookupVersionName($ob->appId, $ob->versionId);`

			`/* Start of e-mail */`
			`$ms = APPDB_ROOT."appview.php?appId={$ob->appId}&versionId={$ob->versionId}"."\n";`
			`$ms .= "\n";`

			`$sEmail = getNotifyEmailAddressList($ob->appId, $ob->versionId);`

			`if ($_REQUEST['sub'] == 'Delete')`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`// delete Note`
			query_appdb("DELETE from `appNotes` where noteId = {$_REQUEST['noteId']}");

			`if($sEmail)`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`$ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." deleted note from ".$sFullAppName."\n";`
			`$ms .= "\n";`
			`$ms .= "title: ".$sOldNoteTitle."\n";`
			`$ms .= "\n";`
			`$ms .= $sOldNoteDesc."\n";`
			`$ms .= "\n";`
			`$ms .= STANDARD_NOTIFY_FOOTER;`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`mail(stripslashes($sEmail), "[AppDB] ".$sFullAppName ,$ms);`
			`} else`
			`{`
			`$sEmail = "no one";`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`}`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00
			`addmsg("mesage sent to: ".$sEmail, 'green');`
			`// success`
			`addmsg("Note Deleted.", "green");`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`}`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`else if ($_REQUEST['sub'] == 'Update')`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`$sUpdate = compile_update_string(array( 'noteTitle' => $_REQUEST['noteTitle'],`
			`'noteDesc' => $_REQUEST['noteDesc']));`

			`query_appdb("UPDATE appNotes SET $sUpdate WHERE noteId = {$_REQUEST['noteId']}");`

			`if($sEmail)`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`$ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." changed note for ".$sFullAppName."\n";`
			`$ms .= "From --------------------------\n";`
			`$ms .= "title: ".$sOldNoteTitle."\n";`
			`$ms .= "\n";`
			`$ms .= $sOldNoteDesc."\n";`
			`$ms .= "To --------------------------\n";`
			`$ms .= "title: ".$_REQUEST['noteTitle']."\n";`
			`$ms .= "\n";`
			`$ms .= $_REQUEST['noteDesc']."\n";`
			`$ms .= "\n";`
			`$ms .= STANDARD_NOTIFY_FOOTER;`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`mail(stripslashes($sEmail), "[AppDB] ".$sFullAppName ,$ms);`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`} else`
			`{`
			`$sEmail = "no one";`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`}`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`addmsg("mesage sent to: ".$sEmail, green);`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`addmsg("Note Updated", "green");`
			`}`

			`redirect(apidb_fullurl("appview.php?appId={$ob->appId}&versionId={$ob->versionId}"));`
Initial revision 2004-03-15 16:22:00 +00:00			`}`
			`else`
			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`if (!isset($_REQUEST['preview']))`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`$_REQUEST['noteTitle'] = $ob->noteTitle;`
			`$_REQUEST['noteDesc'] = $ob->noteDesc;`
			`$_REQUEST['appId'] = $ob->appId;`
			`$_REQUEST['versionId'] = $ob->versionId;`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`}`
Initial revision 2004-03-15 16:22:00 +00:00			`// show form`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`apidb_header("Edit Application Note");`
Initial revision 2004-03-15 16:22:00 +00:00
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`echo "<form method=post action='editAppNote.php'>\n";`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`echo html_frame_start("Edit Application Note {$_REQUEST['noteId']}", "90%","",0);`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'");`
			`echo '<tr><td colspan=2 class=color4>';`
			`echo '<center><b>You can use html to make your Warning, Howto or Note look better.</b></center>';`
			`echo '</td></tr>',"\n";`
Initial revision 2004-03-15 16:22:00 +00:00
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`echo add_br($_REQUEST['noteDesc']);`

			`echo '<input type=hidden name="noteId" value='.$_REQUEST['noteId'].'>';`

			`if ($_REQUEST['noteTitle'] == "HOWTO" \|\| $_REQUEST['noteTitle'] == "WARNING")`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`{`
			`echo '<tr><td class=color1>Title (Do not change)</td>';`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`echo '<td class=color0><input size=80% type="text" name="noteTitle" type="text" value="'.$_REQUEST['noteTitle'].'"></td></tr>',"\n";`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`}`
			`else`
			`{`
- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`echo '<tr><td class=color1>Title</td><td class=color0><input size=80% type="text" name="noteTitle" type="text" value="'.$_REQUEST['noteTitle'].'"></td></tr>',"\n";`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`}`
			`echo '<tr><td class=color4>Description</td><td class=color0>', "\n";`
Clean up HTML and PHP, remove extranious checks for loggedin() 2004-12-29 20:21:31 +00:00			`echo '<textarea cols=50 rows=10 name="noteDesc">'.stripslashes($_REQUEST['noteDesc']).'</textarea></td></tr>',"\n";`
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`echo '<tr><td colspan=2 align=center class=color3>',"\n";`
			`echo '<input type="submit" name=preview value="Preview">&nbsp',"\n";`
			`echo '<input type="submit" name=sub value="Update">&nbsp',"\n";`
			`echo '<input type="submit" name=sub value="Delete"></td></tr>',"\n";`
Initial revision 2004-03-15 16:22:00 +00:00
- Let Maintainers add, edit and delete Notes. - Display out front, special class notes ( WARNING & HOWTO ) 2004-12-01 22:33:48 +00:00			`echo html_table_end();`
			`echo html_frame_end();`

- Use super globals - Use include/db.php (including the new query compile function) - Better input checking - Cleanup - Use the new variable naming 2004-12-29 18:49:19 +00:00			`echo html_back_link();`
Initial revision 2004-03-15 16:22:00 +00:00
			`}`

			`apidb_footer();`

			`?>`