claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Cleanup note editing. Improve previewing of notes during addition and editing. Rename note related

Browse Source 
variables to have the proper prefix.
This commit is contained in:
Chris Morgan
2006-06-30 19:48:33 +00:00
committed by WineHQ
parent c4caf6c85f
commit 91b44a3733
4 changed files with 139 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
admin/addAppNote.php
View File

@@ -10,76 +10,61 @@ require(BASE."include/mail.php");
$aClean = array(); //array of filtered user input $aClean = array(); //array of filtered user input
$aClean['versionId'] = makeSafe($_REQUEST['versionId']); $aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']);
$aClean['appId'] = makeSafe( $_REQUEST['appId']); $aClean['iAppId'] = makeSafe( $_REQUEST['iAppId']);
$aClean['sub'] = makeSafe($_REQUEST['sub']); $aClean['sSub'] = makeSafe($_REQUEST['sSub']);
$aClean['submit'] = makeSafe($_REQUEST['submit']); $aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']);
$aClean['noteTitle'] = makeSafe($_REQUEST['noteTitle']);
$aClean['noteDesc'] = makeSafe($_REQUEST['noteDesc']);
//FIXME: get rid of appId references everywhere, as version is enough. //FIXME: get rid of appId references everywhere, as version is enough.
$sQuery = "SELECT appId FROM appVersion WHERE versionId = '?'"; $sQuery = "SELECT appId FROM appVersion WHERE versionId = '?'";
$hResult = query_parameters($sQuery, $aClean['versionId']); $hResult = query_parameters($sQuery, $aClean['iVersionId']);
$oRow = mysql_fetch_object($hResult); $oRow = mysql_fetch_object($hResult);
$appId = $oRow->appId; $appId = $oRow->appId;
//check for admin privs //check for admin privs
if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($aClean['versionId']) && !$_SESSION['current']->isSuperMaintainer($aClean['appId'])) if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->isMaintainer($aClean['iVersionId']) &&
!$_SESSION['current']->isSuperMaintainer($aClean['iAppId']))
{ {
util_show_error_page("Insufficient Privileges!"); util_show_error_page("Insufficient Privileges!");
exit; exit;
} }
//set link for version //set link for version
if(is_numeric($aClean['versionId']) and !empty($aClean['versionId'])) if(is_numeric($aClean['iVersionId']) and !empty($aClean['iVersionId']))
{ {
$versionLink = "versionId={$aClean['versionId']}"; $sVersionLink = "versionId={$aClean['iVersionId']}";
} }
else else
exit; exit;
$oNote = new Note();
$oNote->GetOutputEditorValues();
if($aClean['sub'] == "Submit") if($aClean['sSub'] == "Submit")
{ {
$oNote = new Note(); $oNote->create();
$oNote->create($aClean['noteTitle'], $aClean['noteDesc'], $aClean['versionId']); redirect(apidb_fullurl("appview.php?".$sVersionLink));
redirect(apidb_fullurl("appview.php?".$versionLink));
exit; exit;
} }
else if($aClean['sub'] == 'Preview' OR empty($aClean['submit'])) else if($aClean['sSub'] == 'Preview' OR empty($aClean['sSubmit']))
{ {
HtmlAreaLoaderScript(array("editor")); // show form
apidb_header("Application Note");
apidb_header("Add Application Note"); if($aClean['sSub'] == 'Preview')
$oNote->show(true);
echo "<form method=post action='addAppNote.php'>\n"; echo "<form method=post action='addAppNote.php'>\n";
echo html_frame_start("Add Application Note", "90%","",0);
echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'");
echo "<input type=\"hidden\" name=\"versionId\" value=\"{$aClean['versionId']}\">"; $oNote->OutputEditor();
echo add_br($aClean['noteDesc']);
if ($aClean['noteTitle'] == "HOWTO" || $aClean['noteTitle'] == "WARNING") echo '<center>';
{ echo '<input type="submit" name="sSub" value="Preview">&nbsp',"\n";
echo "<input type=hidden name='noteTitle' value='{$aClean['noteTitle']}'>"; echo '<input type="submit" name="sSub" value="Submit"></td></tr>',"\n";
echo "<tr><td class=color1>Type</td><td class=color0>{$aClean['noteTitle']}</td></tr>\n"; echo '</center>';
}
else
{
echo "<tr><td class=color1>Title</td><td class=color0><input size='80%' type='text' name='noteTitle' type='text' value='{$aClean['noteTitle']}'></td></tr>\n";
}
echo '<tr><td class="color4">Description</td><td class="color0">', "\n";
if ( $aClean['noteDesc'] == "" ) $aClean['noteDesc']="<p>Enter note here</p>";
echo '<p style="width:700px">', "\n";
echo '<textarea cols="80" rows="20" id="editor" name="noteDesc">'.stripslashes($aClean['noteDesc']).'</textarea>',"\n";
echo '</p>';
echo '</td></tr><tr><td colspan="2" align="center" class="color3">',"\n";
echo '<input type="submit" name="sub" value="Preview">&nbsp',"\n";
echo '<input type="submit" name="sub" value="Submit"></td></tr>',"\n";
echo html_table_end();
echo html_frame_end();
echo html_back_link(1,BASE."appview.php?".$versionLink); echo html_back_link(1,BASE."appview.php?".$sVersionLink);
apidb_footer(); apidb_footer();
} }
?> ?>

78
admin/editAppNote.php
View File

@@ -10,22 +10,19 @@ require(BASE."include/mail.php");
$aClean = array(); //array of filtered user input $aClean = array(); //array of filtered user input
$aClean['noteId'] = makeSafe($_REQUEST['noteId']); $aClean['iNoteId'] = makeSafe($_REQUEST['iNoteId']);
$aClean['sub'] = makeSafe($_REQUEST['sub']); $aClean['sSub'] = makeSafe($_REQUEST['sSub']);
$aClean['noteTitle'] = makeSafe($_REQUEST['noteTitle']); $aClean['sSubmit'] = makeSafe($_REQUEST['sSubmit']);
$aClean['noteDesc'] = makeSafe($_REQUEST['noteDesc']); $aClean['sPreview'] = makeSafe($_REQUEST['sPreview']);
$aClean['preview'] = makeSafe($_REQUEST['preview']);
$aClean['appId'] = makeSafe($_REQUEST['appId']);
$aClean['versionId'] = makeSafe($_REQUEST['versionId']);
if(!is_numeric($aClean['noteId'])) if(!is_numeric($aClean['iNoteId']))
{ {
util_show_error_page('Wrong note ID'); util_show_error_page('Wrong note ID');
exit; exit;
} }
/* Get note data */ /* Get note data */
$oNote = new Note($aClean['noteId']); $oNote = new Note($aClean['iNoteId']);
/* Check for privs */ /* Check for privs */
if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($oNote->iVersionId) && !$_SESSION['current']->isSuperMaintainer($oNote->iAppId)) if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($oNote->iVersionId) && !$_SESSION['current']->isSuperMaintainer($oNote->iAppId))
@@ -34,60 +31,41 @@ if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintaine
exit; exit;
} }
if(!empty($aClean['sub'])) if(!empty($aClean['sSub']))
{ {
if ($aClean['sub'] == 'Delete') $oNote->GetOutputEditorValues(); /* retrieve the updated values */
if ($aClean['sSub'] == 'Delete')
{ {
$oNote->delete(); $oNote->delete();
} }
else if ($aClean['sub'] == 'Update') else if ($aClean['sSub'] == 'Update')
{ {
$oNote->update($aClean['noteTitle'],$aClean['noteDesc']); $oNote->update();
} }
redirect(apidb_fullurl("appview.php?versionId={$oNote->iVersionId}")); redirect(apidb_fullurl("appview.php?versionId={$oNote->iVersionId}"));
} } else /* display note */
else
{ {
if (empty($aClean['preview']))
{
$aClean['noteTitle'] = $oNote->sTitle;
$aClean['noteDesc'] = $oNote->sDescription;
$aClean['appId'] = $oNote->iAppId;
$aClean['versionId'] = $oNote->iVersionId;
}
HtmlAreaLoaderScript(array("editor"));
// show form // show form
apidb_header("Edit Application Note"); apidb_header("Application Note");
/* if preview is set display the note for review */
if($aClean['sPreview'])
{
$oNote->GetOutputEditorValues(); /* retrieve the updated values */
$oNote->show(true);
}
echo "<form method=post action='editAppNote.php'>\n"; echo "<form method=post action='editAppNote.php'>\n";
echo html_frame_start("Edit Application Note {$aClean['noteId']}", "90%","",0);
echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'");
echo add_br($aClean['noteDesc']);
echo '<input type="hidden" name="noteId" value='.$aClean['noteId'].'>'; /* display the editor for this note */
$oNote->OutputEditor();
if ($aClean['noteTitle'] == "HOWTO" || $aClean['noteTitle'] == "WARNING") echo '<center>';
{ echo '<input type="submit" name=sPreview value="Preview">&nbsp',"\n";
echo '<tr><td class=color1>Title (Do not change)</td>'; echo '<input type="submit" name=sSub value="Update">&nbsp',"\n";
echo '<td class=color0><input size=80% type="text" name="noteTitle" type="text" value="'.$aClean['noteTitle'].'"></td></tr>',"\n"; echo '<input type="submit" name=sSub value="Delete"></td></tr>',"\n";
} echo '</center>';
else
{
echo '<tr><td class=color1>Title</td><td class=color0><input size=80% type="text" name="noteTitle" type="text" value="'.$aClean['noteTitle'].'"></td></tr>',"\n";
}
echo '<tr><td class=color4>Description</td><td class=color0>', "\n";
echo '<p style="width:700px">', "\n";
echo '<textarea cols="80" rows="20" id="editor" name="noteDesc">'.$aClean['noteDesc'].'</textarea>',"\n";
echo '</p>';
echo '</td></tr><tr><td colspan="2" align="center" class="color3">',"\n";
echo '<input type="submit" name=preview value="Preview">&nbsp',"\n";
echo '<input type="submit" name=sub value="Update">&nbsp',"\n";
echo '<input type="submit" name=sub value="Delete"></td></tr>',"\n";
echo html_table_end();
echo html_frame_end();
echo html_back_link(1,BASE."appview.php?versionId=".$oNote->iVersionId); echo html_back_link(1,BASE."appview.php?versionId=".$oNote->iVersionId);
} }

91
include/note.php
View File

@@ -47,16 +47,16 @@ class Note {
* Informs interested people about the creation. * Informs interested people about the creation.
* Returns true on success, false on failure * Returns true on success, false on failure
*/ */
function create($sTitle, $sDescription, $iVersionId) function create()
{ {
$hResult = query_parameters("INSERT INTO appNotes (versionId, noteTitle, noteDesc) ". $hResult = query_parameters("INSERT INTO appNotes (versionId, noteTitle, noteDesc) ".
"VALUES('?', '?', '?')", "VALUES('?', '?', '?')",
$iVersionId, $sTitle, $sDescription); $this->iVersionId, $this->sTitle, $this->sDescription);
if($hResult) if($hResult)
{ {
$this->note(mysql_insert_id()); $this->note(mysql_insert_id());
$sWhatChanged = "Description is:\n".$sDescription.".\n\n"; $sWhatChanged = "Description is:\n".$this->sDescription.".\n\n";
$this->SendNotificationMail("add", $sWhatChanged); $this->SendNotificationMail("add", $sWhatChanged);
return true; return true;
} }
@@ -72,37 +72,44 @@ class Note {
* Update note. * Update note.
* Returns true on success and false on failure. * Returns true on success and false on failure.
*/ */
function update($sTitle=null, $sDescription=null, $iVersionId=null) function update()
{ {
$sWhatChanged = ""; $sWhatChanged = "";
if ($sTitle && $sTitle!=$this->sTitle) /* create an instance of ourselves so we can see what has changed */
$oNote = new Note($this->iNoteId);
if ($this->sTitle && $this->sTitle!=$oNote->sTitle)
{ {
if (!query_parameters("UPDATE appNotes SET noteTitle = '?' WHERE noteId = '?'", if (!query_parameters("UPDATE appNotes SET noteTitle = '?' WHERE noteId = '?'",
$sTitle, $this->iNoteId)) $this->sTitle, $this->iNoteId))
return false; return false;
$sWhatChanged .= "Title was changed from ".$this->sTitle." to ".$sTitle.".\n\n"; $sWhatChanged .= "Title was changed from ".$oNote->sTitle." to ".$this->sTitle.".\n\n";
$this->sTitle = $sTitle;
} }
if ($sDescription && $sDescription!=$this->sDescription) if ($this->sDescription && $this->sDescription!=$oNote->sDescription)
{ {
if (!query_parameters("UPDATE appNotes SET noteDesc = '?' WHERE noteId = '?'", if (!query_parameters("UPDATE appNotes SET noteDesc = '?' WHERE noteId = '?'",
$sDescription, $this->iNoteId)) $this->sDescription, $this->iNoteId))
return false; return false;
$sWhatChanged .= "Description was changed from\n ".$this->sDescription."\n to \n".$sDescription.".\n\n"; $sWhatChanged .= "Description was changed from\n ".$oNote->sDescription."\n to \n".$this->sDescription.".\n\n";
$this->sDescription = $sDescription;
} }
if ($iVersionId && $iVersionId!=$this->iVersionId) if ($this->iVersionId && $this->iVersionId!=$oNote->iVersionId)
{ {
if (!query_parameters("UPDATE appNotes SET versionId = '?' WHERE noteId = '?'", if (!query_parameters("UPDATE appNotes SET versionId = '?' WHERE noteId = '?'",
$iVersionId, $this->iNoteId)) $this->iVersionId, $this->iNoteId))
return false; return false;
$oVersionBefore = new Version($this->iVersionId); $sVersionBefore = Version::lookup_name($oNote->iVersionId);
$oVersionAfter = new Version($iVersionId); $sVersionAfter = Version::lookup_name($this->iVersionId);
$sWhatChanged .= "Version was changed from ".$oVersionBefore->sName." to ".$oVersionAfter->sName.".\n\n"; $sWhatChanged .= "Version was changed from ".$sVersionBefore." to ".$sVersionAfter.".\n\n";
$this->iVersionId = $iVersionId; $this->iVersionId = $iVersionId;
//TODO: iAppId isn't in the appNotes table
// and we only use it for permissions checking in showNote() and in SendNotificationEmail
// we may be able to look it up on the fly if we had a more efficient way of doing so
// instead of having to construct a version object each time
$oVersionAfter = new Version($this->iVersionId);
$this->iAppId = $oVersionAfter->iAppId; $this->iAppId = $oVersionAfter->iAppId;
} }
if($sWhatChanged) if($sWhatChanged)
@@ -160,7 +167,9 @@ class Note {
} }
/* Show note */ /* Show note */
function show() /* $bDisplayOnly means we should not display any editing controls, even if */
/* the user has the ability to edit this note */
function show($bDisplayOnly = false)
{ {
switch($this->sTitle) switch($this->sTitle)
{ {
@@ -191,20 +200,64 @@ class Note {
$shOutput .= $this->sDescription; $shOutput .= $this->sDescription;
$shOutput .= "</td></tr>\n"; $shOutput .= "</td></tr>\n";
if(!$bDisplayOnly)
{
if ($_SESSION['current']->hasPriv("admin") || if ($_SESSION['current']->hasPriv("admin") ||
$_SESSION['current']->isMaintainer($this->iVersionId) || $_SESSION['current']->isMaintainer($this->iVersionId) ||
$_SESSION['current']->isSuperMaintainer($this->iAppId)) $_SESSION['current']->isSuperMaintainer($this->iAppId))
{ {
$shOutput .= "<tr class=\"color1\" align=\"center\" valign=\"top\"><td>"; $shOutput .= "<tr class=\"color1\" align=\"center\" valign=\"top\"><td>";
$shOutput .= "<form method=\"post\" name=\"message\" action=\"admin/editAppNote.php?noteId={$this->iNoteId}\">"; $shOutput .= "<form method=\"post\" name=\"message\" action=\"admin/editAppNote.php?iNoteId={$this->iNoteId}\">";
$shOutput .= '<input type="submit" value="Edit Note" class="button">'; $shOutput .= '<input type="submit" value="Edit Note" class="button">';
$shOutput .= '</form></td></tr>'; $shOutput .= '</form></td></tr>';
} }
}
$shOutput .= "</table>\n"; $shOutput .= "</table>\n";
$shOutput .= html_frame_end(); $shOutput .= html_frame_end();
echo $shOutput; echo $shOutput;
} }
function OutputEditor()
{
HtmlAreaLoaderScript(array("editor"));
echo html_frame_start("Edit Application Note {$aClean['noteId']}", "90%","",0);
echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'");
echo '<input type="hidden" name="iNoteId" value='.$this->iNoteId.'>';
echo '<input type="hidden" name="iAppId" value='.$this->iAppId.'>';
echo '<input type="hidden" name="iVersionId" value='.$this->iVersionId.'>';
echo '<tr><td class=color1>Title</td>'."\n";
echo ' <td class=color0><input size=80% type="text" name="sNoteTitle" type="text" value="'.$this->sTitle.'"></td></tr>',"\n";
echo '<tr><td class=color4>Description</td><td class=color0>', "\n";
echo '<p style="width:700px">', "\n";
echo '<textarea cols="80" rows="20" id="editor" name="sNoteDesc">'.$this->sDescription.'</textarea>',"\n";
echo '</p>';
echo '</td></tr>'."\n";
echo '<tr><td colspan="2" align="center" class="color3">',"\n";
echo html_table_end();
echo html_frame_end();
}
/* retrieves values from $_REQUEST that were output by OutputEditor() */
function GetOutputEditorValues()
{
$aClean = array(); //array of filtered user input
$aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']);
$aClean['iAppId'] = makeSafe( $_REQUEST['iAppId']);
$aClean['sNoteTitle'] = makeSafe($_REQUEST['sNoteTitle']);
$aClean['sNoteDesc'] = makeSafe($_REQUEST['sNoteDesc']);
$this->iVersionId = $aClean['iVersionId'];
$this->iAppId = $aClean['iAppId'];
$this->sTitle = $aClean['sNoteTitle'];
$this->sDescription = $aClean['sNoteDesc'];
}
} }
?> ?>

10
include/version.php
View File

@@ -773,15 +773,15 @@ class Version {
echo '<input type=submit value="Delete Version" class="button" />'; echo '<input type=submit value="Delete Version" class="button" />';
echo '</form>'; echo '</form>';
echo '<form method="post" name="message" action="admin/addAppNote.php">'; echo '<form method="post" name="message" action="admin/addAppNote.php">';
echo '<input type="hidden" name="versionId" value="'.$this->iVersionId.'" />'; echo '<input type="hidden" name="iVersionId" value="'.$this->iVersionId.'" />';
echo '<input type="submit" value="Add Note" class="button" />'; echo '<input type="submit" value="Add Note" class="button" />';
echo '</form>'; echo '</form>';
echo '<form method=post name=message action=admin/addAppNote.php?versionId='.$this->iVersionId.'>'; echo '<form method=post name=message action=admin/addAppNote.php?iVersionId='.$this->iVersionId.'>';
echo '<input type=hidden name="noteTitle" value="HOWTO" />'; echo '<input type=hidden name="sNoteTitle" value="HOWTO" />';
echo '<input type=submit value="Add How To" class="button" />'; echo '<input type=submit value="Add How To" class="button" />';
echo '</form>'; echo '</form>';
echo '<form method=post name=message action=admin/addAppNote.php?versionId='.$this->iVersionId.'>'; echo '<form method=post name=message action=admin/addAppNote.php?iVersionId='.$this->iVersionId.'>';
echo '<input type=hidden name="noteTitle" value="WARNING" />'; echo '<input type=hidden name="sNoteTitle" value="WARNING" />';
echo '<input type=submit value="Add Warning" class="button" />'; echo '<input type=submit value="Add Warning" class="button" />';
echo '</form>'; echo '</form>';
echo "</td></tr>"; echo "</td></tr>";