is_maintainer($_REQUEST['appId'],$_REQUEST['versionId'])) )
{
errorpage("Insufficient Privileges!");
exit;
}
//set link for version
if(is_numeric($_REQUEST['versionId']) and !empty($_REQUEST['versionId']))
{
$versionLink = "&versionId={$_REQUEST['versionId']}";
}
else
exit;
if(!is_numeric($_REQUEST['appId']))
{
errorpage('Wrong ID');
exit;
}
if($_REQUEST['sub'] == "Submit")
{
$aInsert = compile_insert_string(array( 'noteTitle' =>$_REQUEST['noteTitle'],
'NoteDesc' => $_REQUEST['noteDesc'],
'appId' => $_REQUEST['appId'],
'versionId' => $_REQUEST['versionId'] ));
if (query_appdb("INSERT INTO `appNotes` ({$aInsert['FIELDS']}) VALUES ({$aInsert['VALUES']})"))
{
// successful
$email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
if($email)
{
$fullAppName = "Application: ".lookupAppName($_REQUEST['appId']);
$fullAppName .= " Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n";
$ms .= "\n";
$ms .= ($_SESSION['current']->realname ? $_SESSION['current']->realname : "Anonymous")." added note to ".$fullAppName."\n";
$ms .= "\n";
$ms .= "title: ".$_REQUEST['noteTitle']."\n";
$ms .= "\n";
$ms .= $_REQUEST['noteDesc']."\n";
$ms .= "\n";
$ms .= STANDARD_NOTIFY_FOOTER;
mail( "", "[AppDB] ".$fullAppName ,$ms, "Bcc: ".stripslashes( $email));
} else
{
$email = "no one";
}
addmsg("mesage sent to: ".$email, green);
$statusMessage = "Note added into the database
\n";
addmsg($statusMessage,Green);
}
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId'].$versionLink));
exit;
}
else if($_REQUEST['sub'] == 'Preview' OR empty($_REQUEST['submit']))
{
apidb_header("Add Application Note");
echo "