isLoggedIn() || (!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($_REQUEST['appId'],$_REQUEST['versionId'])) )
{
errorpage("Insufficient Privileges!");
exit;
}
//set link for version
if(is_numeric($_REQUEST['versionId']) and !empty($_REQUEST['versionId']))
{
$versionLink = "&versionId={$_REQUEST['versionId']}";
}
else
exit;
if(!is_numeric($_REQUEST['appId']))
{
errorpage('Wrong ID');
exit;
}
if($_REQUEST['sub'] == "Submit")
{
$aInsert = compile_insert_string(array( 'noteTitle' =>$_REQUEST['noteTitle'],
'NoteDesc' => $_REQUEST['noteDesc'],
'appId' => $_REQUEST['appId'],
'versionId' => $_REQUEST['versionId'] ));
if (query_appdb("INSERT INTO `appNotes` ({$aInsert['FIELDS']}) VALUES ({$aInsert['VALUES']})"))
{
// successful
$sEmail = get_notify_email_address_list($_REQUEST['appId'], $_REQUEST['versionId']);
if($sEmail)
{
$sFullAppName = "Application: ".lookupAppName($_REQUEST['appId']);
$sFullAppName .= " Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$sMsg = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\r\n";
$sMsg .= "\r\n";
$sMsg .= $_SESSION['current']->sRealname." added note to ".$sFullAppName."\r\n";
$sMsg .= "\r\n";
$sMsg .= "title: ".$_REQUEST['noteTitle']."\r\n";
$sMsg .= "\r\n";
$sMsg .= $_REQUEST['noteDesc']."\r\n";
mail_appdb($sEmail, $sFullAppName ,$sMsg);
}
$statusMessage = "Note added into the database
\n";
addmsg($statusMessage,Green);
}
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId'].$versionLink));
exit;
}
else if($_REQUEST['sub'] == 'Preview' OR empty($_REQUEST['submit']))
{
apidb_header("Add Application Note");
echo "