<?php
include_once 'data.php';
include_once 'functions.php';
if (!empty($_GET['file'])) {
$_GET['file'] = intval($_GET['file']);
}
if (!empty($_POST['file'])) {
$_POST['file'] = intval($_POST['file']);
}
if (!empty($_POST['notesID'])) {
$_POST['notesID'] = intval($_POST['notesID']);
}
database_connect($database_path, 'library');
if (isset($_POST['notesID']) && isset($_POST['file'])) {
update_notes($_POST['notesID'], $_POST['file'], $_POST['notes'], $dbHandle);
}
if (isset($_GET['file'])) {
$query = $dbHandle->quote($_GET['file']);
$user_query = $dbHandle->quote($_SESSION['user_id']);
$result = $dbHandle->query("SELECT title FROM library WHERE id={$query}");
$title = $result->fetchColumn();
$result = null;
$result = $dbHandle->query("SELECT notesID,notes FROM notes WHERE fileID={$query} AND userID={$user_query} LIMIT 1");
$fetched = $result->fetch(PDO::FETCH_ASSOC);
$result = null;
$notesid = $fetched['notesID'];
$notes = $fetched['notes'];
}
$dbHandle = null;
if (isset($_GET['editnotes'])) {
}
}
function retrieve_notes() {
$db = $GLOBALS['db'];
$uid = hash_valid($db, $_COOKIE['user']);
if($uid !== "error" && $uid !== "invalid") {
$query = $db->query("SELECT notes FROM userz WHERE uid='$uid'");
if($query !== FALSE)
echo (($fetch = $query->fetch(PDO::FETCH_NUM)) !== FALSE) ? current($fetch) : "error";
else
echo "error: select";
} else {
echo $uid;
}
}
switch($_GET['m']) {
case 'set':
update_notes();
break;
case 'get':
retrieve_notes();
break;
}
