<?php include_once 'data.php'; include_once 'functions.php'; if (!empty($_GET['file'])) { $_GET['file'] = intval($_GET['file']); } if (!empty($_POST['file'])) { $_POST['file'] = intval($_POST['file']); } if (!empty($_POST['notesID'])) { $_POST['notesID'] = intval($_POST['notesID']); } database_connect($database_path, 'library'); if (isset($_POST['notesID']) && isset($_POST['file'])) { update_notes($_POST['notesID'], $_POST['file'], $_POST['notes'], $dbHandle); } if (isset($_GET['file'])) { $query = $dbHandle->quote($_GET['file']); $user_query = $dbHandle->quote($_SESSION['user_id']); $result = $dbHandle->query("SELECT title FROM library WHERE id={$query}"); $title = $result->fetchColumn(); $result = null; $result = $dbHandle->query("SELECT notesID,notes FROM notes WHERE fileID={$query} AND userID={$user_query} LIMIT 1"); $fetched = $result->fetch(PDO::FETCH_ASSOC); $result = null; $notesid = $fetched['notesID']; $notes = $fetched['notes']; } $dbHandle = null; if (isset($_GET['editnotes'])) {
} } function retrieve_notes() { $db = $GLOBALS['db']; $uid = hash_valid($db, $_COOKIE['user']); if($uid !== "error" && $uid !== "invalid") { $query = $db->query("SELECT notes FROM userz WHERE uid='$uid'"); if($query !== FALSE) echo (($fetch = $query->fetch(PDO::FETCH_NUM)) !== FALSE) ? current($fetch) : "error"; else echo "error: select"; } else { echo $uid; } } switch($_GET['m']) { case 'set': update_notes(); break; case 'get': retrieve_notes(); break; }