2023-07-25 14:40:31 +00:00
|
|
|
<?php
|
|
|
|
namespace Misuzu;
|
|
|
|
|
|
|
|
use RuntimeException;
|
|
|
|
|
2024-12-02 02:28:08 +00:00
|
|
|
if(!isset($msz) || !($msz instanceof \Misuzu\MisuzuContext))
|
|
|
|
die('Script must be called through the Misuzu route dispatcher.');
|
|
|
|
|
2024-11-30 04:09:29 +00:00
|
|
|
if(!$msz->authInfo->getPerms('user')->check(Perm::U_NOTES_MANAGE))
|
2023-08-31 15:59:53 +00:00
|
|
|
Template::throwError(403);
|
2023-07-25 14:40:31 +00:00
|
|
|
|
|
|
|
$hasNoteId = filter_has_var(INPUT_GET, 'n');
|
|
|
|
$hasUserId = filter_has_var(INPUT_GET, 'u');
|
|
|
|
|
2023-08-31 15:59:53 +00:00
|
|
|
if((!$hasNoteId && !$hasUserId) || ($hasNoteId && $hasUserId))
|
|
|
|
Template::throwError(400);
|
2023-07-25 14:40:31 +00:00
|
|
|
|
|
|
|
if($hasUserId) {
|
|
|
|
$isNew = true;
|
|
|
|
|
|
|
|
try {
|
2024-11-30 04:09:29 +00:00
|
|
|
$userInfo = $msz->usersCtx->getUserInfo(filter_input(INPUT_GET, 'u', FILTER_SANITIZE_NUMBER_INT));
|
2023-07-25 14:40:31 +00:00
|
|
|
} catch(RuntimeException $ex) {
|
2023-08-31 15:59:53 +00:00
|
|
|
Template::throwError(404);
|
2023-07-25 14:40:31 +00:00
|
|
|
}
|
|
|
|
|
2024-11-30 04:09:29 +00:00
|
|
|
$authorInfo = $msz->authInfo->userInfo;
|
2023-07-25 14:40:31 +00:00
|
|
|
} elseif($hasNoteId) {
|
|
|
|
$isNew = false;
|
|
|
|
|
|
|
|
try {
|
2024-11-30 04:09:29 +00:00
|
|
|
$noteInfo = $msz->usersCtx->modNotes->getNote((string)filter_input(INPUT_GET, 'n', FILTER_SANITIZE_NUMBER_INT));
|
2023-07-25 14:40:31 +00:00
|
|
|
} catch(RuntimeException $ex) {
|
2023-08-31 15:59:53 +00:00
|
|
|
Template::throwError(404);
|
2023-07-25 14:40:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if($_SERVER['REQUEST_METHOD'] === 'GET' && filter_has_var(INPUT_GET, 'delete')) {
|
2023-08-31 15:59:53 +00:00
|
|
|
if(!CSRF::validateRequest())
|
|
|
|
Template::throwError(403);
|
|
|
|
|
2024-11-30 04:09:29 +00:00
|
|
|
$msz->usersCtx->modNotes->deleteNotes($noteInfo);
|
|
|
|
$msz->createAuditLog('MOD_NOTE_DELETE', [$noteInfo->id, $noteInfo->userId]);
|
|
|
|
Tools::redirect($msz->urls->format('manage-users-notes', ['user' => $noteInfo->userId]));
|
2023-07-25 14:40:31 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2024-11-30 04:09:29 +00:00
|
|
|
$userInfo = $msz->usersCtx->getUserInfo($noteInfo->userId);
|
|
|
|
$authorInfo = $noteInfo->authorId !== null ? $msz->usersCtx->getUserInfo($noteInfo->authorId) : null;
|
2023-07-25 14:40:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
|
|
|
$title = trim((string)filter_input(INPUT_POST, 'mn_title'));
|
|
|
|
$body = trim((string)filter_input(INPUT_POST, 'mn_body'));
|
|
|
|
|
|
|
|
if($isNew) {
|
2024-11-30 04:09:29 +00:00
|
|
|
$noteInfo = $msz->usersCtx->modNotes->createNote($userInfo, $title, $body, $authorInfo);
|
2023-07-25 14:40:31 +00:00
|
|
|
} else {
|
2024-11-30 04:09:29 +00:00
|
|
|
if($title === $noteInfo->title)
|
2023-07-25 14:40:31 +00:00
|
|
|
$title = null;
|
2024-11-30 04:09:29 +00:00
|
|
|
if($body === $noteInfo->body)
|
2023-07-25 14:40:31 +00:00
|
|
|
$body = null;
|
|
|
|
|
|
|
|
if($title !== null || $body !== null)
|
2024-11-30 04:09:29 +00:00
|
|
|
$msz->usersCtx->modNotes->updateNote($noteInfo, $title, $body);
|
2023-07-25 14:40:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$msz->createAuditLog(
|
|
|
|
$isNew ? 'MOD_NOTE_CREATE' : 'MOD_NOTE_UPDATE',
|
2024-11-30 04:20:20 +00:00
|
|
|
[$noteInfo->id, $userInfo->id]
|
2023-07-25 14:40:31 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
// this is easier
|
2024-11-30 04:09:29 +00:00
|
|
|
Tools::redirect($msz->urls->format('manage-users-note', ['note' => $noteInfo->id]));
|
2023-07-25 14:40:31 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
Template::render('manage.users.note', [
|
|
|
|
'note_new' => $isNew,
|
|
|
|
'note_info' => $noteInfo ?? null,
|
|
|
|
'note_user' => $userInfo,
|
2024-11-30 04:09:29 +00:00
|
|
|
'note_user_colour' => $msz->usersCtx->getUserColour($userInfo),
|
2023-07-25 14:40:31 +00:00
|
|
|
'note_author' => $authorInfo,
|
2024-11-30 04:09:29 +00:00
|
|
|
'note_author_colour' => $msz->usersCtx->getUserColour($authorInfo),
|
2023-07-25 14:40:31 +00:00
|
|
|
]);
|