<?php
//****************************************************************************************
// Copyright (C) 2000 Koen de Boeve
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// Version : MyPhPim-01.05
// Author : Koen de Boeve
// Contact: hide@address.com
//****************************************************************************************
include "conf/global_conf.inc";
session_start();
$html = new HtmlCl;
$db = new DB;
if ( $menu ) {
switch ( $menu ) {
case "main":
echo "<html>\n";
echo "<head>\n";
echo "<style type=\"text/css\">\n";
echo "<!--\n";
echo "body { margin: 0 }\n";
echo "A{text-decoration:none}\n";
echo "-->\n";
echo "</style>\n";
echo "</head>\n";
echo "<body bgcolor=darkseagreen text=blue vlink=blue alink=blue link=blue marginheight=0>\n";
echo "<table border=0 width=100%><tr><td align=left><font size=-1><a href=notes.php3?menu=create target=bodyframe>| New | </a></font></td><td align=right><font size=-1><a href=notes.php3?menu=sharing target=bodyframe>| Sharing | </a></font></td></tr></table>\n";
echo "</body>\n";
echo "</html>\n";
break;;
case "list":
$form = new FormCl;
$query = "SELECT user_id FROM users WHERE user='$user'";
$result = $db->query ( $query );
$user_id = $db->result ( $result, 0, "user_id" );
// Create basic query
$querystr = "SELECT notes_id, note, creationdate, owner, lastupdate , updateby FROM notes WHERE owner=$user_id";
// Lets see if we enabled public sharing for notes
$query = "SELECT sharetype FROM notes_subscribed WHERE user_id=$user_id AND sharetype='public'";
$result = $db->query ( $query );
$numrow = $db->numrows ( $result );
if ( $numrow != 0 ) {
$query = "SELECT notes_id FROM notes_shares WHERE sharetype='public'";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$notesid = $db->result ( $result , $i, "notes_id" );
$querystr = $querystr . " OR notes_id=$notesid";
}
}
// From which users do we wish to see notes?
$query = "SELECT sharedfrom FROM notes_subscribed WHERE user_id=$user_id AND sharetype='user'";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$sharedfrom = $db->result ( $result, $i, "sharedfrom" );
$sub_query = "SELECT notes_id FROM notes WHERE owner=$sharedfrom";
$sub_result = $db->query ( $sub_query );
$numsub_rows = $db->numrows ( $sub_result );
for ( $j = 0; $j < $numsub_rows; $j++ ) {
$notes_id = $db->result ( $sub_result, $j, "notes_id" );
$sub_sub_query = "SELECT shareusers FROM notes_shares WHERE notes_id=$notes_id";
$sub_sub_result = $db->query ( $sub_sub_query );
$numsub_sub_rows = $db->numrows ( $sub_sub_result );
for ( $k = 0; $k < $numsub_sub_rows; $k++ ) {
$shareusers = $db->result ( $sub_sub_result, $k, "shareusers" );
if ( $shareusers == $user_id ) {
$querystr = $querystr . " OR notes_id=$notes_id";
}
}
}
}
// To which Groups do we belong?
$query = "SELECT sharedfrom FROM notes_subscribed WHERE user_id=$user_id AND sharetype='group'";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$sharedfrom = $db->result ( $result, $i, "sharedfrom" );
$sub_query = "SELECT notes_id FROM notes_shares WHERE sharegroups=$sharedfrom";
$sub_result = $db->query ( $sub_query );
$numsub_rows = $db->numrows ( $sub_result );
for ( $j = 0; $j < $numsub_rows; $j++ ) {
$notes_id = $db->result ( $sub_result, $j, "notes_id" );
$querystr = $querystr . " OR notes_id=$notes_id";
}
}
if ( !$sort ) {
$sort = "note";
}
if ( $order == "DESC" ) {
$order = "ASC";
} else {
$order = "DESC";
}
$html->htmlheader ( "Notes For $user",0 );
$querystr = $querystr . " ORDER BY $sort $order";
$result = $db->query ( $querystr );
$numrows = $db->numrows ( $result );
echo "<center><table border=0>\n";
$form->init ( "notes.php3", "post","notes" );
$count = 1;
echo "<tr bgcolor=dimgray><td> </td><td align=center><font size=-1 color=white>Nr</font></td>";
echo "<td align=center><font size=-1><a CLASS=white href=notes.php3?menu=list&sort=note&order=$order>Note</a></font></td>";
echo "<td align=center><font size=-1><a CLASS=white href=notes.php3?menu=list&sort=creationdate&order=$order>Date Of Creation</a></font></td>";
echo "<td align=center><font size=-1><a CLASS=white href=notes.php3?menu=list&sort=lastupdate&order=$order>Date Last Modified</a></font></td>";
echo "<td align=center><font size=-1><a CLASS=white href=notes.php3?menu=list&sort=updateby&order=$order>Last Update By</a></font></td>";
echo "<td align=center><font size=-1><a CLASS=white href=notes.php3?menu=list&sort=owner&order=$order>Owner</a></font></td></tr>";
for ( $i = 0; $i < $numrows; $i++ ) {
$notesid = $db->result ( $result, $i, "notes_id" );
$note = nl2br ( $db->result ( $result, $i, "note" ) );
$creationdate = $db->result ( $result, $i, "creationdate" );
$owner = $db->result ( $result, $i, "owner" );
$lastupdate = $db->result ( $result, $i, "lastupdate" );
$updateby = $db->result ( $result, $i, "updateby" );
if ( $lastupdate == "" || $lastupdate == 'NULL' || !$lastupdate || $lastupdate == "0000-00-00" ) { $lastupdate = "Never"; }
$subquery = "SELECT user FROM users WHERE user_id=$owner";
$subresult = $db->query ( $subquery );
$username = $db->result ( $subresult, 0, "user" );
if ( !$updateby || $updateby == '' || $updateby == 'NULL' ) {
$updater = " ";
} else {
$subquery = "SELECT user FROM users WHERE user_id=$updateby";
$subresult = $db->query ( $subquery );
$updater = $db->result ( $subresult, 0, "user" );
}
echo "<tr bgcolor=lightgrey>";
echo "<td align=center><font size=-1><input type=checkbox name=select[$i] value=$notesid></font></td>\n";
echo "<td align=right><font size=-1><a CLASS=blue href=notes.php3?menu=detail¬es_id=$notesid>$count</a></font></td>\n";
echo "<td width=300><font size=-1><a CLASS=blue href=notes.php3?menu=detail¬es_id=$notesid>$note</a></font></td>\n";
echo "<td align=center><font size=-1>$creationdate</font></td>";
echo "<td align=center><font size=-1>$lastupdate</font></td>";
echo "<td align=center><font size=-1>$updater</font></td>";
echo "<td><font size=-1 color=dimgray>$username</a></font></td></tr>\n";
$count++;
}
$form->hidden ( "numnotes", $i );
echo "<tr><td colspan=6 align=center><font size=-1>";
$form->submit ("deletenotes", "Delete" );
echo "</font></td></tr>\n";
$form->close ();
echo "</table></center>\n";
$html->htmlfooter();
break;;
case "create" :
$query = "SELECT user_id FROM users WHERE user='$user'";
$result = $db->query ( $query );
$user_id = $db->result ( $result, 0, "user_id" );
$form = new FormCl;
$html->htmlheader ( "Create New Note For $user", 0 );
echo "<table border=0>\n";
$form->init ( "notes.php3", "get", "notes" );
echo "<tr><td valign=top><font size=-1>\n";
$sharetypes = array ( "private", "public" );
$select[0] = "distribute";
$form->radio ( "VER", "sharedtype", $sharetypes, NULL );
echo "<br>";
$form->radio ( "VER", "sharedtype", $select, NULL );
$mainquery = "SELECT group_id, groupname FROM groups WHERE visible='public' ";
$query = "SELECT group_id FROM groupmembers WHERE user_id=$user_id";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$group_id = $db->result ( $result, $i, "group_id" );
$mainquery = $mainquery . "OR group_id=$group_id ";
}
$mainquery = $mainquery . " ORDER BY groupname";
$result = $db->query ( $mainquery );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$groupid[$i] = $db->result ( $result, $i, "group_id" );
$groupnames[$i] = $db->result ( $result, $i, "groupname" );
}
echo "</font></td></tr><tr><td> </td><td valign=bottom><font size=-1><b>groups: </b><br>\n";
$form->multiselect ( "groupids", $groupid, $groupnames, "NO-ONE", 2);
echo "<br><b>Users:</b><br>\n";
$query = "SELECT user_id, user FROM users where user!='$user' ORDER BY user";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$userid[$i] = $db->result ( $result, $i, "user_id" );
$username[$i] = $db->result ( $result, $i, "user" );
}
$form->multiselect ( "userids", $userid, $username, "NO-ONE", 2 );
echo "</font></td></tr><tr><td valign=top><font size=-1>Detail:</font></td><td><font size=+1 face=clean><small>\n";
$form->textarea ( "note", "$note", 80, 10 );
echo "</small></font></td></tr><tr><td><font size=-1>\n";
echo "Create this Note <br>For another User:</font></td><td><font size=-1>";
$form->checkbox ( "otheruser", 0, 0 );
echo "</font></td></tr><tr><td><font size=-1>Users:</font></td><td><font size=-1>";
$form->multiselect ( "foruser", $userid, $username, "NO-ONE", 2 );
echo "</font></td></tr><tr><td><font size=-1>groups:</font></td><td><font size=-1>";
$form->multiselect ( "forgroup", $groupid, $groupnames, "NO-ONE", 2);
echo "</font></td></tr><tr><td><font size=-1>comments:</font></td><td><font size=-1>";
$form->textarea('comments','',60,5 );
echo "</font></td></tr><tr><td colspan=2 align=center>";
echo "<tr><td colspan=2 align=center><font size=-1>\n";
$form->submit ( "addnotes", "Save" );
echo "</font></td></tr>\n";
$form->close();
echo "</table>\n";
$html->htmlfooter();
break;;
case "detail" :
$query = "SELECT user_id FROM users WHERE user='$user'";
$result = $db->query ( $query );
$user_id = $db->result ( $result ,0 , "user_id" );
$query = "SELECT * FROM notes WHERE notes_id=$notes_id";
$result = $db->query ( $query );
if ( !$note ) {
$note = $db->result ( $result, 0, "note" );
}
if ( !$notesupdate ) {
$notesupdate = $db->result ( $result, 0, "notesupdate" );
}
if ( !$notesdelete ) {
$notesdelete = $db->result ( $result, 0, "notesdelete" );
}
$query = "SELECT sharetype FROM notes_shares WHERE notes_id=$notes_id";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
if ( $numrows != 0 ) {
if (!$sharedtype ) {
$sharedtype = $db->result ( $result, 0, "sharetype" );
}
$query = "SELECT sharegroups FROM notes_shares WHERE notes_id=$notes_id AND sharegroups!=0";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$sharedgroup = $db->result ( $result, $i, "sharegroups" );
$sub_query = "SELECT groupname FROM groups WHERE group_id=$sharedgroup";
$sub_result = $db->query ( $sub_query );
$sharedgroupnames[$i] = $db->result ( $sub_result, 0, "groupname" );
}
$query = "SELECT shareusers FROM notes_shares WHERE notes_id=$notes_id AND shareusers!=0";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$shareduser = $db->result ( $result, $i, "shareusers" );
$sub_query = "SELECT user FROM users WHERE user_id=$shareduser";
$sub_result = $db->query ( $sub_query ) ;
$sharedusernames[$i] = $db->result ( $sub_result, 0, "user" );
}
} else {
$sharedusernames[0]="fake";
$sharedgroupnames[0]="alsofake";
}
$form = new FormCl;
$html->htmlheader ( "Notes For $user", 0 );
echo "<table border=0>\n";
$form->init ( "notes.php3", "get", "notes" );
echo "<tr><td colspan=2 align=left><font size=-1>\n";
$sharetypes = array ( "private", "public" );
$select[0] = "distribute";
if ( ! $sharedtype ) { $sharedtype = 'private'; }
$form->radio ( "VER", "sharedtype", $sharetypes, $sharedtype );
echo "<br>";
$form->radio ( "VER", "sharedtype", $select, $sharedtype );
$mainquery = "SELECT group_id, groupname FROM groups WHERE visible='public' ";
$query = "SELECT group_id FROM groupmembers WHERE user_id=$user_id";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$group_id = $db->result ( $result, $i, "group_id" );
$mainquery = $mainquery . "OR group_id=$group_id ";
}
$mainquery = $mainquery . " ORDER BY groupname";
$result = $db->query ( $mainquery );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$groupid[$i] = $db->result ( $result, $i, "group_id" );
$groupnames[$i] = $db->result ( $result, $i, "groupname" );
}
echo "</font></td></tr><tr><td> </td><td valign=bottom><font size=-1><b>groups: </b><br>\n";
$form->multiselect ( "groupids", $groupid, $groupnames, $sharedgroupnames, 2);
echo "<br><b>Users:</b><br>\n";
$query = "SELECT user_id, user FROM users ORDER BY user";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$userid[$i] = $db->result ( $result, $i, "user_id" );
$username[$i] = $db->result ( $result, $i, "user" );
}
$form->multiselect ( "userids", $userid, $username, $sharedusernames, 2 );
echo "<tr><td><font size=-1>Note: </font></td><td><font size=+1 face=clean><small>\n";
$form->textarea ( "note", "$note", 80, 6 );
echo "</small></font></td></tr>\n";
echo "<tr><td colspan=2><fontsize=-1>Allow Others To Update This Item:</font></td></tr>\n";
echo "<tr><td> </td><td><font size=-1>";
if ( $notesupdate == "Y" ) {
$form->checkbox ( "notesupdate", 1, 0 );
} else {
$form->checkbox ( "notesupdate", 0, 0 );
}
echo "</font></td></tr>\n";
echo "<tr><td colspan=2><fontsize=-1>Allow Others To Delete This Item:</font></td></tr>\n";
echo "<tr><td> </td><td><font size=-1>";
if ( $notesdelete == "Y" ) {
$form->checkbox ( "notesdelete", 1, 0 );
} else {
$form->checkbox ( "notesdelete", 0, 0 );
}
echo "</font></td></tr>\n";
echo "<tr><td colspan=2 align=center><font size=-1>\n";
$form->hidden ( "notes_id", $notes_id );
$form->submit ( "updatenotes", "Save" );
echo "</font></td></tr>\n";
$form->close();
echo "</table>\n";
$html->htmlfooter();
break;;
case "sharing" :
$form = new FormCl;
$html->htmlheader ( "Notes Sharings For $user", 0 );
echo "<b>Active Shares</b><p>\n";
echo "<table border=0>\n";
$query = "SELECT user_id FROM users WHERE user='$user'";
$result = $db->query ( $query );
$user_id = $db->result ( $result, 0, "user_id" );
$query = "SELECT * FROM notes_subscribed WHERE user_id=$user_id";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$subscribe_id = $db->result ( $result, $i, "subscrib_id" );
$sharetype = $db->result ( $result, $i, "sharetype" );
if ( $sharetype == "group" ) {
$sharedfrom = $db->result ( $result, $i, "sharedfrom" );
$query = "SELECT groupname from groups WHERE group_id=$sharedfrom";
$result1 = $db->query ( $query );
$sharename = $db->result ( $result1, 0, "groupname" );
echo "<tr bgcolor=lightgrey><td width=45><font size=-1>$sharetype</font></td>";
echo "<td width=150><font size=-1>$sharename</font></td>\n";
} else if ( $sharetype == "user" ) {
$sharedfrom = $db->result ( $result, $i, "sharedfrom" );
$query = "SELECT user from users WHERE user_id=$sharedfrom";
$result1 = $db->query ( $query );
$sharename = $db->result ( $result1, 0, "user" );
echo "<tr bgcolor=lightgrey><td width=45><font size=-1>$sharetype</font></td>";
echo "<td width=150><font size=-1>$sharename</font></td>\n";
} else {
echo "<tr bgcolor=lightgrey><td width=45><font size=-1>$sharetype</font></td>";
echo "<td width=150><font size=-1> </font></td>\n";
}
echo "<td><font size=-1><a CLASS=blue href=notes.php3?deletesharing=1&subscrib_id=$subscribe_id> | Remove Share | </a></font></td></tr>\n";
}
echo "</table><hr noshade>";
echo "<b>Add A Share</b><p>\n";
$form->init ( "notes.php3", "post", "notes" );
$sharetypes = array ( "group", "user", "public" );
echo "<font size=-1>Share Type: ";
if ( !$share_type ) { $share_type = "public" ; }
$form->SimpleSelect ( "share_type onChange=window.location.href=\"notes.php3?menu=sharing&share_type=\"+(options[selectedIndex].value)", $sharetypes, $sharetypes, $share_type );
echo "</font><br>\n";
if ( $share_type == "group" ) {
echo "<font size=-1><b>Groups: </b>";
echo "<select name=sharedfrom size=5>";
$query = "SELECT group_id, groupname FROM groups WHERE owner=$user_id OR visible='public'";
$tmpquery = "SELECT group_id FROM groupmembers WHERE user_id=$user_id";
$tmpresult = $db->query ( $tmpquery );
$numrows = $db->numrows ( $tmpresult );
for ( $i = 0; $i < $numrows; $i++ ) {
$group_id = $db->result ( $tmpresult, $i, "group_id" );
$query = $query . " OR group_id=$group_id";
}
$query = $query . " ORDER BY groupname";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$groupids[$i] = $db->result ( $result, $i, "group_id" );
$groupnames[$i] = $db->result ( $result, $i, "groupname" );
echo "<option value=$groupids[$i]>$groupnames[$i]</option>";
}
echo "</select></font><br>\n";
} else if ( $share_type == "user" ) {
echo "<font size=-1><b>Users: </b>";
echo "<select name=sharedfrom size=5>";
$query = "SELECT user_id, user FROM users WHERE user!='$user' ORDER BY user";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
for ( $i = 0; $i < $numrows; $i++ ) {
$userids[$i] = $db->result ( $result, $i, "user_id" );
$usernames[$i] = $db->result ( $result, $i, "user" );
echo "<option value=$userids[$i]>$usernames[$i]</option>";
}
echo "</select></font><br>\n";
}
$form->hidden ( "user_id", $user_id );
$form->submit ( "addshare", "Add" );
$form->close ();
$html->htmlfooter ();
break;;
}
}
if ( $deletesharing ) {
$query = "DELETE FROM notes_subscribed WHERE subscrib_id=$subscrib_id";
$result = $db->query ( $query );
header ( "Location: http://$HTTP_SERVER_VARS[HTTP_HOST]/$basepath/notes.php3?menu=sharing" );
}
if ( $addshare ) {
$query = "SELECT sharetype, sharedfrom FROM notes_subscribed WHERE user_id=$user_id";
$result = $db->query ( $query );
$numrows = $db->numrows ( $result );
$flag = 0;
for ( $i = 0; $i < $numrows; $i++ ) {
$shr = $db->result ( $result, $i, "sharetype" );
$shrfrm = $db->result ( $result, $i, "sharedfrom" );
if ( $shr == $share_type && $shrfrm == $sharedfrom ) {
$flag = 1;
}
if ( $shr == "public" && $share_type == "public") {
$flag = 1 ;
}
}
if ( $flag == 0 ) {
$query = "INSERT INTO notes_subscribed VALUES ( NULL, $user_id, '$share_type', 'Y', '$sharedfrom')";
$result = $db->query ( $query );
}
header ( "Location: http://$HTTP_SERVER_VARS[HTTP_HOST]/$basepath/notes.php3?menu=sharing" );
}
if ( $addnotes ) {
if ( $sharedtype == "distribute" ) {
$splitted = explode ( "&", $QUERY_STRING );
$numsplitted = count ( $splitted ) ;
$j = 0;
$l = 0;
for ( $i = 0 ; $i < $numsplitted; $i++ ) {
if ( ereg ( "^groupids", $splitted[$i] ) ) {
$parts = explode ( "=", $splitted[$i] );
$end = $numparts - 1 ;
$groups[$j] = $parts[1];
$j++;
} else if ( ereg ( "^userids", $splitted[$i] ) ) {
$parts = explode ( "=", $splitted[$i] );
$users[$l] = $parts[1];
$l++;
}
}
}
$vars->date = date ( 'Y-m-d' );
$vars->note = $note;
$vars->table = "notes";
$vars->users = $users;
$vars->groups = $groups;
$vars->numgroups = count ( $groups );
$vars->numusers = count ( $users );
$vars->sharedtype = $sharedtype;
$query = " SELECT user_id FROM users WHERE user='$user'";
$result = $db->query ( $query );
$user_id = $db->result ( $result, 0, "user_id" );
$vars->id_field = "notes_id";
$vars->type='note';
// ####################################################################################
// now lets see if this record should be created for another user
$vars->otheruser = $otheruser;
if ( $otheruser == 'Y' ) {
$vars->owner_id = 0; // if we create this for another user, noone owns this record
// until targetted user accepted it
$splitted = explode ( "&", $QUERY_STRING );
$numsplitted = count ( $splitted ) ;
$j = 0;
$l = 0;
for ( $i = 0 ; $i < $numsplitted; $i++ ) {
if ( ereg ( "^forgroup", $splitted[$i] ) ) {
$parts = explode ( "=", $splitted[$i] );
$end = $numparts - 1 ;
$forgroups[$j] = $parts[1];
$j++;
} else if ( ereg ( "^foruser", $splitted[$i] ) ) {
$parts = explode ( "=", $splitted[$i] );
$forusers[$l] = $parts[1];
$l++;
}
}
$vars->forusers = $forusers;
$vars->forgroups = $forgroups;
$vars->comment = $comments;
$vars->byuser = $user_id;
$db->InsertForUser ( $vars );
} else {
$vars->owner_id = $user_id;
$last_id = $db->InsertNewRecord ( $vars );
// $db->InsertShares ( $vars, $last_id );
}
// ####################################################################################
header ( "Location: http://$HTTP_SERVER_VARS[HTTP_HOST]/$basepath/notes.php3?menu=list" );
}
if ( $updatenotes ) {
$updatedate = date ( 'Y-m-d' );
$query = " SELECT user_id FROM users WHERE user='$user'";
$result = $db->query ( $query );
$user_id = $db->result ( $result, 0, "user_id" );
$query = "SELECT notesupdate, owner FROM notes WHERE notes_id=$notes_id";
$result = $db->query ( $query );
$checkok = $db->result ( $result, 0, "notesupdate" );
$own = $db->result ( $result, 0, "owner" );
if ( $checkok == "Y" || $own == $user_id ) {
if ( $sharedtype == "distribute" ) {
$splitted = explode ( "&", $QUERY_STRING );
$numsplitted = count ( $splitted ) ;
$j = 0;
$l = 0;
for ( $i = 0 ; $i < $numsplitted; $i++ ) {
if ( ereg ( "^groupids", $splitted[$i] ) ) {
$parts = explode ( "=", $splitted[$i] );
$end = $numparts - 1 ;
$groups[$j] = $parts[1];
$j++;
} else if ( ereg ( "^userids", $splitted[$i] ) ) {
$parts = explode ( "=", $splitted[$i] );
$users[$l] = $parts[1];
$l++;
}
}
}
if ( $notesread != "Y" ) { $notesread="N"; }
if ( $notesupdate != "Y" ) { $notesupdate="N"; }
if ( $notesdelete != "Y" ) { $notesdelete="N"; }
if ( $noteswrite != "Y" ) { $noteswrite="N"; }
$query = "UPDATE notes SET note='$note', notesread='$notesread', notesupdate='$notesupdate', notesdelete='$notesdelete', noteswrite='$noteswrite', lastupdate='$updatedate', updateby=$user_id WHERE notes_id=$notes_id";
$result = $db->query ( $query );
$query = "DELETE FROM notes_shares WHERE notes_id=$notes_id";
$result = $db->query ( $query );
$numgroups = count ( $groups );
for ( $i = 0; $i < $numgroups; $i++ ) {
$query = "INSERT INTO notes_shares VALUES ( NULL, '$sharedtype', '', $groups[$i], $notes_id ) ";
$result = $db->query ( $query );
}
$numusers = count ( $users );
for ( $i = 0; $i < $numusers; $i++ ) {
$query = "INSERT INTO notes_shares VALUES ( NULL, '$sharedtype', $users[$i], '', $notes_id ) ";
$result = $db->query ( $query );
}
if ( $sharedtype == "public" ) {
$query = "INSERT INTO notes_shares VALUES ( NULL, '$sharedtype', '', '', $notes_id ) ";
$result = $db->query ( $query );
}
header ( "Location: http://$HTTP_SERVER_VARS[HTTP_HOST]/$basepath/notes.php3?menu=list" );
} else {
$html = new HtmlCl;
$form = new FormCl;
$html->htmlheader ( "Error", 0 );
echo "You Are Not Allowed To Update this Item<p>\n";
$form->init ("notes.php3", "post", "notes" );
$form->hidden ("notes_id", $notes_id );
$form->submit ("return", "OK" );
$form->close();
$html->htmlfooter ();
}
}
if ( $deletenotes ) {
$query = "SELECT user_id FROM users WHERE user='$user'";
$result = $db->query ( $query );
$user_id = $db->result ( $result, 0, "user_id" );
//$numselect = count ( $select );
$numselect = $numnotes - 1;
for ( $i = 0; $i <= $numselect; $i++ ) {
$notes_id = $select[$i];
if ( $notes_id ) {
$query = "SELECT notesdelete, owner FROM notes WHERE notes_id=$notes_id";
$result = $db->query ( $query );
$notesdelete = $db->result ( $result, 0, "notesdelete" );
$owner = $db->result( $result, 0, "owner" );
if ( $owner == $user_id || $notesdelete == "Y" ) {
$query = "DELETE FROM notes WHERE notes_id=$notes_id";
$result = $db->query ( $query );
$query = "DELETE FROM notes_shares WHERE notes_id=$notes_id";
$result = $db->query ( $query );
}
}
}
header ( "Location: http://$HTTP_SERVER_VARS[HTTP_HOST]/$basepath/notes.php3?menu=list" );
}
if ( $return ) {
header ( "Location: http://$HTTP_SERVER_VARS[HTTP_HOST]/$basepath/notes.php3?menu=detail¬es_id=$notes_id" );
}
?>