diff options
| author | Nicolas BERNSTEIN <alexis211@gmail.com> | 2011-09-17 16:48:29 +0200 |
|---|---|---|
| committer | Nicolas BERNSTEIN <alexis211@gmail.com> | 2011-09-17 16:48:29 +0200 |
| commit | d0060968b77c39bdf8abffb071c971c166b59edb (patch) | |
| tree | 0be52e00a25bd298235a0cf916fb07496d3ab95f /lib/notes/view.php | |
| download | Bits-d0060968b77c39bdf8abffb071c971c166b59edb.tar.gz Bits-d0060968b77c39bdf8abffb071c971c166b59edb.zip | |
First commit.
Diffstat (limited to 'lib/notes/view.php')
| -rw-r--r-- | lib/notes/view.php | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/lib/notes/view.php b/lib/notes/view.php new file mode 100644 index 0000000..f81b6d7 --- /dev/null +++ b/lib/notes/view.php @@ -0,0 +1,21 @@ +<?php + +assert_redir(count($args) == 3, 'notes'); +$noteid = intval($args[2]); + +$note = mysql_fetch_assoc(sql( + "SELECT na.id AS id, na.title AS title, na.text_html AS html, na.public AS public, na.owner AS owner, ". + "nb.title AS parent_title, nb.id AS parent_id, account.login AS ownername FROM notes na ". + "LEFT JOIN notes nb ON na.parent = nb.id LEFT JOIN account ON account.id = na.owner ". + "WHERE na.id = $noteid" +)); +assert_error($note && ($note['public'] != 0 || $note['owner'] == $user['id']), + "This note does not exist, or you are not allowed to see it."); + +$can_new = ($user['priv'] >= $apps['notes']['new'] && $user['id'] == $note['owner']); +$can_edit = ($user['priv'] >= $apps['notes']['edit'] && $user['id'] == $note['owner']); +$can_delete = ($user['priv'] >= $apps['notes']['delete'] && $user['id'] == $note['owner']); +$can_move = ($user['priv'] >= $apps['notes']['move'] && $user['id'] == $note['owner']); + +require("tpl/notes/view.php"); + |