summaryrefslogtreecommitdiff
path: root/lib/notes/view.php
blob: d29732df171ab0bc6dbfa5b6ca79a2387fcdfb59 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
<?php

assert_redir(count($args) == 3, 'notes');
$noteid = intval($args[2]);

$note = sql(
	"SELECT na.id AS id, na.title AS title, na.text_html AS html, na.public AS public, na.owner AS owner, ".
	"nb.title AS parent_title, nb.id AS parent_id, account.login AS ownername FROM notes na ".
	"LEFT JOIN notes nb ON na.parent = nb.id LEFT JOIN account ON account.id = na.owner ".
	"WHERE na.id = ?", $noteid
)->fetch();
assert_error($note && ($note['public'] != 0 || $note['owner'] == $user['id'] || $user['priv'] >= $priv_admin),
	"This note does not exist, or you are not allowed to see it.");

$can_new = ($user['priv'] >= $apps['notes']['new'] && $user['id'] == $note['owner']);
$can_edit = ($user['priv'] >= $apps['notes']['edit'] && $user['id'] == $note['owner']);
$can_delete = ($user['priv'] >= $apps['notes']['delete'] && $user['id'] == $note['owner']);
$can_move = ($user['priv'] >= $apps['notes']['move'] && $user['id'] == $note['owner']);

require("tpl/notes/view.php");