load_lang(); $db = new dbquery(); $db->connect(); $sec = new security(); $table = $sec->retrieve_table_from_coll($_REQUEST['coll_id']); $date = $db->current_datetime(); $query = "INSERT INTO " . NOTES_TABLE . "(identifier, note_text, date_note, " . "user_id, coll_id, tablename) VALUES" . " (".$_REQUEST['id'] . ", '" . $db->protect_string_db($_REQUEST['fieldNotes']) . "', " . $date . ", '" . $db->protect_string_db($_SESSION['user']['UserId']) . "', '" . $db->protect_string_db($_REQUEST['coll_id']) . "', '" . $db->protect_string_db($table) . "')"; $returnId = $db->query($query); if (!$returnId) { $return['status'] = 0; $return['msg'] = 'fail'; echo json_encode($return); exit; } $return['status'] = 1; $return['msg'] = 'note ajoutée'; $return['newNote'] = ''; $return['newNote'] .= '

'; $return['newNote'] .= '

'.$_SESSION['user']['FirstName'].' '.$_SESSION['user']['LastName'].' le '.date('Y-m-d').'

'; $return['newNote'] .= '

' . $_REQUEST['fieldNotes'] . '

'; $return['newNote'] .= '

'; echo json_encode($return);