'; $return .= ''; $db = new Database(); $query = "SELECT "; $query .= "DISTINCT(notes.id), "; $query .= "user_id, "; $query .= "date_note, "; $query .= "note_text "; $query .= "FROM "; $query .= "notes "; $query .= "left join "; $query .= "note_entities "; $query .= "on "; $query .= "notes.id = note_entities.note_id "; $query .= "WHERE "; $query .= "coll_id = ? "; $arrayPDO = array($_SESSION['collection_id_choice']); $query .= "AND "; $query .= "identifier = ? "; $arrayPDO = array_merge($arrayPDO, array($_REQUEST['identifier'])); $query .= "AND "; $query .= "( "; $query .= "( "; $query .= "item_id IN ("; foreach($_SESSION['user']['entities'] as $entitiestmpnote) { $query .= "?, "; $arrayPDO = array_merge($arrayPDO, array($entitiestmpnote['ENTITY_ID'])); } if ($_SESSION['user']['UserId'] == 'superadmin') { $query .= " null "; } else { $query = substr($query, 0, -2); } $query .= ") "; $query .= "OR "; $query .= "item_id IS NULL "; $query .= ") "; $query .= "OR "; $query .= "user_id = '" . $_SESSION['user']['UserId'] . "' "; $query .= ") "; $query .= " order by date_note desc"; $stmt = $db->query($query, $arrayPDO); $fetch = ''; while ($return_db = $stmt->fetchObject()) { // get lastname and firstname for user_id $stmt2 = $db->query("SELECT lastname, firstname FROM users WHERE user_id =?", array($return_db->user_id)); while ($user_db = $stmt2->fetchObject()) { $lastname = $user_db->lastname; $firstname = $user_db->firstname; } $return .= ''; $return .= ''; $return .= ''; } $return .= '

'; // $return .= ' '; $return .= ' '; $return .= ucfirst(_BY) . ' : '; $return .= functions::xssafe($firstname) . ' ' . functions::xssafe($lastname); $return .= ', '; $return .= functions::xssafe($Core_Tools->format_date_db($return_db->date_note)); $return .= ' '; // $return .= ' '; $return .= ' '; $note_text = str_replace(array("\r", "\n"), array(" ", " "), functions::xssafe($return_db->note_text)); $return .= str_replace(' ', ' ', $note_text); $return .= ' '; // $return .= ' '; $return .= '

'; $return .= '
'; $return .= '