As a follow-up to creating new notes using forms and request methods, we will now explore how to edit and update existing notes in the database using the PATCH request method.

When a user wants to edit a note, we need to provide a way for them to access the edit screen. This is where the edit button comes in.

Adding an Edit Button

First, we need to add an edit button below the note on the single note screen in the show.view.php by removing the delete button code from the file. This button will move the user to the edit screen.

The edit button is placed in the footer section of the note display page. When clicked, it redirects the user to the edit screen, passing the note ID as a parameter in the URL.

Editing Notes

The edit.php file controls the editing process. It retrieves the note from the database and authorizes the user to edit the note. If the user is authorized, the edit screen is displayed, allowing the user to make changes to the note.

query('select * from notes where id = :id', [
    'id' => $_GET['id']
])->findOrFail();

authorize($note['user_id'] === $currentUserId);

view("notes/edit.view.php", [
    'heading' => 'Edit Note',
    'errors' => [],
    'note' => $note
]);

The edit.php file uses the Database class to retrieve the note from the database. It then checks if the user is authorized to edit the note by comparing the user_id with the currentuserID. If authorized, the edit screen is displayed.

Edit Note View

The edit.view.php file contains the code to display the note body for editing, with two buttons: Update and Cancel.

• Update button: submits the updated note to the server and store it in database

• Cancel button: cancels the editing process and redirects the user back to the notes screen.
  

Body

    = $note['body'] ?>
= $errors['body'] ?>
    


    Delete
    Cancel
    Update

The edit note view displays the note body in a textarea, allowing the user to make changes. The update button submits the updated note to the server and store it in database.

Updating Notes

To update a note, we need to create a new file named update.php that checks the validation of the note and also checks the authorization of the user. This file will only allow authorized users to view and edit notes that are already present in the database.

query('select * from notes where id = :id', [
    'id' => $_POST['id']
])->findOrFail();

// Check authorization
authorize($note['user_id'] === $currentUserId);

// Check validation
$errors = [];
if (!Validator::string($_POST['body'], 1, 100000)) {
    $errors['body'] = 'A body of no more than 1,000 characters is required.';
}

// if no validation errors, then update
if (count($errors)) {
    return view('notes/edit.view.php', [
        'heading' => 'Edit Note',
        'errors' => $errors,
        'note' => $note
    ]);
}

$db->query('update notes set body = :body where id = :id', [
    'id' => $_POST['id'],
    'body' => $_POST['body']
]);

// redirect the user
header('location: /notes');
die();

Adding Routes

To enable the editing and updating of notes, we need to add the following routes in route.php:

$router->get('/note/edit', 'controllers/notes/edit.php');
$router->patch('/note', 'controllers/notes/update.php');

These routes will enable the editing and updating of notes using the PATCH request method.

How it Works

When a user wants to edit a note, the user will be taken to the edit screen where user can make changes to the note. When a user submit changes, the update.php file will be called. This file will check if the user is authorized to edit the note and if the validation of the note is correct. If both checks pass, the note will be updated in the database and the user will be redirected back to the notes screen. If either check fails, the user will be redirected back to the edit screen with error messages.

By following these steps a user can easily edit and update the note using PATCH request method.

I hope that you have clearly understood it.