<?php

require_once('../init.php');

function build_simple_query($details)
{
  global $db;

  if ($_POST['value'] == 0)
    $sql = sprintf("DELETE FROM %s WHERE %s = %d AND %s = %d", $details['table'],
		   $details['basecol'], $details['baseval'],
		   $details['refcol'], $_POST['reference']);
  else
    $sql = sprintf("INSERT INTO %s (%s,%s,sys_user,sys_edit) VALUES (%d,%d,%s,now())",
		   $details['table'],
		   $details['basecol'], $details['refcol'],
		   $details['baseval'], $_POST['reference'],
		   $db->quote($_SESSION['sys']['login']));

  return $sql;
}

function build_query($details,$mask)
{
  global $db;

  $where = '';
  $keys = array_keys($mask['list']);
  for ($i=0; $i<count($keys); $i++)
    if (array_key_exists('filter_'.$i, $_POST)) {
      $filter = explode('|', $_POST['filter_'.$i]);
      if (strlen($where)) $where .= ' AND ';
      if ($filter[0] === 'LIKE') $filter[1] = '%'.$filter[1].'%';
      elseif ($filter[0] === 'EQ') $filter[0] = '=';
      $where .= sprintf("%s %s '%s'",
			empty($mask['list'][$keys[$i]]['sql'])?$keys[$i]:$mask['list'][$keys[$i]]['sql'],
			$filter[0], $filter[1]);
    }

  if ($_POST['value'] == 0)
    $sql = sprintf("DELETE FROM %s WHERE %s = %d AND %s IN (SELECT %s FROM %s%s%s)",
		   $details['table'],
		   $details['basecol'], $details['baseval'],
		   $details['refcol'], $details['refid'],
		   $details['reftable'],
		   array_key_exists('join', $mask) ? ' JOIN ' . join(' JOIN ', $mask['join']) : '',
		   strlen($where) ? ' WHERE ' . $where : '');
  else {
    $sql = sprintf("DELETE FROM %s WHERE %s = %d AND %s IN (SELECT %s FROM %s%s%s)",
		   $details['table'],
		   $details['basecol'], $details['baseval'],
		   $details['refcol'], $details['refid'],
		   $details['reftable'],
		   array_key_exists('join', $mask) ? ' JOIN ' . join(' JOIN ', $mask['join']) : '',
		   strlen($where) ? ' WHERE ' . $where : '');
    $db->execute($sql);
    $sql = sprintf("INSERT INTO %s (%s,%s,sys_user,sys_edit) SELECT %s,%s,%s,now() FROM %s%s " .
		   "LEFT JOIN %s ON %s.%s = 1 AND %s.%s = %s.id WHERE %s.id IS NULL%s",
		   $details['table'],
		   $details['basecol'], $details['refcol'],
		   $details['baseval'], $details['refid'],
                   $db->quote($_SESSION['sys']['login']),
		   $details['reftable'],
		   array_key_exists('join', $mask) ? ' JOIN ' . join(' JOIN ', $mask['join']) : '',
		   $details['table'],
		   $details['table'], $details['basecol'],
		   $details['table'], $details['refcol'],
		   $details['reftable'],
		   $details['table'],
		   strlen($where) ? ' AND ' . $where : '');
  }

  return $sql;
}

if (empty($_POST['table']))
  exit;

$hallinta = Hallinta::instance();
db_connect();
if (load_mask($hallinta->module(),$hallinta->page()) === false) exit;

if ($hallinta->isSecond()) {
    if (!array_key_exists('second', $mask) ||
	!array_key_exists($hallinta->second(), $mask['second']))
	exit;
    $list = $mask['second'][$hallinta->second()]['list'];
} else {
    $list = $mask['list'];
}

$fields = array_keys($list);
$field = $fields[$_POST['column']];

if (empty($field)) exit;

if (!is_array($list[$field]['update'])) exit;

if (!array_key_exists('baseval', $list[$field]['update']))
    $list[$field]['update']['baseval'] = $_POST['main_id'];

if (isset($_POST['reference']))
  $sql = build_simple_query($list[$field]['update']);
else 
  $sql = build_query($list[$field]['update'],$mask);

$sth = $db->query($sql);

if ($sth === false)
  error_log($sql . ': ' . db_error());