<?php
//
// updateNode.php
//
//VGR06032006 Finished
//VGR10032006 FIXed oubli : tout id>4387 correspond à l'initial '0'
//VGR19032006 ADDed sécurité contre les fausses insertions ('Nouvelle...' transmis)
//VGR01092006 MOD for publication on EEE.org ( www.europeanexperts.org ) and ERT (www.expertsrt.com | net )
//
// REM reçoit updateNode=2&newValue=dd en GET
//
// TODO : Nil
//

if ( isset($_GET['newValue']) AND isset($_GET['updateNode']) ) {
  require_once('header.inc.php'); //VGR01092006 defines DB settings etc
  $loclinkadd=txt('Nouvelle...'); //VGR19032006 ADDed : this is the default value contained on the client side
  $newValue=addslashes($_GET['newValue']);
  $updateNode=$_GET['updateNode'];
  $id_parent=(isset($_GET['id_parent']))?$_GET['id_parent']:$updateNode;
  if ($newValue<>$loclinkadd) { //VGR19032006 ADDed sécurité (else NOP)
    if ($updateNode>$iszero) { // new category
      $query="select max(id) AS a from $dbTableCategories;";
      $result=mysql_query($query,$linkId) or die("bad query '$query' : ".mysql_error());
      $res=mysql_fetch_array($result);
      $nextid=$res['a']+1;
      $command='insert into';
      if ($id_parent==0) { // new main category
        $extracmd=",id_parent=$nextid,id_l={$_SESSION['sess_langue']},id=$nextid";
      } else $extracmd=",id_parent=$id_parent,id_l={$_SESSION['sess_langue']},id=$nextid";
      $_GET['updateNode']=$nextid;
    } else { $command='update'; $extracmd=" where id=$updateNode AND id_l={$_SESSION['sess_langue']}"; } // normal update
    $query="$command $dbTableCategories set description='$newValue'{$extracmd};";
    $result=mysql_query($query,$linkId) or die("bad query '$query' : ".mysql_error());
    echo "update done ('$command') newval={$_GET['newValue']} pour id={$_GET['updateNode']}";
  } // else NOP
  else echo "NOP";
} else echo "appel incorrect.";
?>