<?php
require_once('includes/config.php');
require_once('includes/db.php');
//$ar = array('suss' => $_GET['start']);
if ( isset($_GET['sect']) && !strcmp($_GET['sect'], "persons") ) {
    $q  = "SELECT uname, CONCAT_WS(' ', firstname, lastname) AS fullname FROM users ";
    $q .= "LEFT JOIN userinfo ON users.id=userinfo.userid ";
    $q .= "WHERE firstname LIKE '".$_GET['start']."%' ";
    $q .= "OR lastname LIKE '".$_GET['start']."%'";
    $q .= "OR uname LIKE '".$_GET['start']."%'";
    $ret = $kdb->query($q);
    $ar = array();
    while ( $row = mysql_fetch_array($ret) ) {
        $un = $row['uname'];
        $fn = $row['fullname'];
        if ( strlen($fn) == 0 ) {
            $fn = $un;
        }
        $ar[] = array($un, $fn);
    }
    mysql_free_result($ret);
    print json_encode($ar);
} else if (isset($_POST['r_rating']) && isset($_POST['r_comment']) && isset($_POST['r_rid'])) {
    session_start();
    require_once('includes/user.php');
    $upd = $kdb->query("UPDATE comments SET grade=".$_POST['r_rating'].", comment='".$_POST['r_comment']."', created='".date('Y-m-d H:i:s')."' WHERE resourceID=".$_POST['r_rid']." AND userID=".$user->getId());
    if (mysql_affected_rows()==0) {
        $kdb->query("INSERT INTO comments (resourceID, userID, grade, comment) values (".$_POST['r_rid'].", ".$user->getId().", ".$_POST['r_rating'].", '".$_POST['r_comment']."')");
    }
    $res = $kdb->query("SELECT avg(grade) FROM comments WHERE resourceID=".$_POST['r_rid']." AND grade > 0");
    $avg = mysql_fetch_array($res);
    $kdb->query("UPDATE resources SET rating=".$avg[0]." WHERE resourceID=".$_POST['r_rid']);
    $_SESSION['krihvel_notice'] = "Kommentaar ja hinnang on salvestatud!";
    print $avg[0];
    mysql_free_result($res);
} else if ( isset($_POST['sect']) && !strcmp($_POST['sect'], "available") ) {
    $ret = $kdb->query("SELECT uname FROM users WHERE uname='".$_POST['name']."'");
    $num = mysql_num_rows($ret);
    if ( $num == 0 ) {
        print 0;
    } else {
        print 1;
    }
} else if (isset($_POST['deleteObject'])) {
    $error = 0;
    if (isset($_POST['d_folder'])){
        $fid = $_POST['d_folder'];        
        $ret = $kdb->query("SELECT folderID FROM folders WHERE parentFolder=".$fid);
        if (mysql_num_rows($ret)>0) {
            $error = 1; //"Has subfolders";
        } else {
            $ret = $kdb->query("SELECT resourceID FROM resources WHERE folderid=".$fid);
            if (mysql_num_rows($ret)>0) {
                $error = 2; // "Has objects";
            } else {
                $kdb->query("DELETE FROM folders WHERE folderID=".$fid);
            }
        } 
    } else if (isset($_POST['d_answer'])){
        $aid = $_POST['d_answer'];
        $kdb->query("DELETE FROM answers WHERE answerID=".$aid);
    } else if (isset($_POST['d_resource'])){
        $rid = $_POST['d_resource'];
        $answers_found = mysql_num_rows($kdb->query("SELECT resourceID FROM answers WHERE resourceID=".$rid));
        $images_used = mysql_num_rows($kdb->query("SELECT usedimages.resourceID FROM usedimages LEFT JOIN images ON images.imageUID = usedimages.imageUID WHERE images.resourceID=".$rid));
        if ( $answers_found>0 || $images_used>0 ){
            $ret = $kdb->query("UPDATE resources SET deleted=1 WHERE resourceID=".$rid);
        } else {
            $ret = $kdb->query("DELETE FROM resources WHERE resourceID=".$rid);                    
        }
    }
    mysql_free_result($ret);
    mysql_free_result($answers_found);
    mysql_free_result($images_used);
    print $error;
} else if (isset($_POST['copyObject'])) {
    $error = 0;
    if (isset($_POST['newTitle']) && isset($_POST['newLocation'])){
        $rid = $_POST['copyObject'];
        $ret = $kdb->query("SELECT resourceID FROM resources WHERE deleted!=1 AND resourceID=".$rid);
        if (mysql_num_rows($ret)>0){
            $error = 100;
            //print "index.php?rid=".$rid."&mode=copy&title=".$_POST['newTitle']."&location=".$_POST['newLocation'];
            //break;
        }else{
            $error = 1;
        }
        mysql_free_result($ret);
    } else {
        $error = 2;    
    }
    print $error;
} else if (isset($_POST['askForFolderList'])) {
    session_start();
    require_once('includes/user.php');
    $ret = $kdb->query("SELECT * FROM folders WHERE userID=".$user->getId());
    $res = array();
    while ( $row = mysql_fetch_array($ret) ) {
        $res[] = $row;
    }
    print json_encode($res);
} else if (isset($_POST['moveObjectAway']) && is_numeric($_POST['moveObjectAway']) && isset($_POST['d_resource']) && is_numeric($_POST['d_resource'])) {
    $rid = $_POST['d_resource'];
    $newfolder = 'NULL';
    if ($_POST['moveObjectAway']>0) {
        $newfolder = $_POST['moveObjectAway'];
    }
    //session_start();
    //require_once('includes/user.php');
    $ret = $kdb->query("UPDATE resources set folderid=".$newfolder." WHERE resourceID=".$rid);
    print json_encode($ret);
} else if (isset($_POST['getKrivhelNotice']) && is_numeric($_POST['getKrivhelNotice']) && $_POST['getKrivhelNotice']=123) {
    session_start();
    $notice = 0;
    if (isset($_SESSION['krihvel_notice'])) {
        $notice = $_SESSION['krihvel_notice'];
        unset($_SESSION['krihvel_notice']);
    }
    print json_encode($notice);
} else if (isset($_POST['get_group_data']) && is_numeric($_POST['get_group_data'])) {
    session_start();
    require_once('includes/user.php');
    $ret = $kdb->query("SELECT groupName FROM groups WHERE groupID=".$_POST['get_group_data']);
    $row = mysql_fetch_array($ret);
    $grName = $row['groupName'];
    $ret = $kdb->query("SELECT userinfo.userid, CONCAT_WS(' ', firstname, lastname) AS fullname FROM grouprelations LEFT JOIN userinfo ON grouprelations.userID=userinfo.userid WHERE grouprelations.groupID=".$_POST['get_group_data']);
    $res = array();
    while ( $row = mysql_fetch_array($ret) ) {
        $res[] = $row;
    }
    print json_encode(array($grName,$res));
}
?>