<?php
    session_start();
    $strLoginName=(isset($_SESSION['user'])) ? $_SESSION['user'] : "" ;
    $boolLogin = (!empty($strLoginName));
    if (!$boolLogin) {
        header("Location: login.php");
    }
    require("../config.php");

    if($_POST['csrf'] !== $_SESSION['csrf_token']) {
        die("Ungültiger Token");
      }
    $boolRating   = (isset($_POST['rating'])) ? "1" : "0";
    $boolComment  = (isset($_POST['comment'])) ? "1" : "0";
    $boolUpload   = (isset($_POST['fileupload'])) ? "1" : "0";
    $boolUserinfo = (isset($_POST['userinfo'])) ? "1" : "0";
    $boolDefect   = (isset($_POST['defect'])) ? "1" : "0";
    $boolDistrictSelection =  (isset($_POST['districtSelection'])) ? "1" : "0";


    $strUploaddir = $_POST['uploaddir'];
    $strTitle   = $_POST['title'];
    $strLogo     = $_POST['logo'];
    $contactEmail= $_POST['contactEmail'];
    $strImpressum= $_POST['impressum'];
    $strUrl      = $_POST['url'];
    $strUrlBez   = $_POST['urlBez'];
    $strIntroText= $_POST['introtext'];

    $strImpressum=addslashes($strImpressum);
    $strIntroText=addslashes($strIntroText);

    $db->query("UPDATE `config` SET `value`= '$strUploaddir' WHERE `key`='uploaddir'");
    $db->query("UPDATE `config` SET `value`= '$strTitle' WHERE `key`='title'");
    $db->query("UPDATE `config` SET `value`= '$strLogo' WHERE `key`='logo'");
    $db->query("UPDATE `config` SET `value`= '$contactEmail' WHERE `key`='contactEmail'");
    $db->query("UPDATE `config` SET `value`= '$strImpressum' WHERE `key`='impressum'");
    $db->query("UPDATE `config` SET `value`= '$strUrlBez' WHERE `key`='UrlBez'");
    $db->query("UPDATE `config` SET `value`= '$strUrl' WHERE `key`='url'");
    $db->query("UPDATE `config` SET `value`= '$strIntroText' WHERE `key`='IntroText'");
    $db->query("UPDATE `config` SET `value`= '$boolRating' WHERE `key`='boolRating'");
    $db->query("UPDATE `config` SET `value`= '$boolComment' WHERE `key`='boolComment'");
    $db->query("UPDATE `config` SET `value`= '$boolUserinfo' WHERE `key`='boolUserinfo'");
    $db->query("UPDATE `config` SET `value`= '$boolDefect' WHERE `key`='boolDefect'");
    $db->query("UPDATE `config` SET `value`= '$boolUpload' WHERE `key`='boolUpload'");
    $db->query("UPDATE `config` SET `value`= '$boolDistrictSelection' WHERE `key`='boolDistrictSelection'");
    header("Location: configuration.php");