<?
require_once("../../common.inc.php");

// page variable name
$page_field = "";
//

include("config.php");

//check login session
if (empty($_SESSION["backend_sysid"])) {
	header("Location: ../error.php");
	exit;
}


getpost();


if ($id == "") {	
	
	//check
	if ($temp_id == "") {
		header("Location: ".$page_address_list);
		exit;
	}

	//insert
	$sql = "INSERT INTO `".$page_tbname."` ( `id` )
			VALUES (
			NULL
			);";
	$db->query($sql);
	$id = $db->insert_id();
	
	if($temp_id != ""){
		$sql = "UPDATE `attachment` SET
			`table_id` = '".$id."', `temp_id` = ''
			WHERE `table_name` = '".$page_tbname."' AND `temp_id` = '".$temp_id."'";
		$db->query($sql);
	}
	
}


$title = $_POST['title'];
 

$sql="
UPDATE ".$page_tbname." SET
 `status` = '".escapeit($display)."'
, `type` = 'book'
, `language` = 'zh-hant'
, `author` = '".escapeit($author)."'
, `price` = '".escapeit($price)."'
, `isbn` = '".escapeit($isbn)."'
, `publisher` = '".escapeit($publisher)."'
, `levelone` = '".escapeit($levelone)."'
, `tag` = '".escapeit($leveltwo)."'
, `weight` = '".escapeit($weight)."'
, `popular` = '".escapeit($popular)."'
, `publishing_date` = '".escapeit($publishing_date)."'
, `title` = '".escapeit($title)."'
, `content` = '".escapeit($content)."'
where `id` = '$id'
";
$db->query($sql);

//delete file
if (!empty($delfiles)) {
	foreach ($delfiles as $key => $value) {
		del_attachment($value, "../../");
	}
}


	header("Location: ".$page_address_list."?keepSession=1&page=".$page);

exit;
?>