<?php
// add new filter
if(isset($_POST['btnNewFilter']) && !empty($_POST['btnNewFilter']) && isset($_POST['userFilterName']) && !empty($_POST['userFilterName']))
{
	$name = mysqli_real_escape_string($mysqli, $_POST['userFilterName']);
	$description = mysqli_real_escape_string($mysqli, http_build_query($_REQUEST));
	if ($result = $mysqli->query("INSERT INTO UserFilter (UserId, PageId, Name, Description, CreatedDateTime, CreatedByUserId)
	VALUES ('" . $_SESSION['userId'] . "', '" . $pageId . "', '" . $name . "', '" . $description . "', NOW(), '" . $_SESSION['userId'] . "');"))
	{
		$error = 'The filter has been saved.';
	}
	else
	{
		print $mysqli->error;
		exit;
	}
}
else if(isset($_POST['btnSavedFilter']) && !empty($_POST['btnSavedFilter']) && isset($_POST['UserFilterId']) && !empty($_POST['UserFilterId']))
{
	$UserFilterId = $_POST['UserFilterId'];
	if ($result = $mysqli->query("SELECT Description FROM UserFilter WHERE Id = '" . $UserFilterId . "' AND UserId = '" . $_SESSION['userId'] . "' AND PageId = '" . $pageId . "' LIMIT 1;"))
    {
		while ($row = $result->fetch_object())
		{
			header("Location: " . $_SERVER['PHP_SELF'] . '?' . $row->Description);
			exit;
		}
	}
    else
    {
        print $mysqli->error;
        exit;
    }
    $result->close();
}
else if(isset($_POST['btnDeleteFilter']) && !empty($_POST['btnDeleteFilter']) && isset($_POST['UserFilterId']) && !empty($_POST['UserFilterId']))
{
	$UserFilterId = $_POST['UserFilterId'];
	if ($result = $mysqli->query("DELETE FROM UserFilter WHERE UserId = '" . $_SESSION['userId'] . "' AND PageId = '" . $pageId . "' AND Id = '" . $UserFilterId . "';"))
	{
		$error = 'The filter has been deleted.';
	}
	else
	{
		print $mysqli->error;
		exit;
	}
}
?>