<?php
if (isset($sectionId) && $sectionId != 0)
{
    $query = "SELECT UserLevelSection.* FROM UserLevelSection WHERE SectionId = '" . intval($sectionId) . "' AND UserLevelId = '" . intval($_SESSION['userLevelId']) . "';";
    if ($result = $mysqli->query($query))
    {
        while ($row = $result->fetch_object())
        {
            if($row->Create)
            {
                $userCreate = true;
            }
            if($row->Read)
            {
                $userRead = true;
            }
            if($row->Update)
            {
                $userUpdate = true;
            }
            if($row->Delete)
            {
                $userDelete = true;
            }
        }
        $result->close();
    }
    else
    {
        print $mysqli->error;
        exit;
    }

    if(isset($sectionCreate) && isset($userCreate))
    {
        // create
        //print 'create';
    }
    else if(isset($sectionRead) && isset($userRead))
    {
        // read
        //print 'read';
    }
    else if(isset($sectionUpdate) && isset($userUpdate))
    {
        // update
        //print 'update';
    }
    else if(isset($sectionDelete) && isset($userDelete))
    {
        // delete
        //print 'delete';
    }
    else
    {
        header("Location: ../dashboard");
        exit;
    }
}
else if (isset($sectionId) && $sectionId == 0)
{
    $query = "SELECT UserLevelSection.* FROM UserLevelSection WHERE UserLevelId = '" . intval($_SESSION['userLevelId']) . "';";
    if ($result = $mysqli->query($query))
    {
        while ($row = $result->fetch_object())
        {
            $userAccess[$row->SectionId] = $row->Read;
        }
        $result->close();
    }
    else
    {
        print $mysqli->error;
        exit;
    }
}
?>