<?php
session_start();
if (!isset($_SESSION['loggedin'])) {
    exit("unauthorized");
}

include "../database.php";

$user_id = $_POST["user_id"];
$name = $_POST["name"];
$surname = $_POST["surname"];
$cf = $_POST["cf"];
$reg_num = $_POST["reg_num"];
$user_qual = $_POST["user_qual"];
$user_qual_2 = $_POST["user_qual_2"];
$email = $_POST["email"];
$role = $_POST["role"];
$office = $_POST["office"];
$gender_male = $_POST["gender_male"];
$gender_female = $_POST["gender_female"];
$badge = $_POST["badge"];
$enable = $_POST["enable"];
$bacheca_notifies = $_POST["bacheca_notifies"];
$attendance = $_POST["attendance"];

if ($gender_male == "true") {
    $gender = 'M';
}
if ($gender_female == "true") {
    $gender = 'F';
}

$sql_update = "UPDATE users SET name = '" . $name . "', surname = '" . $surname . "', fiscal_code = '$cf', email = '" . $email . "', office = '" . $office . "', role = '" . $role . "', gender = '" . $gender . "', badge = '" . $badge . "', enable = " . $enable . ", bacheca_notifies = " . $bacheca_notifies . ", registration_number = '" . $reg_num . "', qualification = '" . $user_qual . "', qualification_2 = '" . $user_qual_2 . "', attendance = $attendance WHERE id = " . $user_id . "";
if ($con->query($sql_update)) {
    echo "ok";
} else {
    echo "error";
}

$con->close();