<?php
session_start();
if (!isset($_SESSION['loggedin'])) {
    exit("unauthorized");
}

include "../database.php";

$type = $_POST["type"];
$id = $_POST["id"];
$approve = $_POST["approve"];
$notify = $_POST["notify"];

if($type == "stamps") {
    $sql_update = "UPDATE users SET stamps_approver = $approve WHERE id = $id";
    if ($con->query($sql_update)) {
        echo "ok";
    } else {
        echo "error";
    }
} else if($type == "permissions") {
    $sql_update = "UPDATE users SET permissions_approver = $approve, permissions_notifies = $notify WHERE id = $id";
    if ($con->query($sql_update)) {
        echo "ok";
    } else {
        echo "error";
    }
} else if($type == "transfers") {
    $sql_update = "UPDATE users SET transfers_approver = $approve, transfers_notifies = $notify WHERE id = $id";
    if ($con->query($sql_update)) {
        echo "ok";
    } else {
        echo "error";
    }
}

$con->close();