<?php

// Parse the parameters from the Ajax.Request

if(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER ['HTTP_X_REQUESTED_WITH']  == 'XMLHttpRequest') {
	require( dirname(__FILE__) . '/../../../../wp-config.php' );
	if (!(is_user_logged_in() && current_user_can('edit_posts')))
		die("Athentication failed!");

	
	global $wpdb, $canvas;
	
	$theme = get_option('template');
	foreach($_GET as $key => $value) {
		if(!empty($value)) {
			$option_name = 'zone_handler';
			$zone = str_replace('zoneoption_', '', $key);
			
 			if($wpdb->get_var("SELECT option_id FROM ".$canvas->zone_options." WHERE option_name ='$option_name' AND zone = '$zone' AND theme = '$theme'"))
 				$wpdb->query("UPDATE ".$canvas->zone_options." SET value = '$value' WHERE option_name = '$option_name' AND zone = '$zone' AND theme = '$theme'");
 			else $wpdb->query("INSERT INTO ".$canvas->zone_options." (zone, option_name, value, theme) VALUES ('$zone', '$option_name', '$value', '$theme')");
		}
	}
}
?>