You should use jQuery or another JS Tool / Framework to fire an AJAX request to your application. Build an interface which takes data e.g. the divId and the userId as well as the positionId. Note that you have to check the session by using the userId because the application security is affected if you allow this for each user.
You should return JSON (json_encode FTW!) to communicate with your javascript script.
Database:
id, userId, divId, positionId
1, 1, 1, 2
1, 1, 2, 1
PHP:
<?php
$positionId = $_GET['positionId'];
$divId = $_GET['divId'];
$userId = $_GET['userId']; // make sure that this userId is equal to your session
// init db
// check for existing entity (e.g. the div already exist for this user)
$db->query("INSERT INTO position SET userId = :userId, divId = :divId, positionId = :positionId");
// execute
json_encode(array('success' => true));
JS:
$.ajax({
url: '/your_script.php',
params: {
userId: 1,
positionId: 1,
divId: 1
},
dataType: 'json',
success: function(response) {
if (response.success) {
// display feedback
}
}
});