Module development and code questions

For the module I am trying to develop, the pre-built forms that are made by things like the CCK aren't enough to really be effective. I need to be able to create a node using a form that I have built myself. The only problem is, I don't know how to go about submitting my form.

For instance, how do I determine a user's ID when they are submitting? How do I determine what node type I am submitting my form as?

I'm working with hook_menu in Drupal 6, attempting create a settings page using the menu and drupal_get_form. Here is what I'm using:

I have a module that creates a menu of locations from a taxonomy. So if I click on Metro Vancouver, I get a sub menu of all the regions within Metro Vancouver etc. When I select a neighbourhood, a path is sent to a menu callback to create a page of content for that area. Example: Click on Metro Vancouver/Burnaby/Metrotown and the request is routed to bookstores/163/20/15 (callback/tid/tid/tid) where the callback queries the database and returns all the bookstores that match (Yes, I could have done this in views, but for other reasons I chose to roll my own). Another function of the callback is to take the location info and create a menu of all the genres of bookstore in that neighbourhood, so that the user can filter the listing by genre. This function gets it's location info as follows:

$args = explode('/', $_GET['q']);
$argument = array_pop($args);

Would it be possible to do something like this in my form_validate and form_submit functions (in D5), so that my code is a bit more ready for D6?

From:

function my_form_form_submit($form_id, $form_values) {
  $x = $form_values['field1'];
}

To:

This has to be fairly straightforward but I can't figure it out, and surprisingly can't find any documentation on the matter.

I have a content type with a field named 'privacy'. I want to block any attempts to access that content type from unauthorised users if the field privacy has a certain value. Simple eh?

I think I could do this using Taxonomy Access but the field isn't a taxonomy, and if I change it at this stage it will have sitewide implications that will mean a lot of work.

Whenever I save a product for eg a tangible product
it executes the following queries

product_save SELECT COUNT(vid) FROM ec_product WHERE vid = 45
product_save INSERT INTO ec_product (nid, vid, sku, price, ptype, hide_cart_link) VALUES('45', '45', '', '0.00', 'tangible', '0')
tangible_productapi INSERT INTO ec_product_tangible (nid, vid, stock, manage_stock, availability) VALUES ('45', '45', '0', '0', '1')

product_save SELECT COUNT(vid) FROM ec_product WHERE vid = 45
product_save UPDATE ec_product SET nid = '45', vid = '45', sku = '', price = '0.00', ptype = 'tangible', hide_cart_link = '0' WHERE vid = 45
tangible_productapi UPDATE ec_product_tangible SET stock = '0', manage_stock = '0', availability = '1' WHERE vid = '45'

The above queries are just an example displayed using devel module.
Now what I want to know is that why is it calling the update hook after inserting the new product into the database. The job should have been finished after the insert hook of tangible module is called.

isn't it?? guide me if I am wrong.