case "edituser": // edit user form -- Kevin // $myrow = array(usr_id, usr_login, role_id, usr_name, usr_enabled) $user = new BaseUser(); $userinfo = $user->returnEditUser(filterSql($_GET['userid'])); $form = "<form action='base_useradmin.php?action=updateuser' Method='POST'>"; $form = $form . "<input type='hidden' name='usr_id' value='" . $userinfo[0] . "'"; $form = $form . "<table border=1 class='query'>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMUID . "</td>"; $form = $form . "<td align='left'>" . $userinfo[0] . "</td></tr>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMLOGIN . "</td>"; $form = $form . "<td align='left'>" . $userinfo[1] . "</td></tr>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMFULLNAME . "</td>"; $form = $form . "<td align='left'><input type='text' name='fullname' value='" . $userinfo[3] . "'></td></tr>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMROLE . "</td>"; $form = $form . "<td align='left'>" . $user->returnRoleNamesDropDown($userinfo[2]) . "</td></tr>"; $form = $form . "<tr><td colspan='2' align='center'><input type='submit' name='submit' value='" . _UPDATEUSER . "'></td>"; $form = $form . "</tr></table></form>"; $pagebody = $form; break; case "updateuser": // Updates user from above form.... /* This function accepts an array in the following format $userarray[0] = $userid $userarray[1] = $fullname $userarray[2] = $roleid */ $user = new BaseUser(); $userarray = array(filterSql($_POST['usr_id']), filterSql($_POST['fullname']), filterSql($_POST['roleID'])); $user->updateUser($userarray); base_header("Location: base_useradmin.php?action=list");