break; case 'pm': display_pm(); break; case 'register': display_registration(); break; case 'season_details': display_season_details(); break; case 'team': display_team(); break; case 'upload_match_media': display_upload_match_media(); break; case 'user': display_user_profile(); break; } } else { display_errors(250); } // permission denied } //assigning page parts that are always visible $smarty->assign('head', $smarty->fetch("head.tpl")); $smarty->assign('left_navi', $smarty->fetch("left_navi.tpl")); $smarty->assign('right_navi', $smarty->fetch("right_navi.tpl")); $smarty->assign('footer', $smarty->fetch("footer.tpl")); $smarty->display('index.tpl');
} if ($user->isAdmin()) { $facility_id = $database->queryFirstValue("SELECT `facility_id` FROM `users` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1"); if (!$facility_id) { display_error("Error: Invalid user ID", "Please check your ID and try again."); break; } elseif (intval($facility_id) != $user->facility['id']) { display_error("Error: Insufficient privileges", "You may only view your own facility's users."); break; } } echo "<h1>Modify a user</h1>\r\n"; display_user_edit_form($user, intval($_REQUEST['id'])); break; case 'show': $userName = $database->queryFirstValue("SELECT `name` FROM `users` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1"); if (!$userName) { echo "This user was not found. Please select another user and try again."; } else { echo "<h1>" . escape_output($userName) . "</h1>\r\n"; display_user_profile($user, intval($_REQUEST['id'])); } break; default: case 'index': echo "<h1>Users</h1>\r\n"; display_users($user); echo "<a href='user.php?action=new'>Add a new user</a><br />\r\n"; break; } display_footer();