# echo "<div class=\"pgbox\">\n"; echo " <div class=\"pgboxtitle\"><span class=\"f3\">" . __("Accounts") . "</span></div>\n"; echo " <div class=\"pgboxbody\">\n"; if (isset($_COOKIE["AURSID"])) { # visitor is logged in # $dbh = db_connect(); $atype = account_from_sid($_COOKIE["AURSID"]); if ($_REQUEST["Action"] == "SearchAccounts") { # security check # if ($atype == "Trusted User" || $atype == "Developer") { # the user has entered search criteria, find any matching accounts # search_results_page($atype, $_REQUEST["O"], $_REQUEST["SB"], $_REQUEST["U"], $_REQUEST["T"], $_REQUEST["S"], $_REQUEST["E"], $_REQUEST["R"], $_REQUEST["I"]); } else { # a non-privileged user is trying to access the search page # print __("You are not allowed to access this area.") . "<br />\n"; } } elseif ($_REQUEST["Action"] == "DisplayAccount") { # the user has clicked 'edit', display the account details in a form # $q = "SELECT Users.*, AccountTypes.AccountType "; $q .= "FROM Users, AccountTypes "; $q .= "WHERE AccountTypes.ID = Users.AccountTypeID "; $q .= "AND Users.ID = " . intval($_REQUEST["ID"]); $result = db_query($q, $dbh); if (!mysql_num_rows($result)) { print __("Could not retrieve information for the specified user.");
html_header(__('Account') . ' ' . $row['Username']); } else { html_header(__('Accounts')); } # Main page processing here # echo "<div class=\"box\">\n"; echo " <h2>" . __("Accounts") . "</h2>\n"; if (isset($_COOKIE["AURSID"])) { if ($action == "SearchAccounts") { # security check # if (has_credential(CRED_ACCOUNT_SEARCH)) { # the user has entered search criteria, find any matching accounts # search_results_page(in_request("O"), in_request("SB"), in_request("U"), in_request("T"), in_request("S"), in_request("E"), in_request("R"), in_request("I"), in_request("K")); } else { # a non-privileged user is trying to access the search page # print __("You are not allowed to access this area.") . "<br />\n"; } } elseif ($action == "DisplayAccount") { # the user has clicked 'edit', display the account details in a form # if (empty($row)) { print __("Could not retrieve information for the specified user."); } else { /* Verify user has permission to edit the account */ if (can_edit_account($row)) { display_account_form("UpdateAccount", $row["Username"], $row["AccountTypeID"], $row["Suspended"], $row["Email"], $row["HideEmail"], "", "", $row["RealName"], $row["LangPreference"], $row["IRCNick"], $row["PGPKey"], $PK, $row["InactivityTS"] ? 1 : 0, $row["ID"], $row["Username"]); } else {