Exemple #1
0
if (!isset($_SESSION['user_id'])) {
    header('location: ' . $BASEURL . 'user/login');
    exit;
}
$user_id = $_SESSION['user_id'];
if ($_GET['id']) {
    $id = $_GET['id'];
} else {
    if ($_POST['id']) {
        $id = $_POST['id'];
    } else {
        $id = 'new';
    }
}
$dal = new DataAccessLayer();
$username = $dal->GetUsername($_SESSION['user_id']);
if (isset($_POST['save'])) {
    $fieldnames = array("username", "password", "email", "reviewer", "isvalid", "isadmin");
    foreach ($fieldnames as $i) {
        $answers[$i] = mysql_real_escape_string($_POST[$i]);
    }
    if ($_POST['formstate'] == 'new') {
        $answers['password'] = md5($_POST['password']);
        $id = $dal->NewUserCreate($answers);
    } else {
        $dal->UpdateUserInfo($answers, $_POST['id']);
    }
}
if ($id != "new") {
    $user = $dal->GetUserInfo($id);
}