header("Location: index.php");
}
if (isset($_POST['facility'])) {
// check to ensure this user has auths to manage this facility.
if (!$user->isAdmin() || isset($_REQUEST['id']) && intval($_REQUEST['id']) != $user->facility['id']) {
redirect_to(array('location' => 'facility.php', 'status' => "You don't have permissions to modify this facility."));
}
if (!isset($_POST['facility']['name'])) {
redirect_to(array('location' => 'facility.php' . (isset($_REQUEST['id']) ? "?action=edit&id=" . intval($_REQUEST['id']) : "?action=new"), 'status' => "You don't have permissions to modify this facility.", 'class' => 'error'));
}
try {
$facility = new Facility($database, intval($_REQUEST['id']));
} catch (Exception $e) {
redirect_to(array('location' => 'facility.php' . (isset($_REQUEST['id']) ? "?action=show&id=" . intval($_REQUEST['id']) : ""), 'status' => 'This facility does not exist.', 'class' => 'error'));
}
$updateFacility = $facility->create_or_update($_POST['facility']);
if ($updateFacility) {
redirect_to(array('location' => 'facility.php?action=show&id=' . intval($updateFacility), 'status' => "Successfully " . (isset($_REQUEST['id']) ? "updated" : "created") . " this facility.", 'class' => 'success'));
} else {
redirect_to(array('location' => 'facility.php' . (isset($_REQUEST['id']) ? "?action=edit&id=" . intval($_REQUEST['id']) : "?action=new"), 'status' => "An error occurred while " . (isset($_REQUEST['id']) ? "updating" : "creating") . " this facility.", 'class' => 'error'));
}
}
if (!isset($_REQUEST['id'])) {
$_REQUEST['id'] = 0;
}
start_html($user, "UC Medicine QA", "Manage Facilities", $_REQUEST['status'], $_REQUEST['class']);
try {
$facility = new Facility($database, intval($_REQUEST['id']));
} catch (Exception $e) {
display_error("Error: Invalid facility ID", "Please check the facility ID and try again.");
display_footer();
