display_error("Error: Invalid facility ID", "Please check the facility ID and try again."); display_footer(); exit; } switch ($_REQUEST['action']) { case 'new': //ensure that user has sufficient privileges to add a facility. if (!$user->isAdmin()) { display_error("Error: Insufficient privileges", "You must be an administrator to add facilities."); break; } $facility->displayEditForm("Add a facility"); break; case 'edit': if (intval($_REQUEST['id']) != $user->facility['id'] || !$user->isAdmin()) { display_error("Error: Insufficient privileges", "You are not allowed to modify this facility."); break; } $facility->displayEditForm("Modify a facility"); break; case 'show': $facility->displayProfile($user); break; default: case 'index': echo "<h1>Facilities</h1>\n"; display_facilities($user); echo "<a href='facility.php?action=new'>Add a new facility</a><br />\n"; break; } display_footer();