case "read": $qry_sel = "SELECT * FROM `privilege`"; echo json_encode($OBCrud->read($qry_sel)); break; } break; case "user": switch ($_REQUEST["crud"]) { case "create": $username = $bfurn_db->quote(strtolower($_REQUEST["username"])); $password = $bfurn_db->quote(get_enc_password($_REQUEST["password"], ENC_PASSWORD)); $iduser_group = $_REQUEST["iduser_group"]; $fullname = $bfurn_db->quote($_REQUEST["fullname"]); $email = $bfurn_db->quote(!empty($_REQUEST["email"]) ? $_REQUEST["email"] : strtolower($_REQUEST["username"]) . '@' . $_SERVER["HTTP_HOST"]); $qry_ins = "INSERT INTO `user`(`username`,`password`,iduser_group,email,fullname)\n\t\t\tVALUES({$username},{$password},{$iduser_group},{$email},{$fullname})"; echo json_encode($OBCrud->create($qry_ins)); break; case "read": $qry_sel = "SELECT u.iduser,u.username, ug.`name` AS groupname, u.iduser_group, u.fullname, u.email\n\t\t\tFROM `user` u\n\t\t\tLEFT JOIN `user_group` ug\n\t\t\t\tON(u.iduser_group = ug.iduser_group)"; echo json_encode($OBCrud->read($qry_sel)); break; case "update": $iduser = $_REQUEST["iduser"]; $username = $bfurn_db->quote(strtolower($_REQUEST["username"])); $password = empty($_REQUEST["password"]) ? '' : $bfurn_db->quote(get_enc_password($_REQUEST["password"], ENC_PASSWORD)); $iduser_group_old = $_REQUEST["iduser_group_old"]; $iduser_group = $_REQUEST["iduser_group"]; $fullname = $bfurn_db->quote($_REQUEST["fullname"]); $email = $bfurn_db->quote(!empty($_REQUEST["email"]) ? $_REQUEST["email"] : strtolower($_REQUEST["username"]) . '@' . $_SERVER["HTTP_HOST"]); //BEGIN DELETE privilege_user_revoke FIRST=================================== if ($iduser_group_old != $iduser_group) {