$rolearray = array(filterSql($_POST['role_id']), filterSql($_POST['role_name']), filterSql($_POST['desc'])); $role->updateRole($rolearray); base_header("Location: base_roleadmin.php?action=list"); break; case "deleterole": // Deletes role $roleid = filterSql($_GET['roleid']); $BRole = new BaseRole(); $BRole->deleteRole($roleid); base_header("Location: base_roleadmin.php?action=list"); break; case "list": // lists the roles // Build table to list roles and return it as $roletable $role = new BaseRole(); $roles = $role->returnRoles(); $tmpHTML = "<TABLE CELLSPACING=0 CELLPADDING=2 BORDER=0 WIDTH='100%' BGCOLOR='#000000'><TR><TD>"; $tmpHTML = $tmpHTML . "<table CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH='100%' BGCOLOR='#FFFFFF'>"; $tmpHTML = $tmpHTML . "<tr><td CLASS='plfieldhdr' width=25>" . _EDIT . "</td><td CLASS='plfieldhdr' width=35> " . _DELETE . "</td><td CLASS='plfieldhdr'>" . _ID . "</td><td CLASS='plfieldhdr'>" . _NAME; $tmpHTML = $tmpHTML . "</td><td CLASS='plfieldhdr'>" . _DESC . "</td></tr>"; foreach ($roles as $row) { //explode array rows and build table $tmpRow = explode("|", $row); $tmpHTML = $tmpHTML . "<tr><td align='center'><a href='base_roleadmin.php?action=editrole&roleid=" . urlencode($tmpRow[0]) . "'>"; $tmpHTML = $tmpHTML . "<img src='" . $BASE_urlpath . "/images/button_edit.png' border='0' alt='button_edit'></a></td>"; $tmpHTML = $tmpHTML . "<td align='center'><a href='base_roleadmin.php?action=deleterole&roleid=" . urlencode($tmpRow[0]) . "'>"; $tmpHTML = $tmpHTML . "<img src='" . $BASE_urlpath . "/images/button_delete.png' border='0' alt='button_delete'></a></td>"; $tmpHTML = $tmpHTML . "<td align='center'>" . htmlspecialchars($tmpRow[0]); $tmpHTML = $tmpHTML . "</td><td align='center'>" . htmlspecialchars($tmpRow[1]); $tmpHTML = $tmpHTML . "</td><td align='center'>" . htmlspecialchars($tmpRow[2]); $tmpHTML = $tmpHTML . "</td></tr>";