$dal = new DataAccessLayer();
$username = $dal->GetUsername($_SESSION['user_id']);
if (isset($_POST['save'])) {
$fieldnames = array("username", "password", "email", "reviewer", "isvalid", "isadmin");
foreach ($fieldnames as $i) {
$answers[$i] = mysql_real_escape_string($_POST[$i]);
}
if ($_POST['formstate'] == 'new') {
$answers['password'] = md5($_POST['password']);
$id = $dal->NewUserCreate($answers);
} else {
$dal->UpdateUserInfo($answers, $_POST['id']);
}
}
if ($id != "new") {
$user = $dal->GetUserInfo($id);
}
include "{$BASEDIR}/templates/header_review.php";
?>
<form method="post" action="<?php
echo $BASEURL;
?>
user/view">
<h1>View User Info</h1>
<?php
include "{$BASEDIR}/templates/admin_nav.php";
$isadmin = $dal->IsSysAdmin($_SESSION['user_id']);
if ($isadmin == 1) {
?>
<fieldset><input type="hidden" name="id" id="id"