<?php $showSearch = true; if (isset($_POST['userSelect']) && is_numeric($_POST['userSelect'])) { $userEdit = new eCRFUser($_POST['userSelect']); if ($userEdit->get('email') && $userEdit->getPrivilege() >= $user->getPrivilege()) { $showSearch = false; echo "<h4>Edit the user's details below</h4>"; $form = new HTMLForm('process.php', 'post'); $fields = $trial->getFormFields($page); $form->processFields($fields, $userEdit); if (isset($_SESSION['inputErr'])) { // If any errors then add them to the form $form->addErrors($_SESSION['inputErr']); unset($_SESSION['inputErr']); } $centre = new Data($userEdit->getCentre(), 'Centre'); $form->addInputValue('usereg-country', $centre->get('country_id')); $form->addInput('hidden', 'userID', $userEdit->getID()); $form->addInput('hidden', 'page', $page); $form->addInput('hidden', 'deleteUser', 'false'); $form->addButton('Delete', array('btn-danger', 'hidden')); $form->addCancelButton('index.php?page=usereg'); $_SESSION['csrfToken'] = $token = base64_encode(openssl_random_pseudo_bytes(32)); $form->addInput('hidden', 'csrfToken', $token); echo $form->writeHTML(); } } if ($showSearch) { $sql = "SELECT *, user.id as userID, centre.name as centreName, country.name as countryName, privilege.name as privilegeName, privilege_id FROM user\n LEFT JOIN centre ON centre_id = centre.id\n LEFT JOIN country ON country_id = country.id\n LEFT JOIN privilege ON privilege_id = privilege.id"; if ($user->isLocal()) {