} } $_SESSION[$include] = $data; header("Location:index.php?page={$include}"); exit; break; case 'usereg': if (isset($_POST['userID']) && is_numeric($_POST['userID'])) { $userEdit = new eCRFUser($_POST['userID']); if ($userEdit->getPrivilege() > 90 && $_POST['usereg-privilege_id'] < 90) { $_SESSION['error'] = "You must use the User Admin screen to authorise new users."; } elseif ($userEdit->getPrivilege() < $user->getPrivilege() || $user->getPrivilege() > $_POST['usereg-privilege_id']) { $_SESSION['error'] = "You cannot edit a user with greater privilege than yourself."; } elseif ($userEdit->getCentre() != $user->getCentre() && $user->isLocal()) { $_SESSION['error'] = "You cannot edit users from other centres."; } elseif ($userEdit->getCountry() != $user->getCountry() && !$user->isCentralAdmin()) { $_SESSION['error'] = "You cannot edit users from other countries."; } elseif ($userEdit->getID() !== $user->getID() && $_POST['deleteUser'] === '1') { $userEdit->deleteUser(); $_SESSION['message'] = "You have deleted the user."; } else { if ($trial->addUserInput($_POST, $userEdit)) { if ($_POST['usereg-revalUser'] === '1') { $password = $userEdit->generatePassword(); // Generate new password $userEdit->setPassword($password, $user->getKey()); // Set it for the user $email = $userEdit->writeEmail('created', $user, $password); // Send email with username and password $mail = $trial->sendEmail($email); }