if (!$user) {
$titleBlock = new w2p_Theme_TitleBlock('Invalid User ID', 'helix-setup-user.png', $m, "{$m}.{$a}");
$titleBlock->addCrumb('?m=admin', 'users list');
$titleBlock->show();
} else {
$countries = w2PgetSysVal('GlobalCountries');
// setup the title block
$titleBlock = new w2p_Theme_TitleBlock('View User', 'helix-setup-user.png', $m, "{$m}.{$a}");
if ($canRead) {
$titleBlock->addCrumb('?m=admin', 'users list');
}
if ($canEdit || $user_id == $AppUI->user_id) {
$titleBlock->addCrumb('?m=admin&a=addedituser&user_id=' . $user_id, 'edit this user');
$titleBlock->addCrumb('?m=contacts&a=addedit&contact_id=' . $user->contact_id, 'edit this contact');
$titleBlock->addCrumb('?m=system&a=addeditpref&user_id=' . $user_id, 'edit preferences');
$titleBlock->addCrumbRight('<div class="crumb"><ul style="float:right;"><li><a href="javascript: void(0);" onclick="popChgPwd();return false"><span>' . $AppUI->_('change password') . '</span></a></li></ul></div>');
$titleBlock->addCell('<td align="right" width="100%"><input type="button" class=button value="' . $AppUI->_('add user') . '" onclick="javascript:window.location=\'./index.php?m=admin&a=addedituser\';" /></td>');
}
$titleBlock->show();
?>
<script language="javascript" type="text/javascript">
<?php
// security improvement:
// some javascript functions may not appear on client side in case of user not having write permissions
// else users would be able to arbitrarily run 'bad' functions
if ($canEdit || $user_id == $AppUI->user_id) {
?>
function popChgPwd() {
window.open( './index.php?m=public&a=chpwd&dialog=1&user_id=<?php
echo $user->user_id;
?>
