$form = $form . "<td align='left'><input type='text' name='roleid'></td></tr>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMROLENAME . "</td>"; $form = $form . "<td align='left'><input type='text' name='rolename'></td></tr>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMROLEDESC . "</td>"; $form = $form . "<td align='left'><input type='text' name='desc'></td></tr>"; $form = $form . "<tr><td colspan='2' align='center'><input type='submit' name='submit' value='" . _SUBMITQUERY . "'></td>"; $form = $form . "</tr></table></form>"; $pagebody = $form; break; case "add": // actually add the user to the database $roleid = filterSql($_POST['roleid']); $rolename = filterSql($_POST['rolename']); $desc = filterSql($_POST['desc']); $BRole = new BaseRole(); $added = $BRole->addRole($roleid, $rolename, $desc); $pagebody = $added; break; case "editrole": // edit role form -- Kevin // $myrow = array(role_id, |role_name, |role_desc) $role = new BaseRole(); $roleinfo = $role->returnEditRole(filterSql($_GET['roleid'])); $form = "<form action='base_roleadmin.php?action=updaterole' Method='POST'>"; $form = $form . "<input type='hidden' name='role_id' value='" . $roleinfo[0] . "'"; $form = $form . "<table border=1 class='query'>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMROLEID . "</td>"; $form = $form . "<td align='left'>" . $roleinfo[0] . "</td></tr>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMROLENAME . "</td>"; $form = $form . "<td align='left'><input type='text' name='role_name' value='" . $roleinfo[1] . "'></td></tr>"; $form = $form . "<tr><td width='25%' align='right'>" . _FRMROLEDESC . "</td>";