$form = $form . "<td align='left'><input type='text' name='roleid'></td></tr>";
$form = $form . "<tr><td width='25%' align='right'>" . _FRMROLENAME . "</td>";
$form = $form . "<td align='left'><input type='text' name='rolename'></td></tr>";
$form = $form . "<tr><td width='25%' align='right'>" . _FRMROLEDESC . "</td>";
$form = $form . "<td align='left'><input type='text' name='desc'></td></tr>";
$form = $form . "<tr><td colspan='2' align='center'><input type='submit' name='submit' value='" . _SUBMITQUERY . "'></td>";
$form = $form . "</tr></table></form>";
$pagebody = $form;
break;
case "add":
// actually add the user to the database
$roleid = filterSql($_POST['roleid']);
$rolename = filterSql($_POST['rolename']);
$desc = filterSql($_POST['desc']);
$BRole = new BaseRole();
$added = $BRole->addRole($roleid, $rolename, $desc);
$pagebody = $added;
break;
case "editrole":
// edit role form -- Kevin
// $myrow = array(role_id, |role_name, |role_desc)
$role = new BaseRole();
$roleinfo = $role->returnEditRole(filterSql($_GET['roleid']));
$form = "<form action='base_roleadmin.php?action=updaterole' Method='POST'>";
$form = $form . "<input type='hidden' name='role_id' value='" . $roleinfo[0] . "'";
$form = $form . "<table border=1 class='query'>";
$form = $form . "<tr><td width='25%' align='right'>" . _FRMROLEID . "</td>";
$form = $form . "<td align='left'>" . $roleinfo[0] . "</td></tr>";
$form = $form . "<tr><td width='25%' align='right'>" . _FRMROLENAME . "</td>";
$form = $form . "<td align='left'><input type='text' name='role_name' value='" . $roleinfo[1] . "'></td></tr>";
$form = $form . "<tr><td width='25%' align='right'>" . _FRMROLEDESC . "</td>";
