start_html($user, "UC Medicine QA", "Manage Facilities", $_REQUEST['status'], $_REQUEST['class']);
try {
$facility = new Facility($database, intval($_REQUEST['id']));
} catch (Exception $e) {
display_error("Error: Invalid facility ID", "Please check the facility ID and try again.");
display_footer();
exit;
}
switch ($_REQUEST['action']) {
case 'new':
//ensure that user has sufficient privileges to add a facility.
if (!$user->isAdmin()) {
display_error("Error: Insufficient privileges", "You must be an administrator to add facilities.");
break;
}
$facility->displayEditForm("Add a facility");
break;
case 'edit':
if (intval($_REQUEST['id']) != $user->facility['id'] || !$user->isAdmin()) {
display_error("Error: Insufficient privileges", "You are not allowed to modify this facility.");
break;
}
$facility->displayEditForm("Modify a facility");
break;
case 'show':
$facility->displayProfile($user);
break;
default:
case 'index':
echo "<h1>Facilities</h1>\n";
display_facilities($user);
