} // Build role select options function roleselect($rarray, $selected) { $output = ''; foreach ($rarray as $key => $value) { $select = ''; // Make the users current role selected if ($key == $selected) { $select = 'selected'; } $output .= "<option value=\"{$key}\" {$select}>{$value}</option>"; } return $output; } $roleselect = roleselect($rolearray, $role); $contents = <<<EOD <form action="authgrpmod.php?page=Add" method="post"> <table class="pagelet_table"> <tr class="pglt_tb_hdr"><td colspan="2">Add New Auth Group</td></tr> <tr class="odd"> <td>Group Name</td> <td><input type="text" name="name" class="input" maxlength="50"></td> </tr> <tr class="even"> <td>Group String</td> <td> <input type="text" name="string" size="70" maxlength="250"> </td> </tr> <tr class="odd">
$post_message .= '"Password" '; $post++; } // Has role been updated ? if (!is_numeric($_POST["role"]) || !array_key_exists($_POST["role"], $rolearray)) { throw new Exception('Invalid role ID'); } if ($row['ROLE'] != $_POST["role"]) { $sth = $dbh->prepare("UPDATE USERS SET ROLE = ? WHERE ID = ?"); $sth->bindParam(1, $_POST["role"]); $sth->bindParam(2, $id); $sth->execute(); $post_message .= '"User Role" '; $post++; // Set new role for page refresh $roleselect = roleselect($rolearray, $_POST["role"]); } // Was anything updated -- Do something about errors if ($post > 0) { $post_message = "<p>The following items have been updated: {$post_message}</p>"; } else { $post_message = "<p>No settings where updated.</p>"; } // If all is well commit the trans $dbh->commit(); } catch (Exception $e) { $dbh->rollBack(); $post_message = $e->getMessage(); $post_message = "<p class=\"error\"><strong>Error:</strong> {$post_message} </p>\n"; $post = 1; }
$time = time(); $added_by = $_SESSION['user']; $sth = $dbh->prepare("INSERT INTO USERS ('NAME','HASH','ADDED_BY','DATE_ADDED','ROLE') VALUES (:username,:hash,'{$added_by}',{$time},:role)"); $sth->bindValue(':username', $username); $sth->bindValue(':hash', $hash); $sth->bindValue(':role', $_POST["role"]); $sth->execute(); $dbh->commit(); } catch (Exception $e) { $dbh->rollBack(); $contents = $e->getMessage(); $contents = "<p class=\"error\"><strong>Error:</strong> {$contents} </p>\n"; } } else { // Page body - Create $roleselect = roleselect($rolearray, $row['ROLE']); $contents = <<<EOD \t\t<form action="users.php?page=Add" method="post"> \t\t<table class="pagelet_table"> \t\t\t<tr class="pglt_tb_hdr"><td colspan="2">Create New User</td></tr> \t\t\t<tr class="odd"><td>User Name</td><td><input type="text" name="username" class="input" maxlength="30"></td></tr> \t\t\t<tr class="even"><td>Password</td><td><input type="password" name="password" class="input" maxlength="30"></td></tr> \t\t\t<tr class="odd"><td>Confirm Password</td><td><input type="password" name="password2" class="input" maxlength="30"></td></tr> \t\t\t<tr class="even"><td>Role</td><td> \t\t\t\t<select name="role"> \t\t\t\t\t{$roleselect} \t\t\t\t</select> \t\t\t</td></tr> \t\t</table> \t\t<input type="submit" name="change" value="Create"> \t\t</form>