}
// Build role select options
function roleselect($rarray, $selected)
{
$output = '';
foreach ($rarray as $key => $value) {
$select = '';
// Make the users current role selected
if ($key == $selected) {
$select = 'selected';
}
$output .= "<option value=\"{$key}\" {$select}>{$value}</option>";
}
return $output;
}
$roleselect = roleselect($rolearray, $role);
$contents = <<<EOD
<form action="authgrpmod.php?page=Add" method="post">
<table class="pagelet_table">
<tr class="pglt_tb_hdr"><td colspan="2">Add New Auth Group</td></tr>
<tr class="odd">
<td>Group Name</td>
<td><input type="text" name="name" class="input" maxlength="50"></td>
</tr>
<tr class="even">
<td>Group String</td>
<td>
<input type="text" name="string" size="70" maxlength="250">
</td>
</tr>
<tr class="odd">
$post_message .= '"Password" ';
$post++;
}
// Has role been updated ?
if (!is_numeric($_POST["role"]) || !array_key_exists($_POST["role"], $rolearray)) {
throw new Exception('Invalid role ID');
}
if ($row['ROLE'] != $_POST["role"]) {
$sth = $dbh->prepare("UPDATE USERS SET ROLE = ? WHERE ID = ?");
$sth->bindParam(1, $_POST["role"]);
$sth->bindParam(2, $id);
$sth->execute();
$post_message .= '"User Role" ';
$post++;
// Set new role for page refresh
$roleselect = roleselect($rolearray, $_POST["role"]);
}
// Was anything updated -- Do something about errors
if ($post > 0) {
$post_message = "<p>The following items have been updated: {$post_message}</p>";
} else {
$post_message = "<p>No settings where updated.</p>";
}
// If all is well commit the trans
$dbh->commit();
} catch (Exception $e) {
$dbh->rollBack();
$post_message = $e->getMessage();
$post_message = "<p class=\"error\"><strong>Error:</strong> {$post_message} </p>\n";
$post = 1;
}
$time = time();
$added_by = $_SESSION['user'];
$sth = $dbh->prepare("INSERT INTO USERS ('NAME','HASH','ADDED_BY','DATE_ADDED','ROLE') VALUES (:username,:hash,'{$added_by}',{$time},:role)");
$sth->bindValue(':username', $username);
$sth->bindValue(':hash', $hash);
$sth->bindValue(':role', $_POST["role"]);
$sth->execute();
$dbh->commit();
} catch (Exception $e) {
$dbh->rollBack();
$contents = $e->getMessage();
$contents = "<p class=\"error\"><strong>Error:</strong> {$contents} </p>\n";
}
} else {
// Page body - Create
$roleselect = roleselect($rolearray, $row['ROLE']);
$contents = <<<EOD
\t\t<form action="users.php?page=Add" method="post">
\t\t<table class="pagelet_table">
\t\t\t<tr class="pglt_tb_hdr"><td colspan="2">Create New User</td></tr>
\t\t\t<tr class="odd"><td>User Name</td><td><input type="text" name="username" class="input" maxlength="30"></td></tr>
\t\t\t<tr class="even"><td>Password</td><td><input type="password" name="password" class="input" maxlength="30"></td></tr>
\t\t\t<tr class="odd"><td>Confirm Password</td><td><input type="password" name="password2" class="input" maxlength="30"></td></tr>
\t\t\t<tr class="even"><td>Role</td><td>
\t\t\t\t<select name="role">
\t\t\t\t\t{$roleselect}
\t\t\t\t</select>
\t\t\t</td></tr>
\t\t</table>
\t\t<input type="submit" name="change" value="Create">
\t\t</form>
