Exemplo n.º 1
0
 case "edituser":
     // edit user form -- Kevin
     // $myrow = array(usr_id, usr_login, role_id, usr_name, usr_enabled)
     $user = new BaseUser();
     $userinfo = $user->returnEditUser(filterSql($_GET['userid']));
     $form = "<form action='base_useradmin.php?action=updateuser' Method='POST'>";
     $form = $form . "<input type='hidden' name='usr_id' value='" . $userinfo[0] . "'";
     $form = $form . "<table border=1 class='query'>";
     $form = $form . "<tr><td width='25%' align='right'>" . _FRMUID . "</td>";
     $form = $form . "<td align='left'>" . $userinfo[0] . "</td></tr>";
     $form = $form . "<tr><td width='25%' align='right'>" . _FRMLOGIN . "</td>";
     $form = $form . "<td align='left'>" . $userinfo[1] . "</td></tr>";
     $form = $form . "<tr><td width='25%' align='right'>" . _FRMFULLNAME . "</td>";
     $form = $form . "<td align='left'><input type='text' name='fullname' value='" . $userinfo[3] . "'></td></tr>";
     $form = $form . "<tr><td width='25%' align='right'>" . _FRMROLE . "</td>";
     $form = $form . "<td align='left'>" . $user->returnRoleNamesDropDown($userinfo[2]) . "</td></tr>";
     $form = $form . "<tr><td colspan='2' align='center'><input type='submit' name='submit' value='" . _UPDATEUSER . "'></td>";
     $form = $form . "</tr></table></form>";
     $pagebody = $form;
     break;
 case "updateuser":
     // Updates user from above form....
     /* This function accepts an array in the following format
     $userarray[0] = $userid
     $userarray[1] = $fullname
     $userarray[2] = $roleid
     */
     $user = new BaseUser();
     $userarray = array(filterSql($_POST['usr_id']), filterSql($_POST['fullname']), filterSql($_POST['roleID']));
     $user->updateUser($userarray);
     base_header("Location: base_useradmin.php?action=list");