'; $form = new form(); $token = NoCSRF::generate('csrf_token'); $values = array(':hidden' => 'csrf_token:' . $token, 'remover:text' => 'userm:ID to remove'); $action = "auth.php?page=ActionRmUser"; $la .= $form->StartForm($action); $la .= $form->SimpleForm($values); $la .= $form->ExitForm("Remove"); $page->titulo = "Remove user"; $page->conteudo = $janela . $la . "</div></div>"; print $page->display_page(); break; case "ActionRmUser": test_csrf(); $userm = htmlentities($_POST['userm']); $res = $crud->dbDelete('userronin', 'id', $userm); $page->conteudo = '<br><br> <p class="message message-success message-closable">User removed!</p><br<br>'; $page->titulo = "User removed"; print $page->display_page(); break; case "EditUser": $janela .= '<div class="portlet portlet-closable x4"> <div class="portlet-header"> <h4>Edit user</h4> </div> <!-- .portlet-header --> <div class="portlet-content"> '; $form = new form(); $token = NoCSRF::generate('csrf_token'); $values = array(':hidden' => 'csrf_token:' . $token, 'editar:text' => 'useredit:ID a editar');