break;
case 'pm':
display_pm();
break;
case 'register':
display_registration();
break;
case 'season_details':
display_season_details();
break;
case 'team':
display_team();
break;
case 'upload_match_media':
display_upload_match_media();
break;
case 'user':
display_user_profile();
break;
}
} else {
display_errors(250);
}
// permission denied
}
//assigning page parts that are always visible
$smarty->assign('head', $smarty->fetch("head.tpl"));
$smarty->assign('left_navi', $smarty->fetch("left_navi.tpl"));
$smarty->assign('right_navi', $smarty->fetch("right_navi.tpl"));
$smarty->assign('footer', $smarty->fetch("footer.tpl"));
$smarty->display('index.tpl');
}
if ($user->isAdmin()) {
$facility_id = $database->queryFirstValue("SELECT `facility_id` FROM `users` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1");
if (!$facility_id) {
display_error("Error: Invalid user ID", "Please check your ID and try again.");
break;
} elseif (intval($facility_id) != $user->facility['id']) {
display_error("Error: Insufficient privileges", "You may only view your own facility's users.");
break;
}
}
echo "<h1>Modify a user</h1>\r\n";
display_user_edit_form($user, intval($_REQUEST['id']));
break;
case 'show':
$userName = $database->queryFirstValue("SELECT `name` FROM `users` WHERE `id` = " . intval($_REQUEST['id']) . " LIMIT 1");
if (!$userName) {
echo "This user was not found. Please select another user and try again.";
} else {
echo "<h1>" . escape_output($userName) . "</h1>\r\n";
display_user_profile($user, intval($_REQUEST['id']));
}
break;
default:
case 'index':
echo "<h1>Users</h1>\r\n";
display_users($user);
echo "<a href='user.php?action=new'>Add a new user</a><br />\r\n";
break;
}
display_footer();
