$userEdit->saveToDB(); $_SESSION['message'] = "You have updated the user's details."; } else { $_SESSION['error'] = "An error has occurred, please try again."; } } } else { $_SESSION['error'] = "An error has occurred, please try again."; } break; case 'sitereg': if (isset($_POST['centreID']) && is_numeric($_POST['centreID'])) { $centreEdit = new Centre($_POST['centreID']); if ($user->getPrivilege() >= 10) { $_SESSION['error'] = "You do not have the privilege to edit centres."; } elseif ($centreEdit->getCountry() != $user->getCountry() && !$user->isCentralAdmin()) { $_SESSION['error'] = "You cannot edit centres from other countries."; } elseif ($_POST['deleteCentre'] === '1' && $user->isCentralAdmin()) { $centreEdit->deleteCentre(); $sql = "DELETE FROM centreUnits WHERE centre_id = ?"; $pA = array('i', $centreID); DB::query($sql, $pA); $_SESSION['message'] = "You have deleted the centre."; } elseif ($user->isCentralAdmin() && $_POST['toggleLock'] === '1') { $centreEdit->toggleLock(); if ($centreEdit->isLocked()) { $_SESSION['message'] = "The centre is now locked for data entry."; } else { $_SESSION['message'] = "The centre is now open for data entry."; } } else {
<?php $showSearch = true; if (isset($_POST['centreSelect']) && is_numeric($_POST['centreSelect'])) { $centreEdit = new Centre($_POST['centreSelect']); if ($centreEdit->get('name') && ($centreEdit->getCountry() == $user->getCountry() || $user->isCentralAdmin())) { $showSearch = false; echo "<h4>Edit the centre below</h4>"; $form = new HTMLForm('process.php', 'post'); $fields = $trial->getFormFields($page); $form->processFields($fields, $centreEdit); if ($user->isCentralAdmin()) { $sql = "SELECT units.number, units.name FROM units WHERE number IN ( SELECT number FROM formFields\n LEFT JOIN units ON units.number=formFields.fieldname\n GROUP BY units.number )\n GROUP BY units.number\n HAVING count(units.number)>1"; $numbers = DB::cleanQuery($sql); if ($numbers->getRows()) { $defUnits = $centreEdit->getUnits(); foreach ($numbers->rows as $row) { $input = $form->addInput('select', "units[{$row->number}]"); $input->addLabel("Units for {$row->name}"); $sql = "SELECT id, unit FROM units\n WHERE number = ?\n ORDER BY unitorder"; $pA = array('s', $row->number); $units = DB::cleanQuery($sql, $pA); $options = array(); foreach ($units->rows as $unitRow) { $options[$unitRow->id] = $unitRow->unit; } $input->addOption($options, true); if (isset($defUnits[$row->number])) { $input->addValue($defUnits[$row->number]['units_id']); } $input->setMand();