<?php
$showSearch = true;
if (isset($_POST['userSelect']) && is_numeric($_POST['userSelect'])) {
$userEdit = new eCRFUser($_POST['userSelect']);
if ($userEdit->get('email') && $userEdit->getPrivilege() >= $user->getPrivilege()) {
$showSearch = false;
echo "<h4>Edit the user's details below</h4>";
$form = new HTMLForm('process.php', 'post');
$fields = $trial->getFormFields($page);
$form->processFields($fields, $userEdit);
if (isset($_SESSION['inputErr'])) {
// If any errors then add them to the form
$form->addErrors($_SESSION['inputErr']);
unset($_SESSION['inputErr']);
}
$centre = new Data($userEdit->getCentre(), 'Centre');
$form->addInputValue('usereg-country', $centre->get('country_id'));
$form->addInput('hidden', 'userID', $userEdit->getID());
$form->addInput('hidden', 'page', $page);
$form->addInput('hidden', 'deleteUser', 'false');
$form->addButton('Delete', array('btn-danger', 'hidden'));
$form->addCancelButton('index.php?page=usereg');
$_SESSION['csrfToken'] = $token = base64_encode(openssl_random_pseudo_bytes(32));
$form->addInput('hidden', 'csrfToken', $token);
echo $form->writeHTML();
}
}
if ($showSearch) {
$sql = "SELECT *, user.id as userID, centre.name as centreName, country.name as countryName, privilege.name as privilegeName, privilege_id FROM user\n LEFT JOIN centre ON centre_id = centre.id\n LEFT JOIN country ON country_id = country.id\n LEFT JOIN privilege ON privilege_id = privilege.id";
if ($user->isLocal()) {
