function lookup()
{
if (isset($_POST['lookup_field']) && $_POST['lookup_value'] != '') {
global $conn, $config, $lang;
require_once $config['basepath'] . '/include/user.inc.php';
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
$display = '';
$lookup_value = $misc->make_db_safe($_POST['lookup_value']);
$sql = 'SELECT userdb_id FROM ' . $config['table_prefix'] . 'userdb WHERE ' . $_POST['lookup_field'] . ' = ' . $lookup_value;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$id = $recordSet->fields[0];
if ($id != '') {
$security = login::loginCheck('Admin', true);
if ($security === true) {
$display .= user_managment::edit_user($id);
} else {
$user_type = user::get_user_type($id);
if ($user_type === admin) {
$display .= $lang['user_manager_permission_denied'];
} else {
$display .= user_managment::edit_user($id);
}
}
} else {
$display .= '<div align="center" class="redtext">' . $lang['user_manager_user_not_found'] . '</div>';
$display .= user_managment::show_users();
}
return $display;
}
}
