conn,$cfg_theme,$cfg_currency_symbol,$lang); if(!$sec->isLoggedIn()) { header ("location: ../login.php"); exit(); } //set default values, these will change if $action==update. $first_name_value=''; $last_name_value=''; $username_value=''; $type_value=''; $password_value=''; $id=-1; //decides if the form will be used to update or add a user. if(isset($_GET['action'])) { $action=$_GET['action']; } else { $action="insert"; } //if action is update, sets variables to what the current users data is. if($action=="update") { $display->displayTitle("$lang->updateUser"); if(isset($_GET['id'])) { $id=$_GET['id']; $tablename = "$cfg_tableprefix".'users'; $result = mysql_query("SELECT * FROM $tablename WHERE id=\"$id\"",$dbf->conn); $row = mysql_fetch_assoc($result); $first_name_value=$row['first_name']; $last_name_value=$row['last_name']; $username_value=$row['username']; $password_value="*notchanged*"; $type_value=$row['type']; } } else { $display->displayTitle("$lang->addUser"); } //creates a form object $f1=new form('process_form_users.php','POST','users','415',$cfg_theme,$lang); //creates form parts. $f1->createInputField("$lang->firstName:",'text','first_name',"$first_name_value",'24','180'); $f1->createInputField("$lang->lastName:",'text','last_name',"$last_name_value",'24','180'); $f1->createInputField("$lang->username:($lang->usedInLogin)",'text','username',"$username_value",'24','180'); $option_values=array("$type_value",'Admin','Sales Clerk', 'Report Viewer'); $option_titles=array("$type_value","$lang->admin","$lang->salesClerk", "$lang->reportViewer"); $f1->createSelectField("$lang->type: ",'type',$option_values,$option_titles,'180'); $f1->createInputField("$lang->password:",'password','password',"$password_value",'24','180'); $f1->createInputField("$lang->confirmPassword:",'password','cpassword',"$password_value",'24','180'); //sends 2 hidden varibles needed for process_form_users.php. echo " "; $f1->endForm(); $dbf->closeDBlink(); ?>