conn,$cfg_theme,$cfg_currency_symbol,$lang);
if(!$sec->isLoggedIn())
{
header ("location: ../login.php");
exit();
}
//set default values, these will change if $action==update.
$first_name_value='';
$last_name_value='';
$username_value='';
$type_value='';
$password_value='';
$id=-1;
//decides if the form will be used to update or add a user.
if(isset($_GET['action']))
{
$action=$_GET['action'];
}
else
{
$action="insert";
}
//if action is update, sets variables to what the current users data is.
if($action=="update")
{
$display->displayTitle("$lang->updateUser");
if(isset($_GET['id']))
{
$id=$_GET['id'];
$tablename = "$cfg_tableprefix".'users';
$result = mysql_query("SELECT * FROM $tablename WHERE id=\"$id\"",$dbf->conn);
$row = mysql_fetch_assoc($result);
$first_name_value=$row['first_name'];
$last_name_value=$row['last_name'];
$username_value=$row['username'];
$password_value="*notchanged*";
$type_value=$row['type'];
}
}
else
{
$display->displayTitle("$lang->addUser");
}
//creates a form object
$f1=new form('process_form_users.php','POST','users','415',$cfg_theme,$lang);
//creates form parts.
$f1->createInputField("$lang->firstName:",'text','first_name',"$first_name_value",'24','180');
$f1->createInputField("$lang->lastName:",'text','last_name',"$last_name_value",'24','180');
$f1->createInputField("$lang->username:($lang->usedInLogin)",'text','username',"$username_value",'24','180');
$option_values=array("$type_value",'Admin','Sales Clerk', 'Report Viewer');
$option_titles=array("$type_value","$lang->admin","$lang->salesClerk", "$lang->reportViewer");
$f1->createSelectField("$lang->type: ",'type',$option_values,$option_titles,'180');
$f1->createInputField("$lang->password:",'password','password',"$password_value",'24','180');
$f1->createInputField("$lang->confirmPassword:",'password','cpassword',"$password_value",'24','180');
//sends 2 hidden varibles needed for process_form_users.php.
echo "
";
$f1->endForm();
$dbf->closeDBlink();
?>