database, $query) == FALSE && strstr(pg_errormessage($this->database), "already exists") == false) { echo "You can not create a new user: " . pg_errormessage($this->database) . ".
"; } else { pg_exec($this->database, "INSERT INTO usr (username, security_level) VALUES ('" . $_POST['username'] . "','" . $_POST['seclevel'] . "')"); } } if (isset($_POST['action']) && $_POST['action'] == 'Remove' && !empty($_POST['username'])) { pg_exec($this->database, "DELETE FROM usr WHERE username='" . $_POST['username'] . "'"); pg_exec($this->database, "DROP USER " . $_POST['username']); } if (isset($_POST['action']) && $_POST['action'] == 'Change Password') { pg_exec($this->database, "ALTER USER " . $_SESSION['username'] . " PASSWORD '" . $_POST['passwd'] . "'"); } if (isset($_GET['username'])) { echo "
"; if (isset($_POST['action']) && $_POST['action'] == 'Save Changes') { $qry = "UPDATE usr SET display_name='" . $_POST['dspname'] . "'"; $qry .= ", email='" . $_POST['email'] . "'"; $qry .= ", security_level='" . $_POST['seclevel'] . "'"; $qry .= " WHERE username='" . $_GET['username'] . "'"; pg_exec($this->database, $qry); } $res = pg_exec($this->database, "SELECT * from usr WHERE username='" . $_GET['username'] . "'"); $usr = pg_fetch_object($res, 0); echo "
"; echo "
"; echo "
Display name
"; echo "
Email address
"; echo "
Security level
"; for ($seclevel = 1; $seclevel < 6; $seclevel++) { echo "
security_level) { echo " SELECTED"; } echo ">$seclevel
\n"; } echo "
"; echo "
"; echo "
"; echo "
"; } else { echo "
"; $res = pg_exec($this->database, "SELECT username, display_name, email, security_level FROM usr ORDER BY username"); echo "
"; $usr = 0; while ($usr < pg_numrows($res)) { $u = pg_fetch_object($res, $usr); ?>
username ?>
display_name ?>
email ?>
Sec. Level security_level ?>
username) { ?>
"; ?>
Create new user:
User name:
Group:
View
Operator
Admin
Security level:
1
2
3
4
5
Password:
Verify password:
Change your password:
New Password:
Verify password:
Showpage(); ?>
