+ if (isset($_GET['username']))
+ {
+ echo "<h1>Detailed information for user " . $_GET['username'] . "</h1><br>\n";
+
+ if (isset($_POST['action']) && $_POST['action'] == 'Save Changes')
+ {
+ $qry = "UPDATE usr SET display_name='" . $_POST['dspname'] . "'";
+ $qry .= ", email='" . $_POST['email'] . "'";
+ $qry .= ", security_level='" . $_POST['seclevel'] . "'";
+ $qry .= " WHERE username='" . $_GET['username'] . "'";
+
+ pg_exec($this->database, $qry);
+ }
+ $res = pg_exec($this->database, "SELECT * from usr
+ WHERE username='" . $_GET['username'] . "'");
+ $usr = pg_fetch_object($res, 0);
+
+ echo "<form action='users.php?username=" . $usr->username . "' method='POST'>";
+ echo "<table>";
+
+ echo "<tr><td>Display name</td><td><input name='dspname' type='text' value='";
+ echo $usr->display_name . "'></td></tr>";
+ echo "<tr><td>Email address</td><td><input name='email' type='text' value='";
+ echo $usr->email . "'></td></tr>";
+
+ echo "<tr><td>Security level</td><td><select name='seclevel'>";
+ for ($seclevel = 1; $seclevel < 6; $seclevel++)
+ {
+ echo "<option value='$seclevel'";
+ if ($seclevel == $usr->security_level)
+ {
+ echo " selected='true'";
+ }
+ echo ">$seclevel</option>\n";
+ }
+ echo "</select></td></tr>";
+ echo "</table>";
+ echo "<input type='submit' name='action' value='Save Changes'>";
+ echo "</form>";
+ }
+ else
+ {
+ echo "<h1>User Administration</h1><hr>";
+ $res = pg_exec($this->database, "SELECT username, display_name, email, security_level
+ FROM usr ORDER BY username");