Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/icure/staff/
Current File : /var/www/html/mmishra/icure/staff/webusers.inc
<h3 align='left'>Registered Users</h3>
<center>
<?php

$tbl = 'webusers';
$userid = $_POST["userid"];

if ($_POST["submit"] == 'SAVE' && $userid) {
	
	$username = $_POST["username"];
	$pwd = $_POST["pwd"];
	$roll = $_POST["role"]; //'roll' to keep different variable than 'role' session variable
	$email = $_POST["email"];
	$status = $_POST["status"];
	
	if (mysql_num_rows(mysql_query("select * from $tbl where userID='$userid'"))) {
		mysql_query("update $tbl set userName='$username',pwd='$pwd',role='$roll',
		email='$email',status='$status',loginID='$user' 
		where userID='$userid'");
	} else {
		mysql_query("insert into $tbl(userID,userName,pwd,role,email,loginID) 
		values('$userid','$username','$pwd','$roll','$email','$user')");
	}

} else if ($_POST["submit"] == 'DELETE') {
	mysql_query("delete from $tbl where userID='$userid'");

}

$sql = "select userID as user,userName as name,role,email,dateCreation as dated,dateUpdation as updated,status from $tbl";
if ($role != 'admin') {
	$sql .= " where userID='$user'";
}
$sql .= " order by role";
$rs = mysql_query($sql);
if (mysql_num_rows($rs)) {
        $colHeads = mysql_num_fields($rs);

        echo "<table border='1' width='60%'>\n<tr><th>Sr</th>";

        for ($i=0; $i < $colHeads; $i++) { // Header
                $fld = ucwords(str_replace("_"," ",mysql_field_name($rs, $i)));
                echo "<th>$fld</th>";
        }

        echo "</tr>\n";

        while ($row = mysql_fetch_row($rs)) { //data
		$j++;
                echo "<tr><td>$j</td><td>".implode($row,"</td><td>")."</td></tr>\n";
        }

        echo "</table>\n";
} else {
        echo "<h3>None</h3>";
}


if ($userid) {
	$rs = mysql_query("select * from $tbl where userid='$user'");
} else if ($_POST["submit"] == 'FIND') {
	$rs = mysql_query("select * from $tbl where userid='$userid'");
}

while ($o = mysql_fetch_object($rs)) {
	$username = $o->userName;
	$roll = $o->role;
	$email = $o->email;
	$status = $o->status;
}

if ($username) {
	echo "<table>
	<tr><th colspan='2'>Add/Edit</th></tr>
	<tr><td>User ID</td>
	<td><input type='text' name='userid' value='<?php echo $userid; ?>' size='35'></td>
	<td><input type='submit' name='submit' value='FIND'></td></tr>
	
	<tr><td>User Name</td>
	<td><input type='text' name='username' value='$username' size='35'></td></tr>
	<tr><td>Role</td>
	<td><select name='role'>";

	foreach ($roles as $rl) {
		echo "<option value='$rl'";
		if ($roll == $rl) echo ' selected';
		echo ">$rl</option>";
	}

	echo "</select></td></tr>
	<tr><td>Email</td>
	<td><input type='text' name='email' value='$email' size='35'></td></tr>
	<tr><td>Status</td>
	<td><select name='status'>";

	foreach ($statuss as $st) {
	        echo "<option value='$st'";
	        if ($status == $st) echo ' selected';
	        echo ">$st</option>";
	}

	echo "</select></td></tr>
	<tr><th colspan='2'><input type='submit' name='submit' value='SAVE'>
	<input type='submit' name='submit' value='DELETE'></th></tr>
	</table>";
} 
?>
</center>