users_view.php at Clinical Handover Database

<?php 
ini_set("display_errors","1");
ini_set("display_startup_errors","1");
set_magic_quotes_runtime(0);

include("include/dbcommon.php");
include("include/users_variables.php");


//	check if logged in
if(!@$_SESSION["UserID"] || !CheckSecurity(@$_SESSION["OwnerID"],"Search"))
{ 
	$_SESSION["MyURL"]=$_SERVER["SCRIPT_NAME"]."?".$_SERVER["QUERY_STRING"];
	header("Location: login.php?message=expired"); 
	return;
}

$filename="";	
$message="";

//connect database
$conn = db_connect();

$keys=array();
$keys["Primary"]=postvalue("editid1");

//	get current values and show edit controls

$strSQL=$gstrSQL;
$where = KeyWhere($keys);
$strSQL = AddWhere($strSQL,$where);


//	select only owned records
$strSQL = AddWhere($strSQL,SecuritySQL("Search"));

LogInfo($strSQL);
$rs=db_query($strSQL,$conn);
$data=db_fetch_array($rs);


include('libs/Smarty.class.php');
$smarty = new Smarty();

	$smarty->assign("show_key1", htmlspecialchars(GetData($data,"Primary", "")));

$keylink="";
$keylink.="&key1=".htmlspecialchars(urlencode($data["Primary"]));

////////////////////////////////////////////
//	Login - 
	$value="";
		$value = htmlspecialchars(GetData($data,"Login", ""));
	$smarty->assign("show_Login",$value);
////////////////////////////////////////////
//	Name - 
	$value="";
		$value = htmlspecialchars(GetData($data,"Name", ""));
	$smarty->assign("show_Name",$value);
////////////////////////////////////////////
//	Password - 
	$value="";
		$value = htmlspecialchars(GetData($data,"Password", ""));
	$smarty->assign("show_Password",$value);
////////////////////////////////////////////
//	User Type - 
	$value="";
		$value = htmlspecialchars(GetData($data,"User Type", ""));
	$smarty->assign("show_User_Type",$value);

$smarty->display("users_view.htm");

?>