Location: PHPKode > projects > The DVD Database Project > input_user.php
<?PHP 
require("common.php");
include("function.php");
session_start();
$string = ("SELECT * FROM user WHERE name='".$name."'");
$result = runquery($string);
$found = mysql_fetch_row($result);

if(validsession($time)){ 
	if($found[2]=="A"){
		?>
		<HTML>
		<HEAD>
		<TITLE>DVD</TITLE>
		</HEAD>
		<link rel=stylesheet type="text/css" href="style.css">
		<BODY>
		<DIV ALIGN="right">
		<H1><?PHP echo $adjective_of_your_choice; ?> DvD</H1>
		<br>
		<br>	
		</DIV>
		<br>
		<H2>User Administration</H2>
		<br><br>
		<?PHP
		if($delete){
			$string="DELETE FROM user WHERE name='".$id."'";
			$result=runquery($string);
			if (!$result)
				die(mysql_error());
			echo ("User Deleted");
			
			logfile("$name deleted user \"$id\""); // log "remove user"			
		}

		if($save){
			$string1="UPDATE user SET location='".$nlocation."' WHERE name='".$id."'";
			$result=runquery($string1);
			$string2="UPDATE user SET email='".$nemail."' WHERE name='".$id."'";
			$result=runquery($string2);
			if($nadmin){
				$string3="UPDATE user SET type='A' WHERE name='".$id."'"; 
				$result=runquery($string3);
				
				logfile("$name updated admin user \"$id\""); // log "update admin user"
			}
			else
				logfile("$name updated user \"$id\""); // log "update user"
				
			echo ("User Updated");			
		}

		if($new_entry){
			$pwd=md5($npwd);
			if($ntype)
			{
				$type="A";
				logfile("$name added admin user \"$nname\""); // log "add admin user"
			}
			else
				logfile("$name added user \"$nname\""); // log "add user"			
			
			$string="INSERT INTO user (name,pwd,type,location,email) VALUES ('".$nname."','".$pwd."','".$type."','".$nlocation."','".$nemail."')";
			$result=runquery($string);
			echo ("User Added");
		}

	}else{
	$head = sprintf("Location: %s/unauthorized.html", $path);
	header($head);}
}else{
$head = sprintf("Location: %s/invalidsession.html", $path);
header($head);
}
?>
Return current item: The DVD Database Project