NathanGibbs3 / BASE / 627

pending completion

Build # 627

Build Type

push

travis-ci-com

Committed by

NathanGibbs3

Commit Message

Merge branch 'documentation' into devel

Run Details

1766 of 6437 relevant lines covered (27.44%)

105.91 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

/admin/base_useradmin.php

<?php
// Basic Analysis and Security Engine (BASE)
// Copyright (C) 2019-2023 Nathan Gibbs
// Copyright (C) 2004 BASE Project Team
// Copyright (C) 2000 Carnegie Mellon University
//
//   For license info: See the file 'base_main.php'
//
//       Project Lead: Nathan Gibbs
// Built upon work by: Kevin Johnson & the BASE Project Team
//                     Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
//
//            Purpose: User management functions (create, disable etc....)
//
//          Author(s): Nathan Gibbs
//                     Kevin Johnson

$sc = DIRECTORY_SEPARATOR;
require_once("..$sc" . "includes$sc" . 'base_krnl.php');
include("$BASE_path/includes/base_include.inc.php");
include_once("$BASE_path/base_db_common.php");
include_once("$BASE_path/base_stat_common.php");

if ( isset($_GET['action']) ){
        $Action = filterSql($_GET['action']);
}else{
        $Action = 'Invalid';
}
if ( preg_match("/(create|add)/", $Action) || $Use_Auth_System == 1 ){
        AuthorizedRole(1,'base_main');
        $cs = new CriteriaState("admin/base_useradmin.php");
        $cs->ReadState();
        $page_title = _USERADMIN;
        // Html Templates
        $Umca = "base_useradmin.php?action="; // User Managemnt Common Action.
        $Fst = "<form action='$Umca"; // Form tag start.
        $Fct = " Method='POST'>"; // Form tag end.
        $Hrst = "<a href='$Umca"; // Href tag start.
        $Trc = NLI('</tr><tr>',5); // Table row continue.
        // I would like to clean this up later into a display class or set of
        // functions -- Kevin
        if ( preg_match("/((delet|(dis|en)abl)e|edit)user/", $Action) ){
                $userid = filterSql($_GET['userid']);
        }
        if ( preg_match("/(create|list|(edit|update)user)/", $Action) ){
                if ( preg_match("/(create|list|edituser)/", $Action) ){
                        if ( class_exists('UILang') ){ // Issue 11 backport shim.
                                $LoginDesc = $UIL->ADA['DescUN'];
                        }else{
                                $LoginDesc = _LOGIN;
                        }
                        if ( preg_match("/(create|edituser)/", $Action) ){
                                if ( class_exists('UILang') ){ // Issue 11 backport shim.
                                        $RoleDesc = $UIL->CWA['Role'];
                                }else{
                                        $RoleDesc = _FRMROLE;
                                }
                        }
                }
                $user = new BaseUser();
        }else{ // 2 vars for this?! No idea why. Will keep for now. -- Nathan
                $BUser = new BaseUser();
        }
        switch ($Action) {
                case "create"; // Display the new user form.
                        if ( class_exists('UILang') ){ // Issue 11 backport shim.
                                $PWDesc = $UIL->ADA['DescPW'];
                        }else{
                                $PWDesc = _FRMPWD;
                        }
                        $defaultrole = 10;
                        $tdc = "<td width='25%' align='right'>";
                        $tdal = "<td align='left'>";
                        $ipt = "<input type='";
                        $form = NLI($Fst."add'".$Fct,3);
                        $form .= NLI("<table border='1' class='query'>",4);
                        $form .= NLI('<tr>',5);
                        $form .= NLI("$tdc$LoginDesc:</td>",6);
                        $form .= NLI($tdal,6);
                        $form .= NLI($ipt."text' name='user'/>",7);
                        $form .= NLI('</td>'.$Trc,6);
                        $form .= NLI($tdc._FRMFULLNAME.'</td>',6);
                        $form .= NLI($tdal,6);
                        $form .= NLI($ipt."text' name='fullname'/>",7);
                        $form .= NLI('</td>'.$Trc,6);
                        $form .= NLI("$tdc$PWDesc:</td>",6);
                        $form .= NLI($tdal,6);
                        $form .= NLI($ipt."password' name='password'/>",7);
                        $form .= NLI('</td>'.$Trc,6);
                        $form .= NLI("$tdc$RoleDesc:</td>",6);
                        $form .= NLI($tdal,6);
                        $form .= $user->returnRoleNamesDropDown($defaultrole);
                        $form .= NLI('</td>'.$Trc,6);
                        $form .= NLI("<td colspan='2' align='center'>",6);
                        $form .= NLI(
                                $ipt."submit' name='submit' value='"._SUBMITQUERY."'/>",
                                7
                        );
                        $form .= NLI('</td>',6);
                        $form .= NLI('</tr>',5);
                        $form .= NLI('</table>',4);
                        $form .= NLI('</form>',3);
                        $pagebody = $form;
                        break;
                case "add"; // Actually add user to DB.
                        $username = filterSql($_POST['user']);
                        $role = filterSql($_POST['roleID']);
                        $password = filterSql($_POST['password']);
                        $name = filterSql($_POST['fullname']);
                        $added = $BUser->addUser($username, $role, $password, $name);
                        $pagebody = $added;
                        break;
                case "edituser"; // Edit user account form.
                        // Function returns an array in the folowing format.
                        // $userinfo[0] = $uid // id
                        // $userinfo[1] = $usn // Name
                        // $userinfo[2] = $rid // Role id
                        // $userinfo[3] = $ufn // Full Name
                        // $userinfo[4] = $uso // Operative
                        $userinfo = $user->returnEditUser($userid); // Anti XSS by default.
                        $uid = $userinfo[0];
                        $usn = $userinfo[1];
                        $rid = $userinfo[2];
                        $ufn = $userinfo[3];
                        $tdc = "<td width='25%' align='right'>";
                        $tdal = "<td align='left'>";
                        $ipt = "<input type='";
                        $form = NLI($Fst."updateuser'".$Fct,3);
                        $form .= NLI($ipt."hidden' name='usr_id' value='$uid'/>", 4);
                        $form .= NLI("<table border='1' class='query'>",4);
                        $form .= NLI('<tr>',5);
                        $form .= NLI($tdc._FRMUID.'</td>',6);
                        $form .= NLI("$tdal$uid</td>$Trc",6);
                        $form .= NLI("$tdc$LoginDesc:</td>",6);
                        $form .= NLI("$tdal$usn</td>$Trc",6);
                        $form .= NLI($tdc._FRMFULLNAME.'</td>',6);
                        $form .= NLI($tdal,6);
                        $form .= NLI($ipt."text' name='fullname' value='$ufn'/>", 7);
                        $form .= NLI('</td>'.$Trc,6);
                        $form .= NLI("$tdc$RoleDesc:</td>",6);
                        $form .= NLI($tdal,6);
                        $form .= $user->returnRoleNamesDropDown($rid);
                        $form .= NLI('</td>'.$Trc,6);
                        $form .= NLI("<td colspan='2' align='center'>",6);
                        $form .= NLI(
                                $ipt."submit' name='submit' value='"._UPDATEUSER."'/>",
                                7
                        );
                        $form .= NLI('</td>',6);
                        $form .= NLI('</tr>',5);
                        $form .= NLI('</table>',4);
                        $form .= NLI('</form>',3);
                        $pagebody = $form;
                        break;
                case 'updateuser'; // Updates user account from above form....
                        // Setup array in this format for the updateUser function
                        // $userarray[0] = $userid
                        // $userarray[1] = $fullname
                        // $userarray[2] = $roleid
                        $userarray = array(
                                filterSql($_POST['usr_id']),
                                filterSql($_POST['fullname']),
                                filterSql($_POST['roleID']),
                        );
                        $user->updateUser($userarray);
                        HTTP_header("Location: $Umca" . 'list');
                        break;
                case 'disableuser'; // Disable user account.
                        $BUser->disableUser($userid);
                        HTTP_header("Location: $Umca" . 'list');
                        break;
                case 'enableuser'; // Enable user account.
                        $BUser->enableUser($userid);
                        HTTP_header("Location: $Umca" . 'list');
                        break;
                case 'deleteuser'; // Delete user account.
                        $BUser->deleteUser($userid);
                        HTTP_header("Location: $Umca" . 'list');
                        break;
                case 'list'; // Generate HTML User Table.
                        if ( class_exists('UILang') ){ // Issue 11 backport shim.
                                $ridesc = $UIL->ADA['DescRI'];
                                $asdesc = $UIL->ADA['DescAS'];
                                $AcEdit = $UIL->UAA['Edit'];
                                $AcDelete = $UIL->UAA['Delete'];
                                $uidesc = $UIL->CWA['Id'];
                                $ufndesc = $UIL->CWA['Name'];
                        }else{
                                $ridesc = _ROLEID;
                                $asdesc = _ENABLED;
                                $AcEdit = _EDIT;
                                $AcDelete = _DELETE;
                                $uidesc = _ID;
                                $ufndesc = _NAME;
                        }
                        $users = $user->returnUsers();
                        $thc = "<td class='plfieldhdr'";
                        $thcw5 = "$thc width='5%'>";
                        $tdac = "<td align='center'>";
                        // Users Table Display
                        $tmpHTML = FramedBoxHeader('', 'black', 0, 2);
                        $tmpHTML .= NLI("$thcw5$AcEdit</td>", 4);
                        $tmpHTML .= NLI("$thcw5$AcDelete</td>", 4);
                        $tmpHTML .= NLI("$thcw5$uidesc</td>", 4);
                        $tmpHTML .= NLI("$thc>$LoginDesc</td>", 4);
                        $tmpHTML .= NLI("$thc>$ridesc</td>", 4);
                        $tmpHTML .= NLI("$thc>$ufndesc</td>", 4);
                        $tmpHTML .= NLI("$thc>$asdesc</td>", 4);
                        $tmpHTML .= NLI('</tr>',3);
                        if ( $users <> '' ){ // Verify we have a user in the db --Kevin;
                                $tduma = $tdac . NLI($Hrst, 5);
                                foreach ( $users as $row ){ // Iterate users & build table.
                                        $tmpRow = explode("|", $row);
                                        // Setup User ID URL param.
                                        $uuid = "user&amp;userid=" . urlencode($tmpRow[0]);
                                        // Set up enable/disable action URL
                                        if ( $tmpRow[4] == 1 ){
                                                $Uef = true;
                                                $enabled = $tduma . "disable$uuid'>";
                                                $Icon = 'yes';
                                                $IDesc = 'button_disable';
                                        }else{
                                                $Uef = false;
                                                $enabled = $tduma . "enable$uuid'>";
                                                $Icon = 'no';
                                                $IDesc = 'button_enable';
                                        }
                                        $enabled .= Icon($Icon, $IDesc, 6);
                                        $enabled .= NLI('</a>',5) . NLI('</td>',4);
                                        // Anti XSS Output Data
                                        $tmpRow = XSSPrintSafe($tmpRow);
                                        $uid = $tmpRow[0];
                                        $usn = $tmpRow[1];
                                        $rolename = XSSPrintSafe($user->roleName($tmpRow[2]));
                                        $ufn = $tmpRow[3];
                                        $tmp = '';
                                        if( !$Uef ){
                                                $tmp = " bgcolor='#DDDDDD'"; // Light Gray;
                                        }
                                        $tmpHTML .= NLI("<tr$tmp>", 3);
                                        $tmpHTML .= NLI($tduma."edit$uuid'>",4);
                                        $tmpHTML .= Icon('edit', "button_$AcEdit", 6);
                                        $tmpHTML .= NLI('</a>',5).NLI('</td>',4);
                                        $tmpHTML .= NLI($tduma."delete$uuid'>",4);
                                        $tmpHTML .= Icon('delete', "button_$AcDelete", 6);
                                        $tmpHTML .= NLI('</a>',5).NLI('</td>',4);
                                        $tmpHTML .= NLI("$tdac$uid</td>",4);
                                        if ( $tmpRow[2] == 1 ){ // Display Admin Users in red.
                                                $usn = returnErrorMessage("<b>$usn</b>");
                                        }
                                        $tmpHTML .= NLI("$tdac$usn</td>",4);
                                        $tmpHTML .= NLI("$tdac$rolename</td>",4);
                                        $tmpHTML .= NLI("$tdac$ufn</td>",4);
                                        $tmpHTML .= NLI($enabled,4);
                                        $tmpHTML .= NLI('</tr>',3);
                                }
                        }
                        $tmpHTML .= NLI('</table>',2);
                        $pagebody = $tmpHTML;
                        break;
                default:
                        $pagebody = returnErrorMessage('Invalid Action!');
        }
        // Generate Page.
        PrintBASESubHeader(
                $page_title, $page_title, $cs->GetBackLink(), $refresh_all_pages
        );
        PrintBASEAdminMenuHeader();
        print $pagebody;
        PrintBASEAdminMenuFooter();
        PrintBASESubFooter();
}else{
        HTTP_header("Location: $BASE_urlpath/base_main.php");
}
?>

1	<?php
2	// Basic Analysis and Security Engine (BASE)
3	// Copyright (C) 2019-2023 Nathan Gibbs
4	// Copyright (C) 2004 BASE Project Team
5	// Copyright (C) 2000 Carnegie Mellon University
6	//
7	// For license info: See the file 'base_main.php'
8	//
9	// Project Lead: Nathan Gibbs
10	// Built upon work by: Kevin Johnson & the BASE Project Team
11	// Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
12	//
13	// Purpose: User management functions (create, disable etc....)
14	//
15	// Author(s): Nathan Gibbs
16	// Kevin Johnson
17
18	$sc = DIRECTORY_SEPARATOR;	×
19	require_once("..$sc" . "includes$sc" . 'base_krnl.php');	×
20	include("$BASE_path/includes/base_include.inc.php");	×
21	include_once("$BASE_path/base_db_common.php");	×
22	include_once("$BASE_path/base_stat_common.php");	×
23
24	if ( isset($_GET['action']) ){	×
25	$Action = filterSql($_GET['action']);	×
26	}else{	×
27	$Action = 'Invalid';	×
28	}
29	if ( preg_match("/(create\|add)/", $Action) \|\| $Use_Auth_System == 1 ){	×
30	AuthorizedRole(1,'base_main');	×
31	$cs = new CriteriaState("admin/base_useradmin.php");	×
32	$cs->ReadState();	×
33	$page_title = _USERADMIN;	×
34	// Html Templates
35	$Umca = "base_useradmin.php?action="; // User Managemnt Common Action.	×
36	$Fst = "<form action='$Umca"; // Form tag start.	×
37	$Fct = " Method='POST'>"; // Form tag end.	×
38	$Hrst = "<a href='$Umca"; // Href tag start.	×
39	$Trc = NLI('</tr><tr>',5); // Table row continue.	×
40	// I would like to clean this up later into a display class or set of
41	// functions -- Kevin
42	if ( preg_match("/((delet\|(dis\|en)abl)e\|edit)user/", $Action) ){	×
43	$userid = filterSql($_GET['userid']);	×
44	}
45	if ( preg_match("/(create\|list\|(edit\|update)user)/", $Action) ){	×
46	if ( preg_match("/(create\|list\|edituser)/", $Action) ){	×
47	if ( class_exists('UILang') ){ // Issue 11 backport shim.	×
48	$LoginDesc = $UIL->ADA['DescUN'];	×
49	}else{	×
50	$LoginDesc = _LOGIN;	×
51	}
52	if ( preg_match("/(create\|edituser)/", $Action) ){	×
53	if ( class_exists('UILang') ){ // Issue 11 backport shim.	×
54	$RoleDesc = $UIL->CWA['Role'];	×
55	}else{	×
56	$RoleDesc = _FRMROLE;	×
57	}
58	}
59	}
60	$user = new BaseUser();	×
61	}else{ // 2 vars for this?! No idea why. Will keep for now. -- Nathan	×
62	$BUser = new BaseUser();	×
63	}
64	switch ($Action) {	×
65	case "create"; // Display the new user form.	×
66	if ( class_exists('UILang') ){ // Issue 11 backport shim.	×
67	$PWDesc = $UIL->ADA['DescPW'];	×
68	}else{	×
69	$PWDesc = _FRMPWD;	×
70	}
71	$defaultrole = 10;	×
72	$tdc = "<td width='25%' align='right'>";	×
73	$tdal = "<td align='left'>";	×
74	$ipt = "<input type='";	×
75	$form = NLI($Fst."add'".$Fct,3);	×
76	$form .= NLI("<table border='1' class='query'>",4);	×
77	$form .= NLI('<tr>',5);	×
78	$form .= NLI("$tdc$LoginDesc:</td>",6);	×
79	$form .= NLI($tdal,6);	×
80	$form .= NLI($ipt."text' name='user'/>",7);	×
81	$form .= NLI('</td>'.$Trc,6);	×
82	$form .= NLI($tdc._FRMFULLNAME.'</td>',6);	×
83	$form .= NLI($tdal,6);	×
84	$form .= NLI($ipt."text' name='fullname'/>",7);	×
85	$form .= NLI('</td>'.$Trc,6);	×
86	$form .= NLI("$tdc$PWDesc:</td>",6);	×
87	$form .= NLI($tdal,6);	×
88	$form .= NLI($ipt."password' name='password'/>",7);	×
89	$form .= NLI('</td>'.$Trc,6);	×
90	$form .= NLI("$tdc$RoleDesc:</td>",6);	×
91	$form .= NLI($tdal,6);	×
92	$form .= $user->returnRoleNamesDropDown($defaultrole);	×
93	$form .= NLI('</td>'.$Trc,6);	×
94	$form .= NLI("<td colspan='2' align='center'>",6);	×
95	$form .= NLI(	×
96	$ipt."submit' name='submit' value='"._SUBMITQUERY."'/>",
97	7
98	);
99	$form .= NLI('</td>',6);	×
100	$form .= NLI('</tr>',5);	×
101	$form .= NLI('</table>',4);	×
102	$form .= NLI('</form>',3);	×
103	$pagebody = $form;	×
104	break;	×
105	case "add"; // Actually add user to DB.	×
106	$username = filterSql($_POST['user']);	×
107	$role = filterSql($_POST['roleID']);	×
108	$password = filterSql($_POST['password']);	×
109	$name = filterSql($_POST['fullname']);	×
110	$added = $BUser->addUser($username, $role, $password, $name);	×
111	$pagebody = $added;	×
112	break;	×
113	case "edituser"; // Edit user account form.	×
114	// Function returns an array in the folowing format.
115	// $userinfo[0] = $uid // id
116	// $userinfo[1] = $usn // Name
117	// $userinfo[2] = $rid // Role id
118	// $userinfo[3] = $ufn // Full Name
119	// $userinfo[4] = $uso // Operative
120	$userinfo = $user->returnEditUser($userid); // Anti XSS by default.	×
121	$uid = $userinfo[0];	×
122	$usn = $userinfo[1];	×
123	$rid = $userinfo[2];	×
124	$ufn = $userinfo[3];	×
125	$tdc = "<td width='25%' align='right'>";	×
126	$tdal = "<td align='left'>";	×
127	$ipt = "<input type='";	×
128	$form = NLI($Fst."updateuser'".$Fct,3);	×
129	$form .= NLI($ipt."hidden' name='usr_id' value='$uid'/>", 4);	×
130	$form .= NLI("<table border='1' class='query'>",4);	×
131	$form .= NLI('<tr>',5);	×
132	$form .= NLI($tdc._FRMUID.'</td>',6);	×
133	$form .= NLI("$tdal$uid</td>$Trc",6);	×
134	$form .= NLI("$tdc$LoginDesc:</td>",6);	×
135	$form .= NLI("$tdal$usn</td>$Trc",6);	×
136	$form .= NLI($tdc._FRMFULLNAME.'</td>',6);	×
137	$form .= NLI($tdal,6);	×
138	$form .= NLI($ipt."text' name='fullname' value='$ufn'/>", 7);	×
139	$form .= NLI('</td>'.$Trc,6);	×
140	$form .= NLI("$tdc$RoleDesc:</td>",6);	×
141	$form .= NLI($tdal,6);	×
142	$form .= $user->returnRoleNamesDropDown($rid);	×
143	$form .= NLI('</td>'.$Trc,6);	×
144	$form .= NLI("<td colspan='2' align='center'>",6);	×
145	$form .= NLI(	×
146	$ipt."submit' name='submit' value='"._UPDATEUSER."'/>",
147	7
148	);
149	$form .= NLI('</td>',6);	×
150	$form .= NLI('</tr>',5);	×
151	$form .= NLI('</table>',4);	×
152	$form .= NLI('</form>',3);	×
153	$pagebody = $form;	×
154	break;	×
155	case 'updateuser'; // Updates user account from above form....	×
156	// Setup array in this format for the updateUser function
157	// $userarray[0] = $userid
158	// $userarray[1] = $fullname
159	// $userarray[2] = $roleid
160	$userarray = array(	×
161	filterSql($_POST['usr_id']),	×
162	filterSql($_POST['fullname']),	×
163	filterSql($_POST['roleID']),	×
164	);
165	$user->updateUser($userarray);	×
166	HTTP_header("Location: $Umca" . 'list');	×
167	break;	×
168	case 'disableuser'; // Disable user account.	×
169	$BUser->disableUser($userid);	×
170	HTTP_header("Location: $Umca" . 'list');	×
171	break;	×
172	case 'enableuser'; // Enable user account.	×
173	$BUser->enableUser($userid);	×
174	HTTP_header("Location: $Umca" . 'list');	×
175	break;	×
176	case 'deleteuser'; // Delete user account.	×
177	$BUser->deleteUser($userid);	×
178	HTTP_header("Location: $Umca" . 'list');	×
179	break;	×
180	case 'list'; // Generate HTML User Table.	×
181	if ( class_exists('UILang') ){ // Issue 11 backport shim.	×
182	$ridesc = $UIL->ADA['DescRI'];	×
183	$asdesc = $UIL->ADA['DescAS'];	×
184	$AcEdit = $UIL->UAA['Edit'];	×
185	$AcDelete = $UIL->UAA['Delete'];	×
186	$uidesc = $UIL->CWA['Id'];	×
187	$ufndesc = $UIL->CWA['Name'];	×
188	}else{	×
189	$ridesc = _ROLEID;	×
190	$asdesc = _ENABLED;	×
191	$AcEdit = _EDIT;	×
192	$AcDelete = _DELETE;	×
193	$uidesc = _ID;	×
194	$ufndesc = _NAME;	×
195	}
196	$users = $user->returnUsers();	×
197	$thc = "<td class='plfieldhdr'";	×
198	$thcw5 = "$thc width='5%'>";	×
199	$tdac = "<td align='center'>";	×
200	// Users Table Display
201	$tmpHTML = FramedBoxHeader('', 'black', 0, 2);	×
202	$tmpHTML .= NLI("$thcw5$AcEdit</td>", 4);	×
203	$tmpHTML .= NLI("$thcw5$AcDelete</td>", 4);	×
204	$tmpHTML .= NLI("$thcw5$uidesc</td>", 4);	×
205	$tmpHTML .= NLI("$thc>$LoginDesc</td>", 4);	×
206	$tmpHTML .= NLI("$thc>$ridesc</td>", 4);	×
207	$tmpHTML .= NLI("$thc>$ufndesc</td>", 4);	×
208	$tmpHTML .= NLI("$thc>$asdesc</td>", 4);	×
209	$tmpHTML .= NLI('</tr>',3);	×
210	if ( $users <> '' ){ // Verify we have a user in the db --Kevin;	×
211	$tduma = $tdac . NLI($Hrst, 5);	×
212	foreach ( $users as $row ){ // Iterate users & build table.	×
213	$tmpRow = explode("\|", $row);	×
214	// Setup User ID URL param.
215	$uuid = "user&userid=" . urlencode($tmpRow[0]);	×
216	// Set up enable/disable action URL
217	if ( $tmpRow[4] == 1 ){	×
218	$Uef = true;	×
219	$enabled = $tduma . "disable$uuid'>";	×
220	$Icon = 'yes';	×
221	$IDesc = 'button_disable';	×
222	}else{	×
223	$Uef = false;	×
224	$enabled = $tduma . "enable$uuid'>";	×
225	$Icon = 'no';	×
226	$IDesc = 'button_enable';	×
227	}
228	$enabled .= Icon($Icon, $IDesc, 6);	×
229	$enabled .= NLI('</a>',5) . NLI('</td>',4);	×
230	// Anti XSS Output Data
231	$tmpRow = XSSPrintSafe($tmpRow);	×
232	$uid = $tmpRow[0];	×
233	$usn = $tmpRow[1];	×
234	$rolename = XSSPrintSafe($user->roleName($tmpRow[2]));	×
235	$ufn = $tmpRow[3];	×
236	$tmp = '';	×
237	if( !$Uef ){	×
238	$tmp = " bgcolor='#DDDDDD'"; // Light Gray;	×
239	}
240	$tmpHTML .= NLI("<tr$tmp>", 3);	×
241	$tmpHTML .= NLI($tduma."edit$uuid'>",4);	×
242	$tmpHTML .= Icon('edit', "button_$AcEdit", 6);	×
243	$tmpHTML .= NLI('</a>',5).NLI('</td>',4);	×
244	$tmpHTML .= NLI($tduma."delete$uuid'>",4);	×
245	$tmpHTML .= Icon('delete', "button_$AcDelete", 6);	×
246	$tmpHTML .= NLI('</a>',5).NLI('</td>',4);	×
247	$tmpHTML .= NLI("$tdac$uid</td>",4);	×
248	if ( $tmpRow[2] == 1 ){ // Display Admin Users in red.	×
249	$usn = returnErrorMessage("<b>$usn</b>");	×
250	}
251	$tmpHTML .= NLI("$tdac$usn</td>",4);	×
252	$tmpHTML .= NLI("$tdac$rolename</td>",4);	×
253	$tmpHTML .= NLI("$tdac$ufn</td>",4);	×
254	$tmpHTML .= NLI($enabled,4);	×
255	$tmpHTML .= NLI('</tr>',3);	×
256	}
257	}
258	$tmpHTML .= NLI('</table>',2);	×
259	$pagebody = $tmpHTML;	×
260	break;	×
261	default:	×
262	$pagebody = returnErrorMessage('Invalid Action!');	×
263	}
264	// Generate Page.
265	PrintBASESubHeader(	×
266	$page_title, $page_title, $cs->GetBackLink(), $refresh_all_pages	×
267	);
268	PrintBASEAdminMenuHeader();	×
269	print $pagebody;	×
270	PrintBASEAdminMenuFooter();	×
271	PrintBASESubFooter();	×
272	}else{	×
273	HTTP_header("Location: $BASE_urlpath/base_main.php");	×
274	}
275	?>

NathanGibbs3 / BASE / 627

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous