<?php
  require_once 'header.php';
  
  $userid\; =$username = $useremail\; =$password = $accesslvl\; =\; \text{'}\text{'};$mode = "Create";
  if (isset($\_SESSION[\text{'}user\_id\text{'}]))\; \{$userid = $\_SESSION[\text{'}user\_id\text{'}];$mode = "Edit";
    if (isset($\_GET[\text{'}user\text{'}]))\; \{\; if\; (($_SESSION['user_id'] == $\_GET[\text{'}user\text{'}])\; ||\; ($_SESSION['access_lvl'] > 2)) {
        $userid\; =$_GET['user'];
        $mode\; =\; "Modify";\; \}\; \}$sql = "SELECT * FROM forum_users WHERE id=$userid";$result = mysql_query($sql)\; or\; die(\text{'}Could\; not\; look\; up\; user\; data;\; \text{'}\; .\; mysql\_error());$row = mysql_fetch_array($result);$username = $row[\text{'}name\text{'}];$useremail = $row[\text{'}email\text{'}];$accesslvl = $row[\text{'}access\_lvl\text{'}];$signature = $row[\text{'}signature\text{'}];\; \}\; echo\; "$<h3>mode Account</h3>\n";
  echo "<form method=\"post\" action=\"transact-user.php\">\n";
  ?>
  
  <p>
    Full name:<br>
    <input type="text" class="txtinput" name="name" maxlength="100"
      value="<?php echo htmlspecialchars($username);\; ?>">$</p>
  <p>
    Email Address:<br>
    <input type="text" class="txtinput" name="email" maxlength="255"
      value="<?php echo htmlspecialchars(useremail); ?>">
  </p>
  <?php
  
  if ($mode\; ==\; "Modify")\; \{\; echo\; "$<div><fieldset>\n";
    echo "  <legend>Access Level</legend>\n";
  
    sql = "SELECT * FROM forum_access_levels ORDER BY access_lvl DESC";
    $result\; =\; mysql\_query($sql,$conn)\; or\; die(\text{'}Could\; not\; list\; access\; levels;\; \text{'}\; .\; mysql\_error());\; while\; ($row = mysql_fetch_array($result))\; \{\; echo\; \text{'}$<input type="radio" class="radio" id="acl_' .
           row['access_lvl'] . '" name="accesslvl" value="' .
           $row[\text{'}access\_lvl\text{'}]\; .\; \text{'}"\; \text{'};\; if\; ($row['access_lvl'] == $accesslvl)\; \{\; echo\; \text{'}checked\; \text{'};\; \}\; echo\; \text{'}>\text{'}\; .$row['access_name'] . "<br>\n";
    }
    echo "</fieldset></div>";
  }
  if ($mode\; !=\; "Modify")\; echo\; "$<div id=\"passwords\">";
  if (mode == "Edit") {
    if (isset($\_GET[\text{'}error\text{'}])\; and$_GET['error'] == "nopassedit") {
      echo "<span class=\"error\">Could not modify passwords.";
      echo " Please try again.</span><br>";
    }
  ?>
  <p>
    Old Password:<br>
    <input type="password" id="oldpasswd"
      name="oldpasswd" maxlength="50">
  </p>
  <?php
  }
  if ($mode\; !=\; "Modify")\; \{\; ?>$<p>
    New Password:<br>
    <input type="password" id="passwd" name="passwd" maxlength="50">
  </p>
  <p>
    Password Verification:<br>
    <input type="password" id="passwd2" name="passwd2" maxlength="50">
  </p>
  <?php }
  if (mode != "Modify") echo "</div>";
  if ($mode\; !=\; "Create")\; \{\; ?>$<p>
    Signature:<br>
    <textarea name="signature" id="signature" cols="60" rows="5"><?php
      echo signature; ?></textarea>
  </p>
  <?php } ?>
  <p>
    <input type="submit" class="submit" name="action"
      value="<?php echo $mode;\; ?>\; Account">$</p>
  <?php if (mode == "Edit") {?>
  <input type="hidden" name="accesslvl"
    value="<?php echo $accesslvl;\; ?>">$<?php } ?>
  <input type="hidden" name="userid" value="<?php echo userid; ?>">
  </form>
  <?php require_once 'footer.php'; ?>