php-pagebuilder Code

<?php
session_start();
$user_ID=$_SESSION[user_ID];
if (!$user_ID || $user_ID=='0')
{
  header('location: index.php');
  die('Login failed');
}
require("util.php");
$sql = new MySQL_class;
$sql->Create("generator");
$esql = new MySQL_class;
$esql->Create("generator");
if ($_GET[user]) { $_SESSION[var_user] = $_GET[user]; }
$user=$_SESSION[var_user];
?>
<?php
if ($_POST['right']!='') {
$right = $_POST['right'];
}
?>
<html>
<head>
	<link href="list.css" type="text/css" rel=stylesheet>
	<meta content="text/css" http-equiv="Content-Style-Type">
	<title>Rights add</title>
</head>
<body class="top" onload="Insert.<?php
{echo 'right';}
?>.focus();">
<form name="Insert" action="postaddrights.php" method="post">
<input type=hidden name="FOCUS" value="">
<table class=enter>
<tr id=title><th colspan=2>Rights add</th></tr>
<tr><th>Right</th>
<td>
<?php
$current=($_POST['right']!='');
echo ("<select name=\"right\" style=\"width: 175px\" OnChange=\"Insert.action=''; Insert.FOCUS.value='502'; Insert.submit();\">");
$sql->Query("SELECT `username` as F0_1, `user`.user FROM `user` 	ORDER BY `username`");
for ($i = 0; $i < $sql->rows; $i++) {  $sql->Fetch($i);
  $searchID = $sql->data[user];
	$username_0=htmlspecialchars($sql->data[F0_1]);
  $searchshow = "$username_0";
  echo "<option ";
  if ($current && $searchID == $_POST['right']) {echo "selected ";};
  echo "value=\"$searchID\">$searchshow";
  echo "</option>\n";
}
echo ("</select>");
?>
</td></tr>
</table>
<p id=buttons>
<input type=submit value=Add>
<input type=button value=Cancel onClick="window.close()">
</p>
</form>
</body>
</html>