php/mysql display user details after login

Hello everybody

I'm looking for someone to help me about my problem, im trying to display user details after login with allow user to edit some fields .

the user can edit these fields

password
repassword
description
address
telephone
email

and these two fields not allow to edit only display , and only edit by admin .

username (login)
privilege

the code is :

<?php
include('session.php');
include('phpsqlajax_dbinfo.php');
include("includes/savelog.php");
session_start();

$sql=mysql_query("SELECT * FROM users WHERE id='$GPSUSERID'");
$result=mysql_fetch_array($sql);
$GPSUSERNAME=strtoupper($result['login']);

$EDID=$_GET['EDID'];
$Save=$_GET['Save'];
$Edit=$_GET['Edit'];

$user=$_GET['user'];
$privilege=$_GET['privilege'];
$password=$_GET['password'];
$repassword=$_GET['repassword'];
$description=$_GET['description'];
$address=$_GET['address'];
$telephone=$_GET['telephone'];
$email=$_GET['email'];

if(isset($Save))
{
    if(!empty($user) and $status<>'0')
    {
        if($password <> $repassword)
        {
            $ermsg='Password mismatch. Try again !';
        }
        else
        {
            $sql=mysql_query("SELECT * FROM users WHERE login='$user' AND id<>'$EDID'");
            $count=mysql_num_rows($sql);
            if($count==0)
            {
                $password=md5($password);
                $sql=mysql_query("UPDATE users SET `privilege`='$privilege',`login`='$user',`password`='$password',`userSettings_id`='1',`status`='Active'
                ,`description`='$description',`address`='$address',`telephone`='$telephone',`email`='$email' WHERE id='$EDID' ");

                if($sql)
                {
                    SaveLog($GPSUSERID,'User updated successfully. Username '.$login.'');
                }
                else $ermsg="Error occured when updating user. Try again !";
            }
            else
            $ermsg="This username already exist on the system. Try again !";
        }
    }
    else $ermsg="Username and Privilege required !";
}

//////////////////////////////////////////////////////////////////////////////////
if(isset($_GET['Edit']))
{
    $sql=mysql_query("SELECT * FROM users WHERE id='".$_GET['EDID']."'");
    $result=mysql_fetch_array($sql);

    $Euser=$result['login'];
    $Eprivilege=$result['privilege'];
    $Edescription=$result['description'];
    $EAddress=$result['address'];
    $ETelephone=$result['telephone'];
    $EEmail=$result['email'];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="css/smoothness/jquery-ui-1.8.2.custom.css" />
<script type="text/javascript" src="js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="js/jquery-ui-1.8.2.custom.min.js"></script>
<title>GPS HANI</title>
<style type="text/css">
#Ddraggable { display:none; }
#Edraggable { display:none; }
</style>
<script type="text/javascript">
function Ddialog(did) {
$("#Ddraggable").dialog({modal:true});
document.getElementById("DID").value=did;
}

function Edialog(did) {
$("#Edraggable").dialog({modal:true});
document.getElementById("EID").value=did;
}
</script>

<style type="text/css">
    #map-canvas {position:fixed !important; position:absolute; top:0; left:200px; right:0; bottom:0; }
    .ITitle { font:Georgia, "Times New Roman", Times, serif; font-size:15px; }

.vname {
    background:url(images/bg/u_online.gif) left no-repeat;
    width:100%;
    margin-bottom:3px;
    font-size:12px;
    font-family:Arial, Helvetica, sans-serif;
    float:left;
}
.vname a { text-decoration:none; color:#22cc22; margin:1px 1px 2px 18px; }
.vname a:hover { text-decoration:underline; color:#22cc22; margin:1px 1px 2px 18px; }

</style>

</head>

<body style="font-family:Arial, Helvetica, sans-serif; font-size:12px;">
<div style="width:200px; margin:10px 2px 2px 0px; float:left;">
<?php include('settings_left.php');?>
</div>

<div id="map-canvas">
<div style="width:100%; padding:5px; background:#D7DAFB;">
<table width="100%" border="0">
    <tr>
        <td bgcolor="#000000"><div style="color:#FFF; font-weight:bold; background:url(images/top_bg.gif) repeat-x;">:: ADD USERS</div></td>
    </tr>
    <tr>
        <td><div style="font-size:12px; color:#F00; font-weight:bold;"><?php echo $ermsg;?></div></td>
    </tr>
    <tr>
        <td>
        <form name="frmset" method="get" action="view_users.php">

        <table width="100%" border="0">
            <tr>
                <td width="200" align="left">Enter Username (Login) </td>
                <td align="left"><label for="user"></label>
                    <input type="text" name="user" id="user" value="<?php echo $Euser;?>" placeholder="Login Name" required="required" />
                    <font color="#FF0000">*</font></td>
            </tr>
            <tr>
                <td align="left">Select Privilege</td>
                <td align="left">
                <select name="privilege">
                <?php
        if(isset($Edit))
        echo '<option value="'.$Eprivilege.'">'.$Eprivilege.'</option>';
        else
        echo '<option value="0">- Select Privilege -</option>';

                if($GPSPRIVILEGE=='admin') echo '<option value="Distributor">Distributor</option>';
        ?>
                <option value="End-User">End-User</option>
                </select>
                    <font color="#FF0000">*</font></td>
            </tr>
            <tr>
                <td align="left"><strong>Enter Password</strong></td>
                <td align="left">
                    <input type="password" name="password" id="password" placeholder="Password" required="required"/>
                    <font color="#FF0000">*</font></td>
            </tr>
            <tr>
                <td align="left"><strong>Re-Enter Password</strong></td>
                <td align="left">
                <input type="password" name="repassword" id="repassword" placeholder="Re-Type Password" required="required"/>
                    <font color="#FF0000">*</font></td>
            </tr>
            <tr>
                <td align="left">Enter Description</td>
                <td align="left"><label for="description"></label>
                    <textarea name="description" id="description" cols="40" rows="3"><?php echo $Edescription; ?></textarea></td>
            </tr>
            <tr>
                <td align="left">Enter Address</td>
                <td align="left"><input name="address" type="text" id="address" size="40" value="<?php echo $EAddress; ?>" placeholder="Address" /></td>
            </tr>
            <tr>
                <td align="left">Enter Telephone Number(s)</td>
                <td align="left"><input name="telephone" type="text" id="telephone" size="40" value="<?php echo $ETelephone; ?>" placeholder="Telephone"/></td>
            </tr>
            <tr>
                <td align="left">Enter Email Address(s)</td>
                <td align="left">
                <input name="email" type="email" id="email" size="40" value="<?php echo $EEmail; ?>" placeholder="E-Mail"/>
                <input name="EDID" type="hidden" id="EDID" value="<?php echo $EDID;  ; ?>"/>
                </td>
            </tr>
            <tr>
                <td align="left">&nbsp;</td>
                <td align="left">&nbsp;</td>
            </tr>
            <tr>
                <td align="left">&nbsp;</td>
                <td align="left">

                <?php
        if(isset($_GET['Edit']))
                echo '<input type="submit" name="Save" id="Save" value="Save User Details" />';
        else
                echo '<input type="submit" name="Add" id="Add" value="Add User Details" />';
        ?>
                </td>
            </tr>
        </table></form>
        </td>
    </tr>
</table>

</div>
<br />

</div>
<input type="submit" style="width:50px; box-shadow:1px 1px 2px #000000; height:30px; border-radius:5px;" value="No" />
</form>
</div>
</div>

</body>

</html

Thank you.