aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-02-20 14:39:13 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-02-20 14:39:13 +0000
commit5db44b98b35b176cae0f43641441d4d294a35507 (patch)
tree572f5fb398f78135435a2830abc9d007e931877a
parent59f77fad499a5130f5d74f0d195cf8963e93a8ea (diff)
downloadelgg-5db44b98b35b176cae0f43641441d4d294a35507.tar.gz
elgg-5db44b98b35b176cae0f43641441d4d294a35507.tar.bz2
Closes #784: Action now checks that the user is the logged in user's friend before invite.
git-svn-id: https://code.elgg.org/elgg/trunk@2860 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--mod/groups/actions/addtogroup.php11
1 files changed, 9 insertions, 2 deletions
diff --git a/mod/groups/actions/addtogroup.php b/mod/groups/actions/addtogroup.php
index 14017cc7d..0928c80c9 100644
--- a/mod/groups/actions/addtogroup.php
+++ b/mod/groups/actions/addtogroup.php
@@ -28,8 +28,9 @@
$user = get_entity($u_id);
$group = get_entity($group_guid);
- if ( $user && $group) {
+ if ( $user && $group) {
+
if ($_SESSION['user']->getGUID() == $group->owner_guid)
{
$requests = $user->group_join_request;
@@ -74,9 +75,15 @@
$methods[] = $group->getGUID();
$methods = array_unique($methods);
+ $logged_in_user = get_loggedin_user();
+
// Set invite flag
//if (!$user->setMetaData('group_invite', $group->getGUID(), "", true))
- if (!$user->setMetaData('group_invite', $methods)) {
+ if (
+ (!$user->setMetaData('group_invite', $methods)) ||
+ (!$user->isFriend())
+ )
+ {
//if (!$user->group_invite = $methods) {
register_error(elgg_echo("groups:usernotinvited"));
}