diff options
author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-02-20 14:39:13 +0000 |
---|---|---|
committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-02-20 14:39:13 +0000 |
commit | 5db44b98b35b176cae0f43641441d4d294a35507 (patch) | |
tree | 572f5fb398f78135435a2830abc9d007e931877a | |
parent | 59f77fad499a5130f5d74f0d195cf8963e93a8ea (diff) | |
download | elgg-5db44b98b35b176cae0f43641441d4d294a35507.tar.gz elgg-5db44b98b35b176cae0f43641441d4d294a35507.tar.bz2 |
Closes #784: Action now checks that the user is the logged in user's friend before invite.
git-svn-id: https://code.elgg.org/elgg/trunk@2860 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r-- | mod/groups/actions/addtogroup.php | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/mod/groups/actions/addtogroup.php b/mod/groups/actions/addtogroup.php index 14017cc7d..0928c80c9 100644 --- a/mod/groups/actions/addtogroup.php +++ b/mod/groups/actions/addtogroup.php @@ -28,8 +28,9 @@ $user = get_entity($u_id); $group = get_entity($group_guid); - if ( $user && $group) { + if ( $user && $group) { + if ($_SESSION['user']->getGUID() == $group->owner_guid) { $requests = $user->group_join_request; @@ -74,9 +75,15 @@ $methods[] = $group->getGUID(); $methods = array_unique($methods); + $logged_in_user = get_loggedin_user(); + // Set invite flag //if (!$user->setMetaData('group_invite', $group->getGUID(), "", true)) - if (!$user->setMetaData('group_invite', $methods)) { + if ( + (!$user->setMetaData('group_invite', $methods)) || + (!$user->isFriend()) + ) + { //if (!$user->group_invite = $methods) { register_error(elgg_echo("groups:usernotinvited")); } |