From eab9fe7483be3a143a057c991c59e134ce2a8f25 Mon Sep 17 00:00:00 2001
From: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Fri, 15 Aug 2008 20:39:44 +0000
Subject: Closes #234: Please use brackets defensively; The statement:

if ($user = get_entity($foo) && $group = get_entity($bar))

Will not do what you expect it to do!

git-svn-id: https://code.elgg.org/elgg/trunk@1954 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 mod/groups/actions/addtogroup.php  | 105 +++++++++++++++++++------------------
 mod/groups/actions/joinrequest.php |   3 ++
 2 files changed, 58 insertions(+), 50 deletions(-)

(limited to 'mod')

diff --git a/mod/groups/actions/addtogroup.php b/mod/groups/actions/addtogroup.php
index c90a3690c..f891ab9af 100644
--- a/mod/groups/actions/addtogroup.php
+++ b/mod/groups/actions/addtogroup.php
@@ -25,69 +25,74 @@
 	foreach ($user_guid as $u_id)
 	{
 		$requested = false;
-		if ($user = get_entity($u_id) && $group = get_entity($group_guid)) {
-	
-		if ($_SESSION['user']->getGUID() == $group->owner_guid)
-		{
-			$requests = $user->group_join_request;
-			
-			if ($requests)
+		
+		$user = get_entity($u_id);
+		$group = get_entity($group_guid);
+		if ( $user && $group) {
+		
+			if ($_SESSION['user']->getGUID() == $group->owner_guid)
 			{
-				foreach ($requests as $request) 
+				$requests = $user->group_join_request;
+				
+				if ($requests)
 				{
-					if ($request == $group->getGUID())
+					foreach ($requests as $request) 
 					{
-						
-						// User has requested to join this group previously, so we can safely add them
-	
-						// add them
-						if ((!$group->isMember($user)) && ($group->join($user)))
+						if ($request == $group->getGUID())
 						{
 							
-							// send welcome email
-							notify_user($user->getGUID(), $group->owner_guid, 
-								sprintf(elgg_echo('groups:welcome:subject'), $group->name), 
-								sprintf(elgg_echo('groups:welcome:body'), $user->name, $group->name, $group->getURL()),
-								NULL, "email");
+							// User has requested to join this group previously, so we can safely add them
+		
+							// add them
+							if ((!$group->isMember($user)) && ($group->join($user)))
+							{
 								
-							system_message(elgg_echo('groups:addedtogroup'));
+								// send welcome email
+								notify_user($user->getGUID(), $group->owner_guid, 
+									sprintf(elgg_echo('groups:welcome:subject'), $group->name), 
+									sprintf(elgg_echo('groups:welcome:body'), $user->name, $group->name, $group->getURL()),
+									NULL, "email");
+									
+								system_message(elgg_echo('groups:addedtogroup'));
+								
+							}
+							else
+								register_error(elgg_echo("groups:cantjoin"));
 							
+							$requested = true;
 						}
-						else
-							register_error(elgg_echo("groups:cantjoin"));
-						
-						$requested = true;
 					}
 				}
-			}
-				
-			if (!$requested) 
-			{
-				// Not found in request array, so send an invite and set invite flag
-				$methods = $user->group_invite;
-				if (($methods) && (!is_array($methods)))
-					$methods = array($methods);
-				if (!$methods) $methods=array();
-				$methods[] = $group->getGUID();
-				$methods = array_unique($methods);
-				
-				// Set invite flag
-				//if (!$user->setMetaData('group_invite', $group->getGUID(), "", true))
-				if (!$user->group_invite = $methods)
-					register_error(elgg_echo("groups:usernotinvited"));
-				else
+					
+				if (!$requested) 
 				{
-					// Send email
-					if (notify_user($user->getGUID(), $group->owner_guid, 
-							sprintf(elgg_echo('groups:invite:subject'), $user->name, $group->name), 
-							sprintf(elgg_echo('groups:invite:body'), $user->name, $group->name, "{$CONFIG->url}action/groups/join?user_guid={$user->guid}&group_guid={$group->guid}"),
-							NULL, "email"))
-						system_message(elgg_echo("groups:userinvited"));
-					else
+					// Not found in request array, so send an invite and set invite flag
+					$methods = $user->group_invite;
+					if (($methods) && (!is_array($methods)))
+						$methods = array($methods);
+					if (!$methods) $methods=array();
+					$methods[] = $group->getGUID();
+					$methods = array_unique($methods);
+					
+					// Set invite flag
+					//if (!$user->setMetaData('group_invite', $group->getGUID(), "", true))
+					if (!$user->setMetaData('group_invite', $methods)) {
+					//if (!$user->group_invite = $methods) { 
 						register_error(elgg_echo("groups:usernotinvited"));
-				}
+					}
+					else
+					{
+						// Send email
+						if (notify_user($user->getGUID(), $group->owner_guid, 
+								sprintf(elgg_echo('groups:invite:subject'), $user->name, $group->name), 
+								sprintf(elgg_echo('groups:invite:body'), $user->name, $group->name, "{$CONFIG->url}action/groups/join?user_guid={$user->guid}&group_guid={$group->guid}"),
+								NULL, "email"))
+							system_message(elgg_echo("groups:userinvited"));
+						else
+							register_error(elgg_echo("groups:usernotinvited"));
+					}
+				}
 			}
-		}
 			else
 				register_error(elgg_echo("groups:notowner"));
 		}
diff --git a/mod/groups/actions/joinrequest.php b/mod/groups/actions/joinrequest.php
index a315c1733..f46eb1b2a 100644
--- a/mod/groups/actions/joinrequest.php
+++ b/mod/groups/actions/joinrequest.php
@@ -30,6 +30,9 @@
 
 		if ($invites)
 		{
+			if (!is_array($invites))
+				$invites = array($invites);
+			
 			foreach ($invites as $invite)
 			{
 				if ($invite == $group->getGUID())
-- 
cgit v1.2.3