X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Feditgroup.php;h=39dad0465eb070ced615f205661e1115cb7f3b39;hb=b4e649fe906a793cd5e62d6390065ea5d41c40db;hp=5f853a089492c94afe925bfb5642a75389c02b18;hpb=7076cda746049c468e3ad656c58653e9fcb7d822;p=quix0rs-gnu-social.git

diff --git a/actions/editgroup.php b/actions/editgroup.php
index 5f853a0894..39dad0465e 100644
--- a/actions/editgroup.php
+++ b/actions/editgroup.php
@@ -72,9 +72,7 @@ class EditgroupAction extends Action
             return false;
         }
 
-        return true;
-
-        $nickname_arg = $this->arg('nickname');
+        $nickname_arg = $this->trimmed('nickname');
         $nickname = common_canonical_nickname($nickname_arg);
 
         // Permanent redirect on non-canonical nickname
@@ -90,12 +88,26 @@ class EditgroupAction extends Action
             return false;
         }
 
-        $this->group = User_group::staticGet('nickname', $nickname);
+        $groupid = $this->trimmed('groupid');
+        if ($groupid) {
+            $this->group = User_group::staticGet('id', $groupid);
+        } else {
+            $this->group = User_group::staticGet('nickname', $nickname);
+        }
 
         if (!$this->group) {
             $this->clientError(_('No such group'), 404);
             return false;
         }
+
+        $cur = common_current_user();
+
+        if (!$cur->isAdmin($this->group)) {
+            $this->clientError(_('You must be an admin to edit the group'), 403);
+            return false;
+        }
+
+        return true;
     }
 
     /**
@@ -124,6 +136,12 @@ class EditgroupAction extends Action
         $this->showPage();
     }
 
+    function showLocalNav()
+    {
+        $nav = new GroupNav($this, $this->group);
+        $nav->show();
+    }
+
     function showContent()
     {
         $form = new GroupEditForm($this, $this->group);
@@ -142,6 +160,12 @@ class EditgroupAction extends Action
 
     function trySave()
     {
+        $cur = common_current_user();
+        if (!$cur->isAdmin($this->group)) {
+            $this->clientError(_('You must be an admin to edit the group'), 403);
+            return;
+        }
+
         $nickname    = common_canonical_nickname($this->trimmed('nickname'));
         $fullname    = $this->trimmed('fullname');
         $homepage    = $this->trimmed('homepage');
@@ -166,13 +190,13 @@ class EditgroupAction extends Action
                                         array('http', 'https')))) {
             $this->showForm(_('Homepage is not a valid URL.'));
             return;
-        } else if (!is_null($fullname) && strlen($fullname) > 255) {
+        } else if (!is_null($fullname) && mb_strlen($fullname) > 255) {
             $this->showForm(_('Full name is too long (max 255 chars).'));
             return;
-        } else if (!is_null($description) && strlen($description) > 140) {
+        } else if (!is_null($description) && mb_strlen($description) > 140) {
             $this->showForm(_('description is too long (max 140 chars).'));
             return;
-        } else if (!is_null($location) && strlen($location) > 255) {
+        } else if (!is_null($location) && mb_strlen($location) > 255) {
             $this->showForm(_('Location is too long (max 255 chars).'));
             return;
         }
@@ -196,7 +220,7 @@ class EditgroupAction extends Action
         if ($this->group->nickname != $orig->nickname) {
             common_redirect(common_local_url('editgroup',
                                              array('nickname' => $nickname)),
-                            307);
+                            303);
         } else {
             $this->showForm(_('Options saved.'));
         }
@@ -209,4 +233,5 @@ class EditgroupAction extends Action
                 $group != false &&
                 $group->id != $this->group->id);
     }
-}
\ No newline at end of file
+}
+