Commit eeafa281 authored by Leigh B. Stoller's avatar Leigh B. Stoller

When determining if a user has permission to do something, first make

sure user is actually active!
parent 853e3d03
......@@ -911,7 +911,17 @@ sub TBGrpTrust($$$)
$gid = $pid;
# User must be active to be trusted.
my $query_result =
DBQueryFatal("select status from users ".
"where uid='$uid' and status='" . USERSTATUS_ACTIVE() . "'");
if ($query_result->numrows == 0) {
$query_result =
DBQueryFatal("select trust from group_membership ".
"where uid='$uid' and pid='$pid' and gid='$gid'");
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment