function addGroupUser()
{
global $submitErr, $submitErrMsg;
$groupid = getContinuationVar("groupid");
$newuser = processInputVar("newuser", ARG_STRING);
if (validateUserid($newuser) != 1) {
$submitErr |= IDNAMEERR;
$submitErrMsg[IDNAMEERR] = "Invalid login ID";
editOrAddGroup(0);
return;
}
addUserGroupMember($newuser, $groupid);
editOrAddGroup(0);
}
function XMLRPCaddUsersToGroup($name, $affiliation, $users)
{
global $user;
if (!in_array('groupAdmin', $user['privileges'])) {
return array('status' => 'error', 'errorcode' => 16, 'errormsg' => 'access denied for managing user groups');
}
$validate = array('name' => $name, 'affiliation' => $affiliation);
$rc = validateAPIgroupInput($validate, 1);
if ($rc['status'] == 'error') {
return $rc;
}
$query = "SELECT ownerid, " . "editusergroupid AS editgroupid " . "FROM usergroup " . "WHERE id = {$rc['id']}";
$qh = doQuery($query, 101);
if (!($row = mysql_fetch_assoc($qh))) {
return array('status' => 'error', 'errorcode' => 18, 'errormsg' => 'user group with submitted name and affiliation does not exist');
}
# if not owner and not member of managing group, no access
if ($user['id'] != $row['ownerid'] && !array_key_exists($row['editgroupid'], $user['groups'])) {
return array('status' => 'error', 'errorcode' => 28, 'errormsg' => 'access denied to user group with submitted name and affiliation');
}
$fails = array();
foreach ($users as $_user) {
if (empty($_user)) {
continue;
}
$esc_user = mysql_escape_string($_user);
if (validateUserid($esc_user) == 1) {
addUserGroupMember($esc_user, $rc['id']);
} else {
$fails[] = $_user;
}
}
if (count($fails)) {
$cnt = 'some';
$code = 34;
if (count($fails) == count($users)) {
$cnt = 'all submitted';
$code = 35;
}
return array('status' => 'warning', 'failedusers' => $fails, 'warningcode' => $code, 'warningmsg' => "failed to add {$cnt} users to user group");
}
return array('status' => 'success');
}
