From e9089eb471b1218628c745125bc9f708a9c2e52d Mon Sep 17 00:00:00 2001
From: moodler <moodler>
Date: Mon, 12 Jan 2004 14:48:33 +0000
Subject: [PATCH] Secure group viewing when in separate mode

---
 course/group.php | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/course/group.php b/course/group.php
index feb00ca5da..f4430bd956 100644
--- a/course/group.php
+++ b/course/group.php
@@ -16,10 +16,13 @@
 
     require_login($course->id);
 
-
-    if ($group and (isteacheredit($course->id) or $course->groupmode == VISIBLEGROUPS)) {
-        if (! $group = get_record("groups", "id", $group)) {
-            error('Specified group could not be found!', "groups.php?id=$course->id");
+    if ($group) {
+        if (isteacheredit($course->id) or $course->groupmode == VISIBLEGROUPS) {
+            if (! $group = get_record("groups", "id", $group)) {
+                error('Specified group could not be found!', "groups.php?id=$course->id");
+            }
+        } else {
+            error('Sorry, you don\'t have access to view this group', "view.php?id=$course->id");
         }
     } else if (! $group = get_current_group($course->id, 'full')) {
         error('You are not currently in a group!', "view.php?id=$course->id");
-- 
2.39.5