From 0ddee8ff09622ead7eaade47ccedee6500378aa4 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Fri, 10 Sep 2004 20:00:28 +0000
Subject: - Patch #10718 by drumm: bugfix: it was possible to save a user with
 no roles assigned when the form clearly said at least one was required. The
 result of saving that was silently leaving the roles unchanged, which is
 rather bad.

---
 modules/user/user.module | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'modules/user/user.module')

diff --git a/modules/user/user.module b/modules/user/user.module
index 3b211635d..400393e32 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -1041,6 +1041,12 @@ function user_edit_validate($uid, &$edit) {
     form_set_error('mail', t('The e-mail address %e-mail has been denied access.', array('%e-mail' => '<em>'. $edit['mail'] .'</em>')));
   }
 
+  // Validate the roles
+  if (!$edit['roles']) {
+    form_set_error('roles', t('You must select at least one role.'));
+    $edit['roles'] = array();
+  }
+
   // If required, validate the uploaded picture.
   if ($file = file_check_upload('picture')) {
     $user = user_load(array('uid' => $uid));
-- 
cgit v1.2.3