From f382a5a16b2ec13f00ecd9ab1ef7fc84a3ced387 Mon Sep 17 00:00:00 2001
From: Fred Tempez <ftempez@gmail.com>
Date: Mon, 19 Oct 2020 09:53:28 +0200
Subject: [PATCH] =?UTF-8?q?V=C3=A9rification=20de=20la=20valeur=20groupe?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/module/user/user.php | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/core/module/user/user.php b/core/module/user/user.php
index 975b822e..c4025d4f 100644
--- a/core/module/user/user.php
+++ b/core/module/user/user.php
@@ -595,11 +595,16 @@ class user extends common {
 					AND array_key_exists('nom',$item)
 					AND array_key_exists('groupe',$item)
 					AND array_key_exists('email',$item)
-					AND $item['nom'] 
+					AND $item['nom']
 					AND $item['prenom']
 					AND $item['id']
-					AND $item['email'] 
-					AND $item['groupe']) {
+					AND $item['email']
+					AND $item['groupe']
+					) {
+						// Validation du groupe
+						$item['groupe'] = (int) $item['groupe'];
+						$item['groupe'] =   ( $item['groupe'] >= self::GROUP_BANNED AND $item['groupe'] <= self::GROUP_ADMIN )
+											  ? $item['groupe'] : 1;
 						// L'utilisateur existe
 						if ( $this->getData(['user',helper::filter($item['id'] , helper::FILTER_ID)]))
 						{
@@ -625,7 +630,7 @@ class user extends common {
 								$userId, [
 									'firstname' => $item['prenom'],
 									'forgot' => 0,
-									'group' => (int) $item['groupe'],
+									'group' => $item['groupe'] ,
 									'lastname' => $item['nom'],
 									'mail' => $item['email'],
 									'pseudo' => $item['prenom'],