X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;ds=sidebyside;f=role_add.php;h=d26cb6ad03d97c13e8a41db3acb42c0b32a137fe;hb=b462dba60a4686a99189cb9a6329c2cc99f5f7ac;hp=e4cbb96442c44ed7883e8755cd7a123f9180ea37;hpb=fd0872d9e582113346fa1e93557f370286c5c9f2;p=timetracker.git

diff --git a/role_add.php b/role_add.php
index e4cbb964..d26cb6ad 100644
--- a/role_add.php
+++ b/role_add.php
@@ -40,7 +40,7 @@ if (!ttAccessAllowed('manage_roles')) {
 if ($request->isPost()) {
   $cl_name = trim($request->getParameter('name'));
   $cl_description = trim($request->getParameter('description'));
-  $cl_rank = (int) $request->getParameter('rank');
+  $cl_rank = (int)$request->getParameter('rank');
 }
 
 $form = new Form('roleForm');
@@ -56,6 +56,7 @@ if ($request->isPost()) {
   // Validate user input.
   if (!ttValidString($cl_name)) $err->add($i18n->get('error.field'), $i18n->get('label.thing_name'));
   if (!ttValidString($cl_description, true)) $err->add($i18n->get('error.field'), $i18n->get('label.description'));
+  if ($cl_rank >= $user->rank || $cl_rank < 0) $err->add($i18n->get('error.field'), $i18n->get('form.roles.rank'));
 
   if ($err->no()) {
     $existing_role = ttRoleHelper::getRoleByRank($cl_rank, $user->team_id);