Allow admin or superuser to uninvite students from any school

participant_invite.php

@@ -81,7 +81,12 @@
 //this is ajax too, but we dont explicitly say AJAX==1, thats silly :p
  if($_POST['action']=="uninvite") {
 	 if($_POST['userid']) {
-		 user_uninvite(intval($_POST['userid']),$type);
+		 echo "uninviting userid: ".$_POST['userid']." from type: ".$type."\n";
+		 $r=user_uninvite(intval($_POST['userid']),$type);
+		 //this will return the user object if valid, if its just a string, then its an error string
+		 if(!is_array($r)) {
+			 echo "error: $r";
+	 	 }
 	 }
 	 exit;
  }
@@ -157,6 +162,7 @@
 	function uninvite(id) {
 		if(confirmClick('Are you sure you want to uninvite this participant?')) {
 			$.post("participant_invite.php",{action: 'uninvite', userid: id},function() {
+//				alert('done');
 				document.location.href='participant_invite.php';
 			});
 		}

user.inc.php

@@ -1807,8 +1807,13 @@ function user_uninvite($uid, $roles_id){
 	}
 
 	if($returnval == null){
-		if($user['schools_id'] != $u['schools_id']){
-			$returnval = 'You can not uninvite students form other schools';
+		if($_SESSION['superuser']=="yes" || array_key_exists('admin',$u['roles'])) {
+			//superuser or admin, let them do it
+		} else {
+			//else, the school must match
+			if($user['schools_id'] != $u['schools_id']){
+				$returnval = 'You can not uninvite students form other schools';
+			}
 		}
 	}