Index: roleassign.info
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/roleassign/roleassign.info,v
retrieving revision 1.4
diff -u -r1.4 roleassign.info
--- roleassign.info	18 Jun 2007 22:53:56 -0000	1.4
+++ roleassign.info	30 Oct 2008 15:39:14 -0000
@@ -1,3 +1,4 @@
 ; $Id: roleassign.info,v 1.4 2007/06/18 22:53:56 dww Exp $
 name = "RoleAssign"
 description = "Allows site administrators to further delegate the task of managing user's roles."
+core = 6.x
\ No newline at end of file
Index: roleassign.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/roleassign/roleassign.module,v
retrieving revision 1.19
diff -u -r1.19 roleassign.module
--- roleassign.module	3 Oct 2008 18:01:58 -0000	1.19
+++ roleassign.module	30 Oct 2008 15:39:15 -0000
@@ -33,9 +33,9 @@
  *
  * Returns various help texts.
  */
-function roleassign_help($section="admin/help#roleassign")
+function roleassign_help($path = "admin/help#roleassign", $arg)
 {
-	switch ($section)
+	switch ($path)
 	{
 		case 'admin/user/roleassign':
 			return _roleassign_settings_help();
@@ -62,18 +62,19 @@
  *
  * Adds <code>role assign</code> to <code>administer » user management</code>.
  */
-function roleassign_menu($may_cache)
+function roleassign_menu()
 {
 	$items = array();
-	if ($may_cache)
-	{
-		$items[] = array('path' => 'admin/user/roleassign',
-		'title' => t('Role assign'),
-		'callback' => 'drupal_get_form',
-		'callback arguments' => array('roleassign_admin'),
-		'description' => t('Allows site administrators to further delegate the task of managing user\'s roles.'),
-		'access' => user_access('administer access control'));
-	}
+	
+	$items['admin/user/roleassign'] = array
+	(
+	  'title' => 'Role assign',
+	  'page callback' => 'drupal_get_form',
+	  'page arguments' => array('roleassign_admin'),
+	  'description' => 'Allows site administrators to further delegate the task of managing user\'s roles.',
+	  'access arguments' => array('administer permissions')
+	);
+	
 	return $items;
 }
 
@@ -85,9 +86,9 @@
 function roleassign_admin()
 {
 
-	// To admister roleassign, 'administer access control' permission
+	// To admister roleassign, 'administer permissions' permission
 	// is required.
-	if (!user_access('administer access control'))
+	if (!user_access('administer permissions'))
 		return;
 
 	// Get all avaiable roles except for 'anonymous user'
@@ -122,12 +123,12 @@
  *
  * Adds checkboxes for assignable roles to the user edit form.
  */
-function roleassign_form_alter($form_id, &$form)
+function roleassign_form_alter(&$form, &$form_state, $form_id)
 {
 
-	// Do nothing if the user already has 'administer access control'
+	// Do nothing if the user already has 'administer permissions'
 	// permission.
-	if (user_access('administer access control'))
+	if (user_access('administer permissions'))
 		return;
 
 	// Do nothing if the user hasn't both 'administer users' and
@@ -136,7 +137,7 @@
 		return;
 
 	// Do nothing if right form isn't shown.
-	if ($form_id != 'user_register' && ($form_id != 'user_edit' || !isset($form['account'])))
+	if ($form_id != 'user_register' && ($form_id != 'user_profile_form' || !isset($form['account'])))
 		return;
 
 	// Get all roles that are available.
@@ -229,12 +230,9 @@
  */
 function roleassign_user_operations()
 {
-
-	global $form_values;
-	
 	// Do nothing if add and remove roles operations already is shown or
 	// the user hasn't right to assign roles.
-	if (user_access('administer access control') || !user_access('assign roles'))
+	if (user_access('administer permissions') || !user_access('assign roles'))
 		return;
 
 	// Get roles that are available for assignment.
@@ -256,17 +254,21 @@
 	}
 	else
 		$operations = array();
+  
+  // the global variable $form_values is not available anymore:
+  // the $_POST values are "sanitized" below
+  $operation = $_POST['operation'];
 
 	// The required 'callback' key and optional 'callback arguments' key are
 	// actually only needed when someone has posted. We therefore postpone
 	// the attachement of these until $form_values is set.
-	if ($form_values)
+	if ($operation)
 	{
 		
 		// Get operation and role id.
-		$op = explode('-', $form_values['operation']);
-		$rid = $op[1];
-		$op = $op[0];
+		$op = explode('-', $operation);
+		$rid = intval($op[1]);
+		$op = $op[0];
 		
 		// If not a RoleAssign operation, there is not much to do.
 		if ($op != 'roleassign_add_role' && $op != 'roleassign_remove_role')
@@ -284,7 +286,7 @@
 		// Form the name of the core callback functions for adding and
 		// removing roles by choping off the 'roleassign_' part of the
 		// operation string.
-		$operations[$form_values['operation']] = array
+		$operations[$operation] = array
 		(
 			'callback' => 'user_multiple_role_edit',
 			'callback arguments' => array(substr($op, 11), $rid)