$entity_data['names'] . ' Group']; $title_array[] = ['text' => $group['group_name'], 'url' => generate_url(['page' => 'group', 'group_id' => $group['group_id']])]; } } else { if (!is_array($vars['id'])) { $vars['id'] = [$vars['id']]; } $title_array = []; $title_array[] = ['text' => 'Multiple ' . $entity_data['names']]; } $is_permitted = ($auth || $_SESSION['userlevel'] >= 5); // Loop each entity id and check if we're allowed to view it // FIXME - perhaps just filter ones we're not allowed to see if (!$is_permitted) { foreach ($vars['id'] as $entity_id) { if (is_numeric($entity_id) && is_entity_permitted($entity_id, $entity_type)) { $is_permitted = TRUE; } else { $is_permitted = FALSE; // Bail on first reject. break; } } } if ($auth || $is_permitted || $_SESSION['userlevel'] >= 5) { $title_array[] = ['text' => safe_count($vars['id']) . ' ' . $entity_data['names'], 'entity_type' => $entity_type, 'entities' => $vars['id']]; $auth = TRUE; } // EOF