Improve isManagerOf() error handling to prevent possible security bug

lib/userinfo.php

@@ -90,10 +90,10 @@ function isManagerOf($m, $e) {
 
     $resp = json_decode($response->getBody(), TRUE);
     if ($resp['status'] == "OK") {
-        return $resp['managerof'];
+        return $resp['managerof'] === true;
     } else {
         // this shouldn't happen, but in case it does just fake it.
-        return ["name" => $u, "username" => $u, "uid" => $u];
+        return false;
     }
 }
 

required.php

@@ -82,7 +82,7 @@ function sendError($error) {
             . "<h1>A fatal application error has occurred.</h1>"
             . "<i>(This isn't your fault.)</i>"
             . "<h2>Details:</h2>"
-            . "<p>". htmlspecialchars($error) . "</p>");
+            . "<p>" . htmlspecialchars($error) . "</p>");
 }
 
 date_default_timezone_set(TIMEZONE);