diff --git a/controller/Users.py b/controller/Users.py
index 1637baf..53d43a1 100644
--- a/controller/Users.py
+++ b/controller/Users.py
@@ -308,7 +308,7 @@ class Users( object ):
     @raise Signup_error: passwords don't match or the username is unavailable
     @raise Validation_error: one of the arguments is invalid
     """
-    ( user, notebook ) = self.__create_user( username, password, password_repeat, email_bddress )
+    ( user, notebook ) = self.__create_user( username, password, password_repeat, email_address )
     self.__database.commit()
 
     # if there's an invite_id, then redeem that invite and redirect to the invite's notebook
@@ -317,7 +317,7 @@ class Users( object ):
       if not invite:
         raise Signup_error( u"The invite is unknown." )
 
-      self.convert_invite_to_access( invite, user_id )
+      self.convert_invite_to_access( invite, user.object_id )
       redirect = u"/notebooks/%s" % invite.notebook_id
     # if there's a requested rate plan, then redirect to the PayPal subscribe page
     elif rate_plan and rate_plan > 0:
@@ -751,7 +751,8 @@ class Users( object ):
   )
   def remove_group( self, user_id_to_remove, group_id, user_id = None ):
     """
-    Remove a user's membership from the given group.
+    Remove a user's membership from the given group. For now, this also sets them to the lowest
+    rate plan.
 
     @type user_id_to_remove: unicode
     @param user_id_to_remove: id of the user to remove from the group
@@ -771,6 +772,11 @@ class Users( object ):
 
     self.__database.execute( user.sql_remove_group( group_id ) )
 
+    # setting the user's rate plan to 0 upon group removal prevents a group admin from creating
+    # an unlimited number of users with high-end rate plans
+    user.rate_plan = 0
+    self.__database.save( user )
+
     return dict(
       message = u"Group membership for %s has been revoked." % user.username,
     )
diff --git a/controller/test/Test_users.py b/controller/test/Test_users.py
index 529b37c..4164b85 100644
--- a/controller/test/Test_users.py
+++ b/controller/test/Test_users.py
@@ -769,9 +769,12 @@ class Test_users( Test_controller ):
 
     assert membership is True
 
-  def test_check_remove_group( self ):
+  def test_remove_group( self ):
     self.login2()
 
+    self.user.rate_plan = 1
+    self.database.save( self.user )
+
     result = self.http_post( "/users/remove_group", dict(
       user_id_to_remove = self.user.object_id,
       group_id = self.group.object_id,
@@ -780,9 +783,15 @@ class Test_users( Test_controller ):
     assert u"revoked" in result[ u"message" ]
     assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == False
 
-  def test_check_remove_group_without_access( self ):
+    user = self.database.load( User, self.user.object_id )
+    assert user.rate_plan == 0
+
+  def test_remove_group_without_access( self ):
     self.login2()
 
+    self.user.rate_plan = 1
+    self.database.save( self.user )
+
     result = self.http_post( "/users/remove_group", dict(
       user_id_to_remove = self.user.object_id,
       group_id = self.group2.object_id,
@@ -791,9 +800,15 @@ class Test_users( Test_controller ):
     assert u"access" in result[ u"error" ]
     assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
 
-  def test_check_remove_group_without_admin_access( self ):
+    user = self.database.load( User, self.user.object_id )
+    assert user.rate_plan == 1
+
+  def test_remove_group_without_admin_access( self ):
     self.login()
 
+    self.user.rate_plan = 1
+    self.database.save( self.user )
+
     result = self.http_post( "/users/remove_group", dict(
       user_id_to_remove = self.user.object_id,
       group_id = self.group.object_id,
@@ -802,9 +817,15 @@ class Test_users( Test_controller ):
     assert u"access" in result[ u"error" ]
     assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
 
-  def test_check_remove_group_with_unknown_group( self ):
+    user = self.database.load( User, self.user.object_id )
+    assert user.rate_plan == 1
+
+  def test_remove_group_with_unknown_group( self ):
     self.login2()
 
+    self.user.rate_plan = 1
+    self.database.save( self.user )
+
     result = self.http_post( "/users/remove_group", dict(
       user_id_to_remove = self.user.object_id,
       group_id = u"unknowngroupid",
@@ -813,9 +834,15 @@ class Test_users( Test_controller ):
     assert u"access" in result[ u"error" ]
     assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
 
-  def test_check_remove_group_with_unknown_user( self ):
+    user = self.database.load( User, self.user.object_id )
+    assert user.rate_plan == 1
+
+  def test_remove_group_with_unknown_user( self ):
     self.login2()
 
+    self.user.rate_plan = 1
+    self.database.save( self.user )
+
     result = self.http_post( "/users/remove_group", dict(
       user_id_to_remove = u"unknownuserid",
       group_id = self.group.object_id,
@@ -824,6 +851,9 @@ class Test_users( Test_controller ):
     assert u"access" in result[ u"error" ]
     assert cherrypy.root.users.check_group( self.user.object_id, self.group.object_id ) == True
 
+    user = self.database.load( User, self.user.object_id )
+    assert user.rate_plan == 1
+
   def test_send_reset( self ):
     # trick send_reset() into using a fake SMTP server
     Stub_smtp.reset()