X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=thumb.php;h=f425d87e594489fddbf360bff25969818b04e2dc;hb=6adaaa0f7fe547d500061782544980d736d999e9;hp=4e5c2134d3111e9bb092bc5e6c4783490651f112;hpb=efe7286cac744ccc7bce5417d20601a387f6d1ad;p=lhc%2Fweb%2Fwiklou.git

diff --git a/thumb.php b/thumb.php
index 4e5c2134d3..f425d87e59 100644
--- a/thumb.php
+++ b/thumb.php
@@ -35,7 +35,7 @@ if ( defined( 'THUMB_HANDLER' ) ) {
 	wfThumbHandle404();
 } else {
 	// Called directly, use $_GET params
-	wfStreamThumb( $wgRequest->getQueryValues() );
+	wfStreamThumb( $wgRequest->getQueryValuesOnly() );
 }
 
 $mediawiki = new MediaWiki();
@@ -91,6 +91,7 @@ function wfThumbHandle404() {
  */
 function wfStreamThumb( array $params ) {
 	global $wgVaryOnXFP;
+	$permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
 
 	$headers = []; // HTTP headers to send
 
@@ -154,9 +155,8 @@ function wfStreamThumb( array $params ) {
 
 	// Check permissions if there are read restrictions
 	$varyHeader = [];
-	if ( !in_array( 'read', User::getGroupPermissions( [ '*' ] ), true ) ) {
+	if ( !in_array( 'read', $permissionManager->getGroupPermissions( [ '*' ] ), true ) ) {
 		$user = RequestContext::getMain()->getUser();
-		$permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
 		$imgTitle = $img->getTitle();
 
 		if ( !$imgTitle || !$permissionManager->userCan( 'read', $user, $imgTitle ) ) {