dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SECURITY: rate-limit and prevent blocked users from changing email
[lhc/web/wiklou.git] / includes / api / ApiQueryUsers.php
diff --git a/includes/api/ApiQueryUsers.php b/includes/api/ApiQueryUsers.php
index 6de512b..66d8db4 100644 (file)
--- a/includes/api/ApiQueryUsers.php
+++ b/includes/api/ApiQueryUsers.php
@@ -95,7 +95,7 @@ class ApiQueryUsers extends ApiQueryBase {
 
        public function execute() {
                $db = $this->getDB();
-               $commentStore = new CommentStore( 'ipb_reason' );
+               $commentStore = CommentStore::getStore();
 
                $params = $this->extractRequestParams();
                $this->requireMaxOneParameter( $params, 'userids', 'users' );
@@ -168,7 +168,7 @@ class ApiQueryUsers extends ApiQueryBase {
                                }
 
                                $this->addTables( 'user_groups' );
-                               $this->addJoinConds( [ 'user_groups' => [ 'INNER JOIN', 'ug_user=user_id' ] ] );
+                               $this->addJoinConds( [ 'user_groups' => [ 'JOIN', 'ug_user=user_id' ] ] );
                                $this->addFields( [ 'user_name' ] );
                                $this->addFields( UserGroupMembership::selectFields() );
                                $this->addWhere( 'ug_expiry IS NULL OR ug_expiry >= ' .
@@ -235,7 +235,8 @@ class ApiQueryUsers extends ApiQueryBase {
                                        $data[$key]['blockedby'] = $row->ipb_by_text;
                                        $data[$key]['blockedbyid'] = (int)$row->ipb_by;
                                        $data[$key]['blockedtimestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
-                                       $data[$key]['blockreason'] = $commentStore->getComment( $row )->text;
+                                       $data[$key]['blockreason'] = $commentStore->getComment( 'ipb_reason', $row )
+                                               ->text;
                                        $data[$key]['blockexpiry'] = $row->ipb_expiry;
                                }
 
Wiklou, le Wiki du Wiklou