SECURITY: Fix revdel checks in LogPager

[lhc/web/wiklou.git] / includes / logging / LogPager.php

diff --git a/includes/logging/LogPager.php b/includes/logging/LogPager.php
index dc9af5a..d1acacf 100644 (file)
--- a/includes/logging/LogPager.php
+++ b/includes/logging/LogPager.php
@@ -424,9 +424,9 @@ class LogPager extends ReverseChronologicalPager {
                $this->actionRestrictionsEnforced = true;
                $user = $this->getUser();
                if ( !$user->isAllowed( 'deletedhistory' ) ) {
-                       $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_USER ) . ' = 0';
+                       $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_ACTION ) . ' = 0';
                } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
-                       $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_USER ) .
+                       $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_ACTION ) .
                                ' != ' . LogPage::SUPPRESSED_USER;
                }
        }
@@ -442,9 +442,9 @@ class LogPager extends ReverseChronologicalPager {
                $this->performerRestrictionsEnforced = true;
                $user = $this->getUser();
                if ( !$user->isAllowed( 'deletedhistory' ) ) {
-                       $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_ACTION ) . ' = 0';
+                       $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::DELETED_USER ) . ' = 0';
                } elseif ( !$user->isAllowedAny( 'suppressrevision', 'viewsuppressed' ) ) {
-                       $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_ACTION ) .
+                       $this->mConds[] = $this->mDb->bitAnd( 'log_deleted', LogPage::SUPPRESSED_USER ) .
                                ' != ' . LogPage::SUPPRESSED_ACTION;
                }
        }