summaryrefslogtreecommitdiff
path: root/includes/api/ApiQueryUserInfo.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/api/ApiQueryUserInfo.php')
-rw-r--r--includes/api/ApiQueryUserInfo.php20
1 files changed, 13 insertions, 7 deletions
diff --git a/includes/api/ApiQueryUserInfo.php b/includes/api/ApiQueryUserInfo.php
index 1a491eca..3c85ea69 100644
--- a/includes/api/ApiQueryUserInfo.php
+++ b/includes/api/ApiQueryUserInfo.php
@@ -104,12 +104,15 @@ class ApiQueryUserInfo extends ApiQueryBase {
}
if ( isset( $this->prop['preferencestoken'] ) &&
- is_null( $this->getMain()->getRequest()->getVal( 'callback' ) )
+ is_null( $this->getMain()->getRequest()->getVal( 'callback' ) ) &&
+ $user->isAllowed( 'editmyoptions' )
) {
$vals['preferencestoken'] = $user->getEditToken( '', $this->getMain()->getRequest() );
}
if ( isset( $this->prop['editcount'] ) ) {
+ // use intval to prevent null if a non-logged-in user calls
+ // api.php?format=jsonfm&action=query&meta=userinfo&uiprop=editcount
$vals['editcount'] = intval( $user->getEditCount() );
}
@@ -121,11 +124,13 @@ class ApiQueryUserInfo extends ApiQueryBase {
$vals['realname'] = $user->getRealName();
}
- if ( isset( $this->prop['email'] ) ) {
- $vals['email'] = $user->getEmail();
- $auth = $user->getEmailAuthenticationTimestamp();
- if ( !is_null( $auth ) ) {
- $vals['emailauthenticated'] = wfTimestamp( TS_ISO_8601, $auth );
+ if ( $user->isAllowed( 'viewmyprivateinfo' ) ) {
+ if ( isset( $this->prop['email'] ) ) {
+ $vals['email'] = $user->getEmail();
+ $auth = $user->getEmailAuthenticationTimestamp();
+ if ( !is_null( $auth ) ) {
+ $vals['emailauthenticated'] = wfTimestamp( TS_ISO_8601, $auth );
+ }
}
}
@@ -167,8 +172,9 @@ class ApiQueryUserInfo extends ApiQueryBase {
if ( $user->isNewbie() ) {
$categories[] = 'ip';
$categories[] = 'subnet';
- if ( !$user->isAnon() )
+ if ( !$user->isAnon() ) {
$categories[] = 'newbie';
+ }
}
$categories = array_merge( $categories, $user->getGroups() );