diff options
author | Brion Vibber <brion@pobox.com> | 2010-10-22 13:53:10 -0700 |
---|---|---|
committer | Brion Vibber <brion@pobox.com> | 2010-10-22 13:53:10 -0700 |
commit | eb30c6651a0f726e44e4b8c318f5c1274969202d (patch) | |
tree | 949ab2639658e77a04fbbb31e565f3ba54f488d5 | |
parent | 2d124e4aabdc2f4c5a30c5b0b087bbfa1e7bac7b (diff) |
Additional fixes found while looking at ticket #2532: when given a screen name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames.
-rw-r--r-- | lib/apiaction.php | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/apiaction.php b/lib/apiaction.php index afba8ab63..4e9dbb310 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -1398,8 +1398,10 @@ class ApiAction extends Action if (is_numeric($this->arg('id'))) { return Profile::staticGet($this->arg('id')); } else if ($this->arg('id')) { + // Screen names currently can only uniquely identify a local user. $nickname = common_canonical_nickname($this->arg('id')); - return Profile::staticGet('nickname', $nickname); + $user = User::staticGet('nickname', $nickname); + return $user ? $user->getProfile() : null; } else if ($this->arg('user_id')) { // This is to ensure that a non-numeric user_id still // overrides screen_name even if it doesn't get used @@ -1408,13 +1410,15 @@ class ApiAction extends Action } } else if ($this->arg('screen_name')) { $nickname = common_canonical_nickname($this->arg('screen_name')); - return Profile::staticGet('nickname', $nickname); + $user = User::staticGet('nickname', $nickname); + return $user ? $user->getProfile() : null; } } else if (is_numeric($id)) { return Profile::staticGet($id); } else { $nickname = common_canonical_nickname($id); - return Profile::staticGet('nickname', $nickname); + $user = User::staticGet('nickname', $nickname); + return $user ? $user->getProfile() : null; } } |