summaryrefslogtreecommitdiff
path: root/lib/api.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/api.php')
-rw-r--r--lib/api.php15
1 files changed, 8 insertions, 7 deletions
diff --git a/lib/api.php b/lib/api.php
index e2ea87b43..539aac4af 100644
--- a/lib/api.php
+++ b/lib/api.php
@@ -1142,15 +1142,10 @@ class ApiAction extends Action
function getTargetUser($id)
{
- if (empty($id)) {
+ if (!preg_match('/^[a-zA-Z0-9]+$/', $id)) {
// Twitter supports these other ways of passing the user ID
- if (is_numeric($this->arg('id'))) {
- return User::staticGet($this->arg('id'));
- } else if ($this->arg('id')) {
- $nickname = common_canonical_nickname($this->arg('id'));
- return User::staticGet('nickname', $nickname);
- } else if ($this->arg('user_id')) {
+ if ($this->arg('user_id')) {
// This is to ensure that a non-numeric user_id still
// overrides screen_name even if it doesn't get used
if (is_numeric($this->arg('user_id'))) {
@@ -1159,6 +1154,12 @@ class ApiAction extends Action
} else if ($this->arg('screen_name')) {
$nickname = common_canonical_nickname($this->arg('screen_name'));
return User::staticGet('nickname', $nickname);
+
+ } else if (is_numeric($this->arg('id'))) {
+ return User::staticGet($this->arg('id'));
+ } else if ($this->arg('id')) {
+ $nickname = common_canonical_nickname($this->arg('id'));
+ return User::staticGet('nickname', $nickname);
} else {
// Fall back to trying the currently authenticated user
return $this->auth_user;