r65299 c5894 followup

Move isset check of gettoken upto level of $salt !== false. If gettoken is set, the module isn't going to do anything else (and therefore no point seeing if there is a token set, let alone attempting to validate it)

diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php
index 4d5e455..b450934 100644 (file)
--- a/includes/api/ApiMain.php
+++ b/includes/api/ApiMain.php
@@ -416,9 +416,9 @@ class ApiMain extends ApiBase {
                
                // Die if token required, but not provided (unless there is a gettoken parameter)
                $salt = $module->getTokenSalt();
-               if ( $salt !== false )
+               if ( $salt !== false && !isset( $moduleParams['gettoken'] ) )
                {
-                       if ( !isset( $moduleParams['token'] ) && !isset( $moduleParams['gettoken'] ) ) {
+                       if ( !isset( $moduleParams['token'] ) ) {
                                $this->dieUsageMsg( array( 'missingparam', 'token' ) );
                        } else {
                                global $wgUser;