}
if ( isset( $this->prop['preferencestoken'] ) &&
- is_null( $this->getMain()->getRequest()->getVal( 'callback' ) )
+ is_null( $this->getMain()->getRequest()->getVal( 'callback' ) ) &&
+ $user->isAllowed( 'editmyoptions' )
) {
$vals['preferencestoken'] = $user->getEditToken( '', $this->getMain()->getRequest() );
}
if ( isset( $this->prop['editcount'] ) ) {
+ // use intval to prevent null if a non-logged-in user calls
+ // api.php?format=jsonfm&action=query&meta=userinfo&uiprop=editcount
$vals['editcount'] = intval( $user->getEditCount() );
}
$vals['realname'] = $user->getRealName();
}
- if ( isset( $this->prop['email'] ) ) {
- $vals['email'] = $user->getEmail();
- $auth = $user->getEmailAuthenticationTimestamp();
- if ( !is_null( $auth ) ) {
- $vals['emailauthenticated'] = wfTimestamp( TS_ISO_8601, $auth );
+ if ( $user->isAllowed( 'viewmyprivateinfo' ) ) {
+ if ( isset( $this->prop['email'] ) ) {
+ $vals['email'] = $user->getEmail();
+ $auth = $user->getEmailAuthenticationTimestamp();
+ if ( !is_null( $auth ) ) {
+ $vals['emailauthenticated'] = wfTimestamp( TS_ISO_8601, $auth );
+ }
}
}
dépôts / lhc / web / wiklou.git / blobdiff