From: Brion Vibber Date: Tue, 29 Sep 2009 17:27:21 +0000 (+0000) Subject: Fix regression from r54429 "(bug 17864 + bug 19519) - Do input normalization on the... X-Git-Tag: 1.31.0-rc.0~39477 X-Git-Url: http://git.cyclocoop.org/%40spipnet%40?a=commitdiff_plain;h=5e667a6b56929fe3141749189d642de5a9a32463;p=lhc%2Fweb%2Fwiklou.git Fix regression from r54429 "(bug 17864 + bug 19519) - Do input normalization on the username before doing existence/permission checks" This did some overactive canonicalization of the input username before username and database were split, breaking access to remote users where the database name contained an underscore -- it was changed to space. This would also have broken numeric access, I think, but I didn't bother to test that. :) Fix moves the username canonicalization down into fetchUser() after we split the name and database, so we now can access remote folks via non-canonical forms and we don't break the dbnames. --- diff --git a/includes/specials/SpecialUserrights.php b/includes/specials/SpecialUserrights.php index cd10217a5a..d3c9a31aa1 100644 --- a/includes/specials/SpecialUserrights.php +++ b/includes/specials/SpecialUserrights.php @@ -54,7 +54,6 @@ class UserrightsPage extends SpecialPage { } else { $this->mTarget = $wgRequest->getVal( 'user' ); } - $this->mTarget = User::getCanonicalName( $this->mTarget ); /* * If the user is blocked and they only have "partial" access @@ -312,6 +311,12 @@ class UserrightsPage extends SpecialPage { if( !$name ) { return new WikiErrorMsg( 'noname' ); } + } else { + $name = User::getCanonicalName( $name ); + if( !$name ) { + // invalid name + return new WikiErrorMsg( 'nosuchusershort', $username ); + } } if( $database == '' ) {