* Fixed fatal for bad wlowner usernames

* Use the relevant user object to check patrol abilities rather than always using $wgUser

diff --git a/includes/api/ApiQueryWatchlist.php b/includes/api/ApiQueryWatchlist.php
index 3c09821..6b42a79 100644 (file)
--- a/includes/api/ApiQueryWatchlist.php
+++ b/includes/api/ApiQueryWatchlist.php
@@ -59,7 +59,10 @@ class ApiQueryWatchlist extends ApiQueryGeneratorBase {
                $params = $this->extractRequestParams();
 
                if (!is_null($params['owner']) && !is_null($params['token'])) {
-                       $user = User::newFromName($params['owner']);
+                       $user = User::newFromName($params['owner'],false);
+                       if( !$user->getId() ) {
+                               $this->dieUsage( 'Specified user does not exist' );
+                       }
                        $token = $user->getOption('watchlisttoken');
                        if ($token == '' || $token != $params['token']) {
                                $this->dieUsage('Incorrect watchlist token provided -- please set a correct token in Special:Preferences', 'bad_wltoken');
@@ -84,8 +87,7 @@ class ApiQueryWatchlist extends ApiQueryGeneratorBase {
                        $this->fld_patrol = isset($prop['patrol']);
 
                        if ($this->fld_patrol) {
-                               global $wgUser;
-                               if (!$wgUser->useRCPatrol() && !$wgUser->useNPPatrol())
+                               if (!$user->useRCPatrol() && !$user->useNPPatrol())
                                        $this->dieUsage('patrol property is not available', 'patrol');
                        }
                }