From b2c65f3a66e8946b2cf42b19887e1f3b05193840 Mon Sep 17 00:00:00 2001
From: Melos <webmelos@gmail.com>
Date: Thu, 15 Nov 2018 18:18:29 +0100
Subject: [PATCH] SECURITY: Don't allow blocked users to view check user logs

Bug: T209585
---
 includes/specials/SpecialCheckUserLog.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/includes/specials/SpecialCheckUserLog.php b/includes/specials/SpecialCheckUserLog.php
index 81be07f..d9e97d1 100644
--- a/includes/specials/SpecialCheckUserLog.php
+++ b/includes/specials/SpecialCheckUserLog.php
@@ -14,6 +14,12 @@ class SpecialCheckUserLog extends SpecialPage {
 		$this->setHeaders();
 		$this->checkPermissions();
 
+		// Blocked users are not allowed to run checkuser queries (bug T157883)
+		$block = $this->getUser()->getBlock();
+		if ( $block && $block->isSitewide() ) {
+			throw new UserBlockedError( $block );
+		}
+
 		$out = $this->getOutput();
 		$request = $this->getRequest();
 		$this->target = trim( $request->getVal( 'cuSearch', $par ) );
-- 
2.14.1.windows.1