From 691c88bce8fa37d1d371988857645b6cdd9994d9 Mon Sep 17 00:00:00 2001
From: Zach Copley <zach@status.net>
Date: Mon, 8 Mar 2010 22:53:43 +0000
Subject: [PATCH] Only allow RSSCloud subs to canonical RSS2 profile feeds

---
 plugins/RSSCloud/RSSCloudRequestNotify.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/plugins/RSSCloud/RSSCloudRequestNotify.php b/plugins/RSSCloud/RSSCloudRequestNotify.php
index d76c08d379..0305295348 100644
--- a/plugins/RSSCloud/RSSCloudRequestNotify.php
+++ b/plugins/RSSCloud/RSSCloudRequestNotify.php
@@ -270,13 +270,14 @@ class RSSCloudRequestNotifyAction extends Action
 
     function userFromFeed($feed)
     {
-        // We only do profile feeds
+        // We only do canonical RSS2 profile feeds (specified by ID), e.g.:
+        // http://www.example.com/api/statuses/user_timeline/2.rss
 
         $path  = common_path('api/statuses/user_timeline/');
-        $valid = '%^' . $path . '(?<nickname>.*)\.rss$%';
+        $valid = '%^' . $path . '(?<id>.*)\.rss$%';
 
         if (preg_match($valid, $feed, $matches)) {
-            $user = User::staticGet('nickname', $matches['nickname']);
+            $user = User::staticGet('id', $matches['id']);
             if (!empty($user)) {
                 return $user;
             }