Important update!
1.4.1 and lower versions have a SQL exploit with the getGroups and getUsers actions. See below for more information.
You can now:
- Get users by IP address [7634729].
- Get users by array [ecf9c20].
- Get user upgrades when grabbing a user [ec3c284].
- Filter threads by discussion_state in getThreads [b874c73].
Other fixes/stuff:
- Fixed SQL injection exploit [00a737a], reported by Julien Ahrens, http://www.rcesecurity.com/, thanks! See BuqTraq.
- Fixed unserialize on editUser [3047503].
- Added discussion_state parameter to createThread [bc7de18].
- Fixed issue with avatars not returning the correct URL [feffe8b].
- Send email on registration if user state is email_confirm [1ec9e71].
- Removed unneeded breaks, the API should now work with PHP7 [fbcf0b1].