From ee0954b236f444ed6c0f1d39357b62db15b9c325 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Thu, 25 Aug 2011 21:51:04 +0200 Subject: [PATCH] fix issue with login being case insensitve --- lib/user.php | 22 +++++++++++++--------- lib/user/database.php | 8 ++++---- 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/lib/user.php b/lib/user.php index e53ba145c9..0630ebb938 100644 --- a/lib/user.php +++ b/lib/user.php @@ -191,13 +191,17 @@ class OC_User { $run = true; OC_Hook::emit( "OC_User", "pre_login", array( "run" => &$run, "uid" => $uid )); - if( $run && self::checkPassword( $uid, $password )){ - $_SESSION['user_id'] = $uid; - OC_Crypt::init($uid,$password); - OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid )); - return true; - } - else{ + if( $run ){ + $uid=self::checkPassword( $uid, $password ); + if($uid){ + $_SESSION['user_id'] = $uid; + OC_Crypt::init($uid,$password); + OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid )); + return true; + }else{ + return false; + } + }else{ return false; } } @@ -292,8 +296,8 @@ class OC_User { foreach(self::$_usedBackends as $backend){ if($backend->implementsActions(OC_USER_BACKEND_CHECK_PASSWORD)){ $result=$backend->checkPassword( $uid, $password ); - if($result===true){ - return true; + if($result){ + return $result; } } } diff --git a/lib/user/database.php b/lib/user/database.php index 4992c2aa16..f29aaf00f0 100644 --- a/lib/user/database.php +++ b/lib/user/database.php @@ -103,13 +103,13 @@ class OC_User_Database extends OC_User_Backend { * Check if the password is correct without logging in the user */ public function checkPassword( $uid, $password ){ - $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" ); + $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid LIKE ? AND password = ?" ); $result = $query->execute( array( $uid, sha1( $password ))); if( $result->numRows() > 0 ){ - return true; - } - else{ + $row=$result->fetchRow(); + return $row['uid']; + }else{ return false; } }