From: Matteo Nastasi (mop) Date: Wed, 6 Jan 2016 15:45:16 +0000 (+0100) Subject: fix login lowercase management X-Git-Tag: v5.3.0~12 X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=commitdiff_plain;h=b5f30b4ffb453702445acadd0968712e9a0d7bfe;p=brisk.git fix login lowercase management --- diff --git a/web/Obj/brisk.phh b/web/Obj/brisk.phh index c84db31..85747c2 100644 --- a/web/Obj/brisk.phh +++ b/web/Obj/brisk.phh @@ -2433,7 +2433,7 @@ class Brisk $bdb->users_load(); if ($pass != FALSE) { // TODO: here add a method to $bdb to check if the db is available. log_auth("XXX", "auth2"); - $authenticate = $bdb->login_verify(strtolower($name_new), $pass, $code); + $authenticate = $bdb->login_verify($name_new, $pass, $code); log_auth("XXX", "authenticate: ".($authenticate != FALSE ? "TRUE" : "FALSE")); if ($authenticate != FALSE) { diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh index 8027377..1baefa3 100644 --- a/web/Obj/dbase_pgsql.phh +++ b/web/Obj/dbase_pgsql.phh @@ -1014,7 +1014,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash) USING %susers as us WHERE owner = %d AND us.login = '%s' AND target = us.code;", $G_dbpfx, $G_dbpfx, - $owner_id, escsql($json->login)); + $owner_id, escsql(strtolower($json->login))); if (($net_pg = $this->query($net_sql)) == FALSE) { $ret = 5; @@ -1031,7 +1031,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash) $G_dbpfx, $friend, $json->skill, $json->trust, $G_dbpfx, - $owner_id, escsql($json->login)); + $owner_id, escsql(strtolower($json->login))); if (($net_pg = $this->query($net_sql)) == FALSE || pg_numrows($net_pg) == 0) { $net_sql = sprintf(" INSERT INTO %susersnet SELECT %d AS owner, us.code as target, @@ -1039,7 +1039,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash) FROM %susers as us WHERE us.login = '%s' RETURNING *;", $G_dbpfx, $owner_id, $friend, $json->skill, $json->trust, - $G_dbpfx, $json->login); + $G_dbpfx, escsql(strtolower($json->login))); if (($net_pg = $this->query($net_sql)) == FALSE) { log_wr('insert query failed'); $ret = 2;