From: Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
Date: Wed, 6 Jan 2016 15:45:16 +0000 (+0100)
Subject: fix login lowercase management
X-Git-Tag: v5.3.0~12
X-Git-Url: http://mop.ddnsfree.com/gitweb/?p=brisk.git;a=commitdiff_plain;h=b5f30b4ffb453702445acadd0968712e9a0d7bfe

fix login lowercase management
---

diff --git a/web/Obj/brisk.phh b/web/Obj/brisk.phh
index c84db31..85747c2 100644
--- a/web/Obj/brisk.phh
+++ b/web/Obj/brisk.phh
@@ -2433,7 +2433,7 @@ class Brisk
         $bdb->users_load();
         if ($pass != FALSE) { // TODO: here add a method to $bdb to check if the db is available.
             log_auth("XXX", "auth2");
-            $authenticate = $bdb->login_verify(strtolower($name_new), $pass, $code);
+            $authenticate = $bdb->login_verify($name_new, $pass, $code);
             log_auth("XXX", "authenticate: ".($authenticate != FALSE ? "TRUE" : "FALSE"));
 
             if ($authenticate != FALSE) {
diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh
index 8027377..1baefa3 100644
--- a/web/Obj/dbase_pgsql.phh
+++ b/web/Obj/dbase_pgsql.phh
@@ -1014,7 +1014,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
                         USING %susers as us
                         WHERE owner = %d AND us.login = '%s' AND target = us.code;",
                                    $G_dbpfx, $G_dbpfx,
-                                   $owner_id, escsql($json->login));
+                                   $owner_id, escsql(strtolower($json->login)));
 
                 if (($net_pg = $this->query($net_sql)) == FALSE) {
                     $ret = 5;
@@ -1031,7 +1031,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
                                    $G_dbpfx,
                                    $friend, $json->skill, $json->trust,
                                    $G_dbpfx,
-                                   $owner_id, escsql($json->login));
+                                   $owner_id, escsql(strtolower($json->login)));
                 if (($net_pg  = $this->query($net_sql)) == FALSE || pg_numrows($net_pg) == 0) {
                     $net_sql = sprintf("
                 INSERT INTO %susersnet SELECT %d AS owner, us.code as target,
@@ -1039,7 +1039,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
                     FROM %susers as us WHERE us.login = '%s' RETURNING *;",
                                        $G_dbpfx, $owner_id,
                                        $friend, $json->skill, $json->trust,
-                                       $G_dbpfx, $json->login);
+                                       $G_dbpfx, escsql(strtolower($json->login)));
                     if (($net_pg  = $this->query($net_sql)) == FALSE) {
                         log_wr('insert query failed');
                         $ret = 2;