From b5f30b4ffb453702445acadd0968712e9a0d7bfe Mon Sep 17 00:00:00 2001
From: "Matteo Nastasi (mop)" <nastasi@alternativeoutput.it>
Date: Wed, 6 Jan 2016 16:45:16 +0100
Subject: [PATCH] fix login lowercase management

---
 web/Obj/brisk.phh       | 2 +-
 web/Obj/dbase_pgsql.phh | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/web/Obj/brisk.phh b/web/Obj/brisk.phh
index c84db31..85747c2 100644
--- a/web/Obj/brisk.phh
+++ b/web/Obj/brisk.phh
@@ -2433,7 +2433,7 @@ class Brisk
         $bdb->users_load();
         if ($pass != FALSE) { // TODO: here add a method to $bdb to check if the db is available.
             log_auth("XXX", "auth2");
-            $authenticate = $bdb->login_verify(strtolower($name_new), $pass, $code);
+            $authenticate = $bdb->login_verify($name_new, $pass, $code);
             log_auth("XXX", "authenticate: ".($authenticate != FALSE ? "TRUE" : "FALSE"));
 
             if ($authenticate != FALSE) {
diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh
index 8027377..1baefa3 100644
--- a/web/Obj/dbase_pgsql.phh
+++ b/web/Obj/dbase_pgsql.phh
@@ -1014,7 +1014,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
                         USING %susers as us
                         WHERE owner = %d AND us.login = '%s' AND target = us.code;",
                                    $G_dbpfx, $G_dbpfx,
-                                   $owner_id, escsql($json->login));
+                                   $owner_id, escsql(strtolower($json->login)));
 
                 if (($net_pg = $this->query($net_sql)) == FALSE) {
                     $ret = 5;
@@ -1031,7 +1031,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
                                    $G_dbpfx,
                                    $friend, $json->skill, $json->trust,
                                    $G_dbpfx,
-                                   $owner_id, escsql($json->login));
+                                   $owner_id, escsql(strtolower($json->login)));
                 if (($net_pg  = $this->query($net_sql)) == FALSE || pg_numrows($net_pg) == 0) {
                     $net_sql = sprintf("
                 INSERT INTO %susersnet SELECT %d AS owner, us.code as target,
@@ -1039,7 +1039,7 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
                     FROM %susers as us WHERE us.login = '%s' RETURNING *;",
                                        $G_dbpfx, $owner_id,
                                        $friend, $json->skill, $json->trust,
-                                       $G_dbpfx, $json->login);
+                                       $G_dbpfx, escsql(strtolower($json->login)));
                     if (($net_pg  = $this->query($net_sql)) == FALSE) {
                         log_wr('insert query failed');
                         $ret = 2;
-- 
2.17.1