aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorflop25 <flop25@piwigo.org>2011-05-12 14:26:21 +0000
committerflop25 <flop25@piwigo.org>2011-05-12 14:26:21 +0000
commit0a0bad781b86dac7b854a48b7c4a89bc27cbacf0 (patch)
treebde7ab700df909d14eac1a855362c4ee96bd91c1
parentb658b845449a243203fa13550d3e89e86c201762 (diff)
feature:1835
better managment if $conf['insensitive_case_logon'] is true, for identification git-svn-id: http://piwigo.org/svn/trunk@10860 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--identification.php4
-rw-r--r--include/functions_user.inc.php32
2 files changed, 35 insertions, 1 deletions
diff --git a/identification.php b/identification.php
index c66edcbb7..00b92603a 100644
--- a/identification.php
+++ b/identification.php
@@ -54,7 +54,9 @@ if (isset($_POST['login']))
}
else
{
- $redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
+ if ($conf['insensitive_case_logon'] == true)
+ $_POST['username'] = search_case_username($_POST['username']);
+ $redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
$remember_me = isset($_POST['remember_me']) and $_POST['remember_me']==1;
if ( try_log_user($_POST['username'], $_POST['password'], $remember_me) )
{
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 95cd23261..61a796e4e 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -90,7 +90,39 @@ WHERE LOWER(".stripslashes($conf['user_fields']['username']).") = '".strtolower(
}
}
}
+/**
+ * For test on username case sensitivity
+ *
+ * @param : $username typed in by user for identification
+ *
+ * @return : $username found in database
+ *
+ */
+function search_case_username($username)
+{
+ global $conf;
+
+ $username_lo = strtolower($username);
+ $SCU_users = array();
+
+ $q = pwg_query("
+ SELECT ".$conf['user_fields']['username']." AS username
+ FROM `".USERS_TABLE."`;
+ ");
+ while ($r = pwg_db_fetch_assoc($q))
+ $SCU_users[$r['username']] = strtolower($r['username']);
+ // $SCU_users is now an associative table where the key is the account as
+ // registered in the DB, and the value is this same account, in lower case
+
+ $users_found = array_keys($SCU_users, $username_lo);
+ // $users_found is now a table of which the values are all the accounts
+ // which can be written in lowercase the same way as $username
+ if (count($users_found) != 1) // If ambiguous, don't allow lowercase writing
+ return $username; // but normal writing will work
+ else
+ return $users_found[0];
+}
function register_user($login, $password, $mail_address,
$with_notification = true, $errors = array())
{