aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--identification.php4
-rw-r--r--include/functions_user.inc.php32
2 files changed, 35 insertions, 1 deletions
diff --git a/identification.php b/identification.php
index c66edcbb7..00b92603a 100644
--- a/identification.php
+++ b/identification.php
@@ -54,7 +54,9 @@ if (isset($_POST['login']))
}
else
{
- $redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
+ if ($conf['insensitive_case_logon'] == true)
+ $_POST['username'] = search_case_username($_POST['username']);
+ $redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
$remember_me = isset($_POST['remember_me']) and $_POST['remember_me']==1;
if ( try_log_user($_POST['username'], $_POST['password'], $remember_me) )
{
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 95cd23261..61a796e4e 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -90,7 +90,39 @@ WHERE LOWER(".stripslashes($conf['user_fields']['username']).") = '".strtolower(
}
}
}
+/**
+ * For test on username case sensitivity
+ *
+ * @param : $username typed in by user for identification
+ *
+ * @return : $username found in database
+ *
+ */
+function search_case_username($username)
+{
+ global $conf;
+
+ $username_lo = strtolower($username);
+ $SCU_users = array();
+
+ $q = pwg_query("
+ SELECT ".$conf['user_fields']['username']." AS username
+ FROM `".USERS_TABLE."`;
+ ");
+ while ($r = pwg_db_fetch_assoc($q))
+ $SCU_users[$r['username']] = strtolower($r['username']);
+ // $SCU_users is now an associative table where the key is the account as
+ // registered in the DB, and the value is this same account, in lower case
+
+ $users_found = array_keys($SCU_users, $username_lo);
+ // $users_found is now a table of which the values are all the accounts
+ // which can be written in lowercase the same way as $username
+ if (count($users_found) != 1) // If ambiguous, don't allow lowercase writing
+ return $username; // but normal writing will work
+ else
+ return $users_found[0];
+}
function register_user($login, $password, $mail_address,
$with_notification = true, $errors = array())
{