Changeset 10860


Ignore:
Timestamp:
May 12, 2011, 4:26:21 PM (13 years ago)
Author:
flop25
Message:

feature:1835
better managment if $confinsensitive_case_logon is true, for identification

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/identification.php

    r10824 r10860  
    5555  else
    5656  {
    57     $redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
     57                if ($conf['insensitive_case_logon'] == true)
     58                 $_POST['username'] = search_case_username($_POST['username']);
     59                $redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
    5860    $remember_me = isset($_POST['remember_me']) and $_POST['remember_me']==1;
    5961    if ( try_log_user($_POST['username'], $_POST['password'], $remember_me) )

  • trunk/include/functions_user.inc.php

    r10198 r10860  
    9191  }
    9292}
    93 
     93/**
     94 * For test on username case sensitivity
     95 *
     96 * @param : $username typed in by user for identification
     97 *
     98 * @return : $username found in database
     99 *
     100 */
     101function search_case_username($username)
     102{
     103  global $conf;
     104
     105  $username_lo = strtolower($username);
     106
     107  $SCU_users = array();
     108 
     109  $q = pwg_query("
     110    SELECT ".$conf['user_fields']['username']." AS username
     111    FROM `".USERS_TABLE."`;
     112  ");
     113  while ($r = pwg_db_fetch_assoc($q))
     114   $SCU_users[$r['username']] = strtolower($r['username']);
     115   // $SCU_users is now an associative table where the key is the account as
     116   // registered in the DB, and the value is this same account, in lower case
     117   
     118  $users_found = array_keys($SCU_users, $username_lo);
     119  // $users_found is now a table of which the values are all the accounts
     120  // which can be written in lowercase the same way as $username
     121  if (count($users_found) != 1) // If ambiguous, don't allow lowercase writing
     122   return $username; // but normal writing will work
     123  else
     124   return $users_found[0];
     125}
    94126function register_user($login, $password, $mail_address,
    95127  $with_notification = true, $errors = array())
Note: See TracChangeset for help on using the changeset viewer.