Changeset 8197


Ignore:
Timestamp:
Dec 19, 2010, 9:16:30 PM (10 years ago)
Author:
Eric
Message:

bug 2069 : First step to heaven ! ;-) Thanks to Luc who drives me to the solution. This is not fully functional and some tests are still under progress.

Location:
extensions/LCAS/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/LCAS/trunk/include/functions.inc.php

    r8180 r8197  
    851851}
    852852
     853/**
     854 * Function called from main.inc.php - Returns exiting lowercase username in database
     855 *
     856 * @param : $username typed in by user for identification
     857 *
     858 * @return : lowercase $username found in database
     859 *
     860 */
     861function LCAS_SearchUsername($username)
     862{
     863  global $conf;
     864 
     865  if (isset($username))
     866  {
     867    $query = "
     868SELECT ".$conf['user_fields']['username']."
     869FROM ".USERS_TABLE."
     870WHERE LOWER(".$conf['user_fields']['username'].") = '".strtolower($username)."'
     871LIMIT 1;";
     872
     873    list($username) = pwg_db_fetch_assoc(pwg_query($query));;
     874
     875    return isset($username) ? $username : '';
     876  }
     877}
     878
    853879
    854880// DebugLog function
  • extensions/LCAS/trunk/main.inc.php

    r8173 r8197  
    4747}
    4848
    49 // Trigger sensitivity on user identification
    50 if (script_basename() == 'identification')
     49add_event_handler('init', 'LCAS_InitPage');
     50 
     51function LCAS_InitPage()
    5152{
    5253  global $conf;
    53  
     54
    5455  $conf_LCAS= unserialize($conf['LoginCaseAccentsSensitivity']);
    55  
    56   /* Username non case sensitive */
    57   //if (isset($conf_LCAS[1]) and $conf_LCAS[1] == 'false')
    58   //{
    59     // This does not work - Unable to invalidate try_log_user() function
    60     add_event_handler('login_success', 'LCAS_action');
    61     add_event_handler('login_failure', 'LCAS_action');
    62    
    63     function LCAS_action()
     56 
     57/* User identification */
     58  if (script_basename() == 'identification')
     59  {
     60    if (isset($_POST['username']))
    6461    {
    65   global $conf;
    66   // retrieving the encrypted password of the login submitted
    67   $query = '
    68 SELECT '.$conf['user_fields']['id'].' AS id,
    69        '.$conf['user_fields']['password'].' AS password
    70   FROM '.USERS_TABLE.'
    71   WHERE LOWER('.$conf['user_fields']['username'].') = \''.pwg_db_real_escape_string(strtolower($_POST['username'])).'\'
    72 ;';
    73   $row = pwg_db_fetch_assoc(pwg_query($query));
    74   if ($row['password'] == $conf['pass_convert']($_POST['password']))
    75   {
    76     //log_user($row['id'], $remember_me);
    77     //trigger_action('login_success', stripslashes($_POST['username']));
    78     //return true;
    79 $var1 = 'Typed login : '.$_POST['username'];
    80 $var2 = 'Typed login lowercase : '.strtolower($_POST['username']);
    81 $var3 = 'Typed pwd hash : '.$conf['pass_convert'] ($_POST['password']);
    82 $var4 = 'Pwd hash in DB : '.$row['password'];
    83 $var5 = 'User ID in DB : '.$row['id'];
    84 /* ********************** */
    85 DebugLog($var1,$var2,$var3,$var4,$var5);
    86 /* ********************** */
    87 
     62      /* User non case sensitive */
     63      if (isset($conf_LCAS[0]) and $conf_LCAS[0] == 'false')
     64      {
     65        $new_username =  LCAS_SearchUsername($_POST['username']); // Testing still under progress - This is not fully functionnal !
     66        $_POST['username'] = $new_username == '' ? $_POST['username'] : $new_username;
     67      }
     68    }
    8869  }
    89   //trigger_action('login_failure', stripslashes($_POST['username']));
    90   return false;
    91     }
    92   //}
    9370}
    9471?>
Note: See TracChangeset for help on using the changeset viewer.