fix issue with login being case insensitve

ee0954b2 · Robin Appelman · e6bdd256 · ee0954b2 · ee0954b2
Commit ee0954b2 authored 13 years ago by Robin Appelman
--- a/lib/user.php
+++ b/lib/user.php
@@ -191,13 +191,17 @@ class OC_User {
 		$run = true;
 		OC_Hook::emit( "OC_User", "pre_login", array( "run" => &$run, "uid" => $uid ));

-		if( $run && self::checkPassword( $uid, $password )){
-			$_SESSION['user_id'] = $uid;
-		        OC_Crypt::init($uid,$password);
-			OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
-			return true;
-		}
-		else{
+		if( $run ){
+			$uid=self::checkPassword( $uid, $password );
+			if($uid){
+				$_SESSION['user_id'] = $uid;
+				OC_Crypt::init($uid,$password);
+				OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
+				return true;
+			}else{
+				return false;
+			}
+		}else{
 			return false;
 		}
 	}
@@ -292,8 +296,8 @@ class OC_User {
 		foreach(self::$_usedBackends as $backend){
 			if($backend->implementsActions(OC_USER_BACKEND_CHECK_PASSWORD)){
 				$result=$backend->checkPassword( $uid, $password );
-				if($result===true){
-					return true;
+				if($result){
+					return $result;
 				}
 			}
 		}

--- a/lib/user/database.php
+++ b/lib/user/database.php
@@ -103,13 +103,13 @@ class OC_User_Database extends OC_User_Backend {
 	 * Check if the password is correct without logging in the user
 	 */
 	public function checkPassword( $uid, $password ){
-		$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" );
+		$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid LIKE ? AND password = ?" );
 		$result = $query->execute( array( $uid, sha1( $password )));

 		if( $result->numRows() > 0 ){
-			return true;
-		}
-		else{
+			$row=$result->fetchRow();
+			return $row['uid'];
+		}else{
 			return false;
 		}
 	}