From ee0954b236f444ed6c0f1d39357b62db15b9c325 Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind1991@gmail.com>
Date: Thu, 25 Aug 2011 21:51:04 +0200
Subject: [PATCH] fix issue with login being case insensitve

---
 lib/user.php          | 22 +++++++++++++---------
 lib/user/database.php |  8 ++++----
 2 files changed, 17 insertions(+), 13 deletions(-)

diff --git a/lib/user.php b/lib/user.php
index e53ba145c9..0630ebb938 100644
--- a/lib/user.php
+++ b/lib/user.php
@@ -191,13 +191,17 @@ class OC_User {
 		$run = true;
 		OC_Hook::emit( "OC_User", "pre_login", array( "run" => &$run, "uid" => $uid ));
 
-		if( $run && self::checkPassword( $uid, $password )){
-			$_SESSION['user_id'] = $uid;
-		        OC_Crypt::init($uid,$password);
-			OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
-			return true;
-		}
-		else{
+		if( $run ){
+			$uid=self::checkPassword( $uid, $password );
+			if($uid){
+				$_SESSION['user_id'] = $uid;
+				OC_Crypt::init($uid,$password);
+				OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
+				return true;
+			}else{
+				return false;
+			}
+		}else{
 			return false;
 		}
 	}
@@ -292,8 +296,8 @@ class OC_User {
 		foreach(self::$_usedBackends as $backend){
 			if($backend->implementsActions(OC_USER_BACKEND_CHECK_PASSWORD)){
 				$result=$backend->checkPassword( $uid, $password );
-				if($result===true){
-					return true;
+				if($result){
+					return $result;
 				}
 			}
 		}
diff --git a/lib/user/database.php b/lib/user/database.php
index 4992c2aa16..f29aaf00f0 100644
--- a/lib/user/database.php
+++ b/lib/user/database.php
@@ -103,13 +103,13 @@ class OC_User_Database extends OC_User_Backend {
 	 * Check if the password is correct without logging in the user
 	 */
 	public function checkPassword( $uid, $password ){
-		$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" );
+		$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid LIKE ? AND password = ?" );
 		$result = $query->execute( array( $uid, sha1( $password )));
 
 		if( $result->numRows() > 0 ){
-			return true;
-		}
-		else{
+			$row=$result->fetchRow();
+			return $row['uid'];
+		}else{
 			return false;
 		}
 	}
-- 
GitLab