public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 10:05:56 +00:00
Code Issues Releases Wiki Activity

authentication: make logins case-insensitive (force lowercase)

Browse Source
This commit is contained in:
Andrew Dolgov
2021-02-11 09:57:57 +03:00
parent e7e73193fe
commit 7af8744c85
8 changed files with 24 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
classes/pref/users.php
View File

@@ -206,7 +206,7 @@ class Pref_Users extends Handler_Protected {
$pass_query_part = "";
}
$sth = $this->pdo->prepare("UPDATE ttrss_users SET $pass_query_part login = ?,
$sth = $this->pdo->prepare("UPDATE ttrss_users SET $pass_query_part login = LOWER(?),
access_level = ?, email = ?, otp_enabled = false WHERE id = ?");
$sth->execute([$login, $access_level, $email, $uid]);
@@ -238,18 +238,18 @@ class Pref_Users extends Handler_Protected {
if (!$login) return; // no blank usernames
$sth = $this->pdo->prepare("SELECT id FROM ttrss_users WHERE
login = ?");
LOWER(login) = LOWER(?)");
$sth->execute([$login]);
if (!$sth->fetch()) {
$sth = $this->pdo->prepare("INSERT INTO ttrss_users
(login,pwd_hash,access_level,last_login,created, salt)
VALUES (?, ?, 0, null, NOW(), ?)");
VALUES (LOWER(?), ?, 0, null, NOW(), ?)");
$sth->execute([$login, $pwd_hash, $salt]);
$sth = $this->pdo->prepare("SELECT id FROM ttrss_users WHERE
login = ? AND pwd_hash = ?");
LOWER(login) = LOWER(?) AND pwd_hash = ?");
$sth->execute([$login, $pwd_hash]);
if ($row = $sth->fetch()) {