fix issue with login being case insensitve

diff --git a/lib/user.php b/lib/user.php
index e53ba145c9e33acf6c7a7e1fce7f067409c4105f..0630ebb93848d233a6266530559b8246d9bcaf25 100644 (file)
--- a/lib/user.php
+++ b/lib/user.php
@@ -191,13 +191,17 @@ class OC_User {
                $run = true;
                OC_Hook::emit( "OC_User", "pre_login", array( "run" => &$run, "uid" => $uid ));
 
-               if( $run && self::checkPassword( $uid, $password )){
-                       $_SESSION['user_id'] = $uid;
-                       OC_Crypt::init($uid,$password);
-                       OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
-                       return true;
-               }
-               else{
+               if( $run ){
+                       $uid=self::checkPassword( $uid, $password );
+                       if($uid){
+                               $_SESSION['user_id'] = $uid;
+                               OC_Crypt::init($uid,$password);
+                               OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid ));
+                               return true;
+                       }else{
+                               return false;
+                       }
+               }else{
                        return false;
                }
        }
@@ -292,8 +296,8 @@ class OC_User {
                foreach(self::$_usedBackends as $backend){
                        if($backend->implementsActions(OC_USER_BACKEND_CHECK_PASSWORD)){
                                $result=$backend->checkPassword( $uid, $password );
-                               if($result===true){
-                                       return true;
+                               if($result){
+                                       return $result;
                                }
                        }
                }

diff --git a/lib/user/database.php b/lib/user/database.php
index 4992c2aa1649c4c6702cde3d3a923220b102b463..f29aaf00f05ec84926532029055360162af67a52 100644 (file)
--- a/lib/user/database.php
+++ b/lib/user/database.php
@@ -103,13 +103,13 @@ class OC_User_Database extends OC_User_Backend {
         * Check if the password is correct without logging in the user
         */
        public function checkPassword( $uid, $password ){
-               $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" );
+               $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid LIKE ? AND password = ?" );
                $result = $query->execute( array( $uid, sha1( $password )));
 
                if( $result->numRows() > 0 ){
-                       return true;
-               }
-               else{
+                       $row=$result->fetchRow();
+                       return $row['uid'];
+               }else{
                        return false;
                }
        }