diff options
| author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2019-11-27 14:54:45 +0100 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2019-11-28 20:52:05 +0100 |
| commit | 81e35d0c8a1bd8825b46b26c55dc94914e3e7c52 (patch) | |
| tree | 36686e2fbb3883a56e5df6c8f5d034d5419a9dcb | |
| parent | 29bdaf735be1a5ae281c1945822d8881354ccbd3 (diff) | |
| download | nextcloud-server-81e35d0c8a1bd8825b46b26c55dc94914e3e7c52.tar.gz nextcloud-server-81e35d0c8a1bd8825b46b26c55dc94914e3e7c52.zip | |
Trim the login name
Otherwise we keep on using it with leading or trailing whitespaces for
app tokens and other logic. The reason this doesn't throw an error
immediately with local users is that (My)SQL compares strings regardless
of their padding by default. So we look up 'uid ' and get the row for
the user 'uid'.
Other back-ends will lead to a hard error, though, and the user is
unable to log out as all request fail.
Ref https://stackoverflow.com/a/10495807/2239067
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
| -rw-r--r-- | core/Controller/LoginController.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 5d5ae666ca1..e9e2f02edb2 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -289,7 +289,7 @@ class LoginController extends Controller { $data = new LoginData( $this->request, - $user, + trim($user), $password, $redirect_url, $timezone, |