On webdav sesssions, loginname was compared to username which does not need to match necessarily

1 files changed, 3 insertions, 4 deletions

diff --git a/lib/base.php b/lib/base.php
index a6033f03f8c..473be9da4b3 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -527,10 +527,9 @@ class OC {
 
 		OC_User::useBackend(new OC_User_Database());
 		OC_Group::useBackend(new OC_Group_Database());
-
 		if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('user_id')
-			&& $_SERVER['PHP_AUTH_USER'] != self::$session->get('user_id')) {
-			$sessionUser = self::$session->get('user_id');
+			&& $_SERVER['PHP_AUTH_USER'] != self::$session->get('loginname')) {
+			$sessionUser = self::$session->get('loginname');
 			$serverUser = $_SERVER['PHP_AUTH_USER'];
 			OC_Log::write('core',
 				"Session user-id ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).",
@@ -805,7 +804,7 @@ class OC {
 			if ( OC_Config::getValue('log_authfailip', false) ) {
 				OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
 				OC_Log::WARN);
-			} else { 
+			} else {
 				OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:set log_authfailip=true in conf',
                                 OC_Log::WARN);
 			}