From e17553d9548d4870a4579a86c6e425a7f32aecf5 Mon Sep 17 00:00:00 2001 From: alecpl Date: Tue, 30 Nov 2010 13:43:04 +0000 Subject: - Add 'login_lc' config option for case-insensitive authentication (#1487113) - Make username comparison case sensitive on MySQL --- program/include/rcube_user.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'program/include/rcube_user.php') diff --git a/program/include/rcube_user.php b/program/include/rcube_user.php index e4506cff7..ee6db77cc 100644 --- a/program/include/rcube_user.php +++ b/program/include/rcube_user.php @@ -358,13 +358,17 @@ class rcube_user { $dbh = rcmail::get_instance()->get_dbh(); + // use BINARY (case-sensitive) comparison on MySQL, other engines are case-sensitive + $prefix = preg_match('/^mysql/', $dbh->db_provider) ? 'BINARY ' : ''; + // query for matching user name $query = "SELECT * FROM ".get_table_name('users')." WHERE mail_host = ? AND %s = ?"; - $sql_result = $dbh->query(sprintf($query, 'username'), $host, $user); + + $sql_result = $dbh->query(sprintf($query, $prefix.'username'), $host, $user); // query for matching alias if (!($sql_arr = $dbh->fetch_assoc($sql_result))) { - $sql_result = $dbh->query(sprintf($query, 'alias'), $host, $user); + $sql_result = $dbh->query(sprintf($query, $prefix.'alias'), $host, $user); $sql_arr = $dbh->fetch_assoc($sql_result); } -- cgit v1.2.3