enforce lowercase usernames while keeping backwards-compatibility for authentication

author: Andrew Dolgov <fox@fakecake.org> 2024-08-16 14:28:20 +0300
committer: Andrew Dolgov <fox@fakecake.org> 2024-08-16 14:28:20 +0300
commit: b8cbb167d493191eee2dafec1949fcdd47dddaca (patch)
tree: d901ac90896751610345e6e7c9bf60caf43bf06a /classes
parent: 99e444d1d2b0a2be06f85a87775d291ff9f961d0 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/classes/UserHelper.php b/classes/UserHelper.php
index 92c397764..0c2ed349b 100644
--- a/classes/UserHelper.php
+++ b/classes/UserHelper.php
@@ -62,6 +62,7 @@ class UserHelper {
 		if (!Config::get(Config::SINGLE_USER_MODE)) {
 			$user_id = false;
 			$auth_module = false;
+			$login = mb_strtolower($login);
 
 			PluginHost::getInstance()->chain_hooks_callback(PluginHost::HOOK_AUTH_USER,
 				function ($result, $plugin) use (&$user_id, &$auth_module) {
@@ -222,7 +223,7 @@ class UserHelper {
 
 	static function find_user_by_login(string $login): ?int {
 		$user = ORM::for_table('ttrss_users')
-			->where('login', $login)
+			->where_raw('LOWER(login) = LOWER(?)', [$login])
 			->find_one();
 
 		if ($user)
author	Andrew Dolgov <fox@fakecake.org>	2024-08-16 14:28:20 +0300
committer	Andrew Dolgov <fox@fakecake.org>	2024-08-16 14:28:20 +0300
commit	b8cbb167d493191eee2dafec1949fcdd47dddaca (patch)
tree	d901ac90896751610345e6e7c9bf60caf43bf06a /classes
parent	99e444d1d2b0a2be06f85a87775d291ff9f961d0 (diff)