From 7af8744c856545f62a2f24fd1a700f40b90b8e37 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Thu, 11 Feb 2021 09:57:57 +0300
Subject: authentication: make logins case-insensitive (force lowercase)

---
 plugins/auth_remote/init.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'plugins/auth_remote')

diff --git a/plugins/auth_remote/init.php b/plugins/auth_remote/init.php
index 18ec0e1a6..85be67d05 100644
--- a/plugins/auth_remote/init.php
+++ b/plugins/auth_remote/init.php
@@ -58,13 +58,13 @@ class Auth_Remote extends Auth_Base {
 				// LemonLDAP can send user informations via HTTP HEADER
 				if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE){
 					// update user name
-					$fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
+					$fullname = isset($_SERVER['HTTP_USER_NAME']) ? $_SERVER['HTTP_USER_NAME'] : ($_SERVER['AUTHENTICATE_CN'] ?? "");
 					if ($fullname){
 						$sth = $this->pdo->prepare("UPDATE ttrss_users SET full_name = ? WHERE id = ?");
 						$sth->execute([$fullname, $user_id]);
 					}
 					// update user mail
-					$email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
+					$email = isset($_SERVER['HTTP_USER_MAIL']) ? $_SERVER['HTTP_USER_MAIL'] : ($_SERVER['AUTHENTICATE_MAIL'] ?? "");
 					if ($email){
 						$sth = $this->pdo->prepare("UPDATE ttrss_users SET email = ? WHERE id = ?");
 						$sth->execute([$email, $user_id]);
-- 
cgit v1.2.3-54-g00ecf