We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit 11fbe9ae authored by clint's avatar clint

This is likely to be much more efficient and accurate than ILIKE, but should...

This is likely to be much more efficient and accurate than ILIKE, but should all of these be case-insensitive?
parent 1ebe4083
......@@ -62,7 +62,7 @@ class Server {
ON l.artist_name=s.artist
AND l.name=s.album
WHERE s.rating<>'S'
AND s.username ILIKE " . $mdb2->quote($username, "text") . '
AND lower(s.username) = " . $mdb2->quote(strtolower($username), "text") . '
ORDER BY
s.time DESC
LIMIT ' . $mdb2->quote($number, "integer"));
......@@ -160,7 +160,7 @@ class Server {
global $mdb2;
if($username) {
$res = $mdb2->query('SELECT username, artist, album, track, client, ClientCodes.name, ClientCodes.url, ClientCodes.free, Now_Playing.mbid from Now_Playing LEFT OUTER JOIN Scrobble_Sessions ON Now_Playing.sessionid=Scrobble_Sessions.sessionid LEFT OUTER JOIN ClientCodes ON Scrobble_Sessions.client=ClientCodes.code WHERE username ILIKE ' . $mdb2->quote($username, "text") . ' ORDER BY Now_Playing.expires DESC LIMIT ' . $mdb2->quote($number, "integer"));
$res = $mdb2->query('SELECT username, artist, album, track, client, ClientCodes.name, ClientCodes.url, ClientCodes.free, Now_Playing.mbid from Now_Playing LEFT OUTER JOIN Scrobble_Sessions ON Now_Playing.sessionid=Scrobble_Sessions.sessionid LEFT OUTER JOIN ClientCodes ON Scrobble_Sessions.client=ClientCodes.code WHERE lower(username) = ' . $mdb2->quote(strtolower($username), "text") . ' ORDER BY Now_Playing.expires DESC LIMIT ' . $mdb2->quote($number, "integer"));
} else {
$res = $mdb2->query('SELECT username, artist, track, album, client, ClientCodes.name, ClientCodes.url, ClientCodes.free, Now_Playing.mbid from Now_Playing LEFT OUTER JOIN Scrobble_Sessions ON Now_Playing.sessionid=Scrobble_Sessions.sessionid LEFT OUTER JOIN ClientCodes ON Scrobble_Sessions.client=ClientCodes.code ORDER BY Now_Playing.expires DESC LIMIT ' . $mdb2->quote($number, "integer"));
}
......
......@@ -48,7 +48,7 @@ class User {
$base = preg_replace('#/$#', '', $base_url);
global $mdb2;
$res = $mdb2->query('SELECT * FROM Users WHERE ' . 'username ILIKE ' . $mdb2->quote($name, 'text'));
$res = $mdb2->query('SELECT * FROM Users WHERE lower(username) = ' . $mdb2->quote(strtolower($name), 'text'));
if($res->numRows()) {
......
......@@ -45,7 +45,7 @@ if(isset($_POST['login'])) {
if(empty($errors)) {
$res = $mdb2->query('SELECT username FROM Users WHERE '
. ' username ILIKE ' . $mdb2->quote($username, 'text')
. ' lower(username) = ' . $mdb2->quote(strtolower($username), 'text')
. ' AND password = ' . $mdb2->quote(md5($password), 'text'));
if(!$res->numRows()) {
$errors .= 'Invalid username or password.';
......
......@@ -65,7 +65,7 @@ if(isset($_POST['register'])) {
}
//Check this username is available
$res = $mdb2->query("SELECT username FROM Users WHERE username ILIKE " . $mdb2->quote($username));
$res = $mdb2->query("SELECT username FROM Users WHERE lower(username) = " . $mdb2->quote(strtolower($username)));
if($res->numRows()) {
$errors .= "Sorry, that username is already registered.<br />";
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment