Commit b38b0bd8 authored by jurgbohn's avatar jurgbohn

Made usernames case insensitive for lookups and login

parent 626942dc
......@@ -62,7 +62,7 @@ class Server {
ON l.artist_name=s.artist
AND l.name=s.album
WHERE s.rating<>'S'
AND s.username = " . $mdb2->quote($username, "text") . '
AND s.username ILIKE " . $mdb2->quote($username, "text") . '
ORDER BY
s.time DESC
LIMIT ' . $mdb2->quote($number, "integer"));
......@@ -160,11 +160,9 @@ class Server {
global $mdb2;
if($username) {
$res = $mdb2->query('SELECT username, artist, track, album, client, ClientCodes.name, ClientCodes.url, ClientCodes.free, Now_Playing.mbid from Now_Playing LEFT OUTER JOIN Scrobble_Sessions ON Now_Playing.sessionid=Scrobble_Sessions.sessionid LEFT OUTER JOIN ClientCodes ON Scrobble_Sessions.client=ClientCodes.code WHERE username = ' . $mdb2->quote($username, "text") . ' ORDER BY Now_Playing.expires DESC LIMIT ' . $mdb2->quote($number, "integer"));
$res = $mdb2->query('SELECT username, artist, album, track, client, ClientCodes.name, ClientCodes.url, ClientCodes.free, Now_Playing.mbid from Now_Playing LEFT OUTER JOIN Scrobble_Sessions ON Now_Playing.sessionid=Scrobble_Sessions.sessionid LEFT OUTER JOIN ClientCodes ON Scrobble_Sessions.client=ClientCodes.code WHERE username = ' . $mdb2->quote($username, "text") . ' ORDER BY Now_Playing.expires DESC LIMIT ' . $mdb2->quote($number, "integer"));
$res = $mdb2->query('SELECT username, artist, album, track, client, ClientCodes.name, ClientCodes.url, ClientCodes.free, Now_Playing.mbid from Now_Playing LEFT OUTER JOIN Scrobble_Sessions ON Now_Playing.sessionid=Scrobble_Sessions.sessionid LEFT OUTER JOIN ClientCodes ON Scrobble_Sessions.client=ClientCodes.code WHERE username ILIKE ' . $mdb2->quote($username, "text") . ' ORDER BY Now_Playing.expires DESC LIMIT ' . $mdb2->quote($number, "integer"));
} else {
$res = $mdb2->query('SELECT username, artist, track, album, client, ClientCodes.name, ClientCodes.url, ClientCodes.free, Now_Playing.mbid from Now_Playing LEFT OUTER JOIN Scrobble_Sessions ON Now_Playing.sessionid=Scrobble_Sessions.sessionid LEFT OUTER JOIN ClientCodes ON Scrobble_Sessions.client=ClientCodes.code ORDER BY Now_Playing.expires DESC LIMIT ' . $mdb2->quote($number, "integer"));
$res = $mdb2->query('SELECT username, artist, album, track, client, ClientCodes.name, ClientCodes.url, ClientCodes.free, Now_Playing.mbid from Now_Playing LEFT OUTER JOIN Scrobble_Sessions ON Now_Playing.sessionid=Scrobble_Sessions.sessionid LEFT OUTER JOIN ClientCodes ON Scrobble_Sessions.client=ClientCodes.code ORDER BY Now_Playing.expires DESC LIMIT ' . $mdb2->quote($number, "integer"));
}
if(PEAR::isError($res)) {
......
......@@ -47,7 +47,7 @@ class User {
$base = preg_replace('#/$#', '', $base_url);
global $mdb2;
$res = $mdb2->query('SELECT * FROM Users WHERE ' . 'username = ' . $mdb2->quote($name, 'text'));
$res = $mdb2->query('SELECT * FROM Users WHERE ' . 'username ILIKE ' . $mdb2->quote($name, 'text'));
if($res->numRows()) {
......
......@@ -45,7 +45,7 @@ if(isset($_POST['login'])) {
if(empty($errors)) {
$res = $mdb2->query('SELECT username FROM Users WHERE '
. ' username = ' . $mdb2->quote($username, 'text')
. ' username ILIKE ' . $mdb2->quote($username, 'text')
. ' AND password = ' . $mdb2->quote(md5($password), 'text'));
if(!$res->numRows()) {
$errors .= 'Invalid username or password.';
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment