Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Preserve case for userID during login

  • Loading branch information...
commit 3ba39f77e27c5a2a8a59de8162e7060e08d68727 1 parent 701a923
mikeprimm mikeprimm authored

Showing 2 changed files with 10 additions and 10 deletions. Show diff stats Hide diff stats

  1. +3 3 web/standalone/login.php
  2. +7 7 web/standalone/register.php
6 web/standalone/login.php
@@ -22,8 +22,8 @@
22 22 hash_update($ctx, $pwdsalt);
23 23 hash_update($ctx, $password);
24 24 $hash = hash_final($ctx);
25   - $userid = strtolower($userid);
26   - if (strcasecmp($hash, $pwdhash[$userid]) == 0) {
  25 + $useridlc = strtolower($userid);
  26 + if (strcasecmp($hash, $pwdhash[$useridlc]) == 0) {
27 27 $_SESSION['userid'] = $userid;
28 28 $good = true;
29 29 }
@@ -43,7 +43,7 @@
43 43 $changed = false;
44 44 for($i=1; $i < $cnt; $i++) {
45 45 list($uid, $pc, $hsh) = split('=', rtrim($lines[$i]));
46   - if($uid == $userid) continue;
  46 + if($uid == $useridlc) continue;
47 47 if(array_key_exists($uid, $pendingreg)) {
48 48 $newlines[] = $uid . '=' . $pc . '=' . $hsh;
49 49 }
14 web/standalone/register.php
@@ -34,15 +34,15 @@
34 34 }
35 35 $good = false;
36 36
37   -$userid = strtolower($userid);
  37 +$useridlc = strtolower($userid);
38 38
39 39 $_SESSION['userid'] = '-guest-';
40 40
41 41 $good = false;
42 42
43   -if(strcmp($userid, '-guest-')) {
44   - if(isset($pendingreg[$userid])) {
45   - if(!strcmp($passcode, $pendingreg[$userid])) {
  43 +if(strcmp($useridlc, '-guest-')) {
  44 + if(isset($pendingreg[$useridlc])) {
  45 + if(!strcmp($passcode, $pendingreg[$useridlc])) {
46 46 $ctx = hash_init('sha256');
47 47 hash_update($ctx, $pwdsalt);
48 48 hash_update($ctx, $password);
@@ -56,13 +56,13 @@
56 56 $cnt = count($lines) - 1;
57 57 for($i=1; $i < $cnt; $i++) {
58 58 list($uid, $pc, $hsh) = split('=', rtrim($lines[$i]));
59   - if($uid == $userid) continue;
  59 + if($uid == $useridlc) continue;
60 60 if(array_key_exists($uid, $pendingreg)) {
61 61 $newlines[] = $uid . '=' . $pc . '=' . $hsh;
62 62 }
63 63 }
64 64 }
65   - $newlines[] = $userid . '=' . $passcode . '=' . $hash;
  65 + $newlines[] = $useridlc . '=' . $passcode . '=' . $hash;
66 66 $newlines[] = '*/ ?>';
67 67 file_put_contents('dynmap_reg.php', implode("\n", $newlines));
68 68 }
@@ -75,4 +75,4 @@
75 75 echo "{ \"result\": \"registerfailed\" }";
76 76 }
77 77
78   -?>
  78 +?>

0 comments on commit 3ba39f7

Please sign in to comment.
Something went wrong with that request. Please try again.