From ceaa97f2cc1220a96a9529919d0dd2d6e0393c7a Mon Sep 17 00:00:00 2001 From: Hector Cortez Date: Mon, 8 Oct 2012 14:42:12 -0400 Subject: [PATCH] =?UTF-8?q?BUG=209775=20Las=20=C3=91=20no=20son=20discrimi?= =?UTF-8?q?nadas=20para=20los=20usernames=20SLOVED?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Las Ñ no son discriminadas para los usernames. - Validation in the usernames. --- rbac/engine/classes/model/RbacUsers.php | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/rbac/engine/classes/model/RbacUsers.php b/rbac/engine/classes/model/RbacUsers.php index 501935661..7caaee79d 100755 --- a/rbac/engine/classes/model/RbacUsers.php +++ b/rbac/engine/classes/model/RbacUsers.php @@ -76,17 +76,22 @@ class RbacUsers extends BaseRbacUsers { $aFields = $rs[0]->toArray(BasePeer::TYPE_FIELDNAME); //verify password with md5, and md5 format //if ( $aFields['USR_PASSWORD'] == md5 ($sPassword ) ) { - if ( $aFields['USR_PASSWORD'] == md5 ($sPassword ) || 'md5:'.$aFields['USR_PASSWORD'] === $sPassword) { - if ($aFields['USR_DUE_DATE'] < date('Y-m-d') ) - return -4; - if ($aFields['USR_STATUS'] != 1 ) - return -3; - return $aFields['USR_UID']; + if (mb_strtoupper($sUsername, 'utf-8') === mb_strtoupper($aFields['USR_USERNAME'], 'utf-8')) { + if ( $aFields['USR_PASSWORD'] == md5 ($sPassword ) || 'md5:'.$aFields['USR_PASSWORD'] === $sPassword) { + if ($aFields['USR_DUE_DATE'] < date('Y-m-d') ) { + return -4; + } + if ($aFields['USR_STATUS'] != 1 ) { + return -3; + } + return $aFields['USR_UID']; + } else { + return -2; + } + } else { + return -1; } - else - return -2; - } - else { + } else { return -1; } }