Authentication failed due to case sensitive SQL-queries

2019-03-07 19:50:04 +00:00
parent 3dbb6b9932 958897dc0a
commit 0a5384f6a8
3 changed files with 6 additions and 8 deletions
--- a/include/lucidAuth.functions.php
+++ b/include/lucidAuth.functions.php
@ -66,11 +66,11 @@ function storeToken (string $secureToken, string $qualifiedUsername, string $htt
 			INSERT INTO SecureToken (UserId, Value)
 			SELECT User.Id, :securetoken
 			FROM User
-			WHERE User.Username = :qualifiedusername
+			WHERE LOWER(User.Username) = :qualifiedusername
 		');
 		$pdoQuery->execute([
 			':securetoken'			=>	$secureToken,
-			':qualifiedusername'	=>	$qualifiedUsername
+			':qualifiedusername'	=>	strtolower($qualifiedUsername)
 		]);
 	}
 	catch (Exception $e) {
@ -118,10 +118,10 @@ function validateToken (string $secureToken) {
 		FROM SecureToken
 		LEFT JOIN User
 			ON (User.Id=SecureToken.UserId)
-		WHERE User.Username = :username
+		WHERE LOWER(User.Username) = :username
 	');
 	$pdoQuery->execute([
-			':username'	=>	(string)$jwtPayload->sub
+			':username'	=>	(string) strtolower($jwtPayload->sub)
 		]);
 	foreach($pdoQuery->fetchAll(PDO::FETCH_ASSOC) as $row) {
 		try {