698 // Initialize our success switch |
698 // Initialize our success switch |
699 $success = false; |
699 $success = false; |
700 |
700 |
701 // Retrieve the real password from the database |
701 // Retrieve the real password from the database |
702 $username_db = $db->escape(strtolower($username)); |
702 $username_db = $db->escape(strtolower($username)); |
|
703 $username_db_upper = $db->escape($username); |
703 if ( !$db->sql_query('SELECT password,password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n" |
704 if ( !$db->sql_query('SELECT password,password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n" |
704 . " WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db';") ) |
705 . " WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db' OR username = '$username_db_upper' );") ) |
705 { |
706 { |
706 $this->sql('SELECT password,\'\' AS password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n" |
707 $this->sql('SELECT password,\'\' AS password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n" |
707 . " WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db';"); |
708 . " WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db' OR username = '$username_db_upper' );"); |
708 } |
709 } |
709 if ( $db->numrows() < 1 ) |
710 if ( $db->numrows() < 1 ) |
710 { |
711 { |
711 // This wasn't logged in <1.0.2, dunno how it slipped through |
712 // This wasn't logged in <1.0.2, dunno how it slipped through |
712 if ( $level > USER_LEVEL_MEMBER ) |
713 if ( $level > USER_LEVEL_MEMBER ) |