696 // Initialize our success switch |
696 // Initialize our success switch |
697 $success = false; |
697 $success = false; |
698 |
698 |
699 // Retrieve the real password from the database |
699 // Retrieve the real password from the database |
700 $username_db = $db->escape(strtolower($username)); |
700 $username_db = $db->escape(strtolower($username)); |
|
701 $username_db_upper = $db->escape($username); |
701 if ( !$db->sql_query('SELECT password,password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n" |
702 if ( !$db->sql_query('SELECT password,password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n" |
702 . " WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db';") ) |
703 . " WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db' OR username = '$username_db_upper' );") ) |
703 { |
704 { |
704 $this->sql('SELECT password,\'\' AS password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n" |
705 $this->sql('SELECT password,\'\' AS password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n" |
705 . " WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db';"); |
706 . " WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db' OR username = '$username_db_upper' );"); |
706 } |
707 } |
707 if ( $db->numrows() < 1 ) |
708 if ( $db->numrows() < 1 ) |
708 { |
709 { |
709 // This wasn't logged in <1.0.2, dunno how it slipped through |
710 // This wasn't logged in <1.0.2, dunno how it slipped through |
710 if ( $level > USER_LEVEL_MEMBER ) |
711 if ( $level > USER_LEVEL_MEMBER ) |