sixfold/app.sixfold.org
1
0
Fork 0
Code Activity

Make email and handle lookups case-insensitive

Browse source
This commit is contained in:
Ainsley Ellis 2024-11-30 06:22:47 -05:00
parent 16092b411e
commit 7f2a2deeb5
6 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/config.php
View file

@ -109,7 +109,7 @@ function password_check($account)
);} else {if (sha1($_POST["password"]) === $account->password): );} else {if (sha1($_POST["password"]) === $account->password):
$stmt = $db["data"]->prepare('UPDATE members $stmt = $db["data"]->prepare('UPDATE members
SET password = :password SET password = :password
WHERE email = :email'); WHERE LOWER(email) = LOWER(:email)');
$new_password = password_hash( $new_password = password_hash(
$_POST["password"], $_POST["password"],
PASSWORD_ARGON2ID PASSWORD_ARGON2ID

4
www/account/edit.php
View file

@ -14,7 +14,7 @@ function validate_fields($data)
if ($_SESSION["account"]->handle !== $_POST["handle"]) { if ($_SESSION["account"]->handle !== $_POST["handle"]) {
$stmt = $db["data"]->prepare( $stmt = $db["data"]->prepare(
"SELECT COUNT(*) FROM members WHERE UPPER(handle) = UPPER(:handle)" "SELECT COUNT(*) FROM members WHERE LOWER(handle) = LOWER(:handle)"
); );
$stmt->execute([ $stmt->execute([
"handle" => $data["handle"], "handle" => $data["handle"],
@ -27,7 +27,7 @@ function validate_fields($data)
if ($_SESSION["account"]->email !== $_POST["email"]) { if ($_SESSION["account"]->email !== $_POST["email"]) {
$stmt = $db["data"]->prepare( $stmt = $db["data"]->prepare(
"SELECT COUNT(*) FROM members WHERE email = :email" "SELECT COUNT(*) FROM members WHERE LOWER(email) = LOWER(:email)"
); );
$stmt->execute([ $stmt->execute([
"email" => $data["email"], "email" => $data["email"],

2
www/forgot-password.php
View file

@ -93,7 +93,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST"):
$errors["email"] = "Please enter an email address."; $errors["email"] = "Please enter an email address.";
} else { } else {
$stmt = $db["data"]->prepare( $stmt = $db["data"]->prepare(
"SELECT id FROM members WHERE email = :email" "SELECT id FROM members WHERE LOWER(email) = LOWER(:email)"
); );
$stmt->execute([ $stmt->execute([
"email" => $_POST["email"], "email" => $_POST["email"],

2
www/login.php
View file

@ -10,7 +10,7 @@ $title = "Login";
if ($_SERVER["REQUEST_METHOD"] === "POST"): ?> if ($_SERVER["REQUEST_METHOD"] === "POST"): ?>
<?php <?php
$stmt = $db["data"]->prepare("SELECT * FROM members WHERE email = :email"); $stmt = $db["data"]->prepare("SELECT * FROM members WHERE LOWER(email) = LOWER(:email)");
$results = $stmt->execute([ $results = $stmt->execute([
"email" => $_POST["email"], "email" => $_POST["email"],
]); ]);

2
www/members/member.php
View file

@ -11,7 +11,7 @@ biography,
links, links,
created_at, created_at,
last_access last_access
FROM members WHERE UPPER(handle) = UPPER(:handle)"; FROM members WHERE LOWER(handle) = LOWER(:handle)";
$stmt = $db['data']->prepare($sql); $stmt = $db['data']->prepare($sql);
$stmt->execute([ $stmt->execute([

6
www/signup.php
View file

@ -5,7 +5,7 @@ function validate_fields($data)
global $db; global $db;
$errors = []; $errors = [];
$stmt = $db["data"]->prepare("SELECT COUNT(*) FROM members WHERE email = :email"); $stmt = $db["data"]->prepare("SELECT COUNT(*) FROM members WHERE LOWER(email) = LOWER(:email)");
$stmt->execute([ $stmt->execute([
"email" => $data["email"], "email" => $data["email"],
]); ]);
@ -13,7 +13,7 @@ function validate_fields($data)
$errors["email"] = "That email address is already in use."; $errors["email"] = "That email address is already in use.";
} }
$stmt = $db["data"]->prepare("SELECT COUNT(*) FROM members WHERE UPPER(handle) = UPPER(:handle)"); $stmt = $db["data"]->prepare("SELECT COUNT(*) FROM members WHERE LOWER(handle) = LOWER(:handle)");
$stmt->execute([ $stmt->execute([
"handle" => $data["handle"], "handle" => $data["handle"],
]); ]);
@ -54,7 +54,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST"):
"last_access" => date("Y-m-dTH:i:s"), "last_access" => date("Y-m-dTH:i:s"),
]); ]);
$stmt = $db['data']->query('SELECT * FROM members WHERE email = :email'); $stmt = $db['data']->query('SELECT * FROM members WHERE LOWER(email) = LOWER(:email)');
$stmt->execute([ $stmt->execute([
'email' => $_POST['email'], 'email' => $_POST['email'],
]); ]);