| mariovaldez.net http://www.mariovaldez.net/webapps/forums/ |
|
| Case Sensitivity http://www.mariovaldez.net/webapps/forums/viewtopic.php?f=11&t=2432 |
Page 1 of 1 |
| Author: | Andrew Neale [ 28 May 2009, 04:21 ] |
| Post subject: | Case Sensitivity |
Sorry, probably been covered already, but by default username and password are case insensitive. Apart from the obvious diminished level of security, the problem I had was that I subsequently used the username as criteria in an SQL 'WHERE' statement to retrieve user specific content for my web page depending on who had logged in. Worked fine provided the user logged in with exactly matching credentials, but if they got the case wrong, they'd still get in to the site, but no content..! The following modification worked for me, which basically makes the username and password case sensitive by not forcing them to uppercase before comparing. In the file slogin_lib.inc.php find the following 2 lines and change to: if (strtoupper (trim ($slogin_content[0])) == strtoupper (trim ($username))) { Changes to if (trim ($slogin_content[0]) == trim ($username)) { And if (strtoupper (trim ($slogin_content[1])) == strtoupper (trim ($password))) { Changes to if (trim ($slogin_content[1]) == trim ($password)) { |
|
| Author: | nhowieson [ 21 Aug 2009, 10:42 ] |
| Post subject: | Re: Case Sensitivity |
Nice one, - thanks for that. |
|
| Page 1 of 1 | All times are UTC - 7 hours |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|