|
Sorry, probably been covered already, but by default username and password are case insensitive. Apart from the obvious diminished level of security, the problem I had was that I subsequently used the username as criteria in an SQL 'WHERE' statement to retrieve user specific content for my web page depending on who had logged in. Worked fine provided the user logged in with exactly matching credentials, but if they got the case wrong, they'd still get in to the site, but no content..!
The following modification worked for me, which basically makes the username and password case sensitive by not forcing them to uppercase before comparing. In the file slogin_lib.inc.php find the following 2 lines and change to:
if (strtoupper (trim ($slogin_content[0])) == strtoupper (trim ($username))) {
Changes to
if (trim ($slogin_content[0]) == trim ($username)) {
And
if (strtoupper (trim ($slogin_content[1])) == strtoupper (trim ($password))) {
Changes to
if (trim ($slogin_content[1]) == trim ($password)) {
|
|
Login
FAQ
Search
