From 2b24e693dce509877df37f42527e8a260ad046ce Mon Sep 17 00:00:00 2001 From: FusionPBX Date: Tue, 14 May 2019 11:08:01 -0600 Subject: [PATCH] Update database.php --- .../resources/classes/plugins/database.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/core/authentication/resources/classes/plugins/database.php b/core/authentication/resources/classes/plugins/database.php index 262d1fa151..cac91ff325 100644 --- a/core/authentication/resources/classes/plugins/database.php +++ b/core/authentication/resources/classes/plugins/database.php @@ -36,20 +36,20 @@ class plugin_database { //check the username and password if they don't match then redirect to the login $sql = "select * from v_users "; if (strlen($this->key) > 30) { - $sql .= "where api_key=:key "; - //$sql .= "where api_key='".$this->key."' "; + $sql .= "where api_key = :key "; + //$sql .= "where api_key = '".$this->key."' "; } else { - $sql .= "where username=:username "; - //$sql .= "where username='".$this->username."' "; + $sql .= "where lower(username) = lower(:username) "; + //$sql .= "where username = '".$this->username."' "; } if ($_SESSION["user"]["unique"]["text"] == "global") { //unique username - global (example: email address) } else { //unique username - per domain - $sql .= "and domain_uuid=:domain_uuid "; - //$sql .= "and domain_uuid='".$this->domain_uuid."' "; + $sql .= "and domain_uuid = :domain_uuid "; + //$sql .= "and domain_uuid = '".$this->domain_uuid."' "; } $sql .= "and (user_enabled = 'true' or user_enabled is null) "; //echo $sql."
\n";