Only add the user account if the ldap authentication was successful.

includes/checkauth.php

@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	Portions created by the Initial Developer are Copyright (C) 2008-2013
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -98,6 +98,7 @@ session_start();
 					}
 
 				//check to see if the user exists
+					if (!$auth_failed) {
 						$sql = "select * from v_users ";
 						$sql .= "where username=:username ";
 						if (count($_SESSION["domains"]) > 1) {
@@ -137,11 +138,11 @@ session_start();
 								$sql .= "'$domain_uuid', ";
 								$sql .= "'$user_uuid', ";
 								$sql .= "'$contact_uuid', ";
-							$sql .= "'".$username."', ";
+								$sql .= "'".strtolower($username)."', ";
 								$sql .= "'".md5($salt.$password)."', ";
 								$sql .= "'".$salt."', ";
 								$sql .= "now(), ";
-							$sql .= "'".$username."', ";
+								$sql .= "'".strtolower($username)."', ";
 								$sql .= "'true' ";
 								$sql .= ")";
 								$db->exec(check_sql($sql));
@@ -167,6 +168,7 @@ session_start();
 								unset($sql);
 						}
 					}
+			}
 		//database authentication
 			else {
 				//check the username and password if they don't match then redirect to the login