diff options
| -rw-r--r-- | app/class/user.class.php | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/app/class/user.class.php b/app/class/user.class.php index 231111d..7d67257 100644 --- a/app/class/user.class.php +++ b/app/class/user.class.php @@ -46,11 +46,12 @@ class user extends agent * the username is not in use. Therefore, this function can be * used to test the existence of a user with the given username. */ - public static function getGuidByUname(string $uname) : ?string + public static function getGuidByUname(string $uname, bool $caseInsens = false) : ?string { $uname = database::esc($uname); - $query = "SELECT guid FROM objects WHERE objtype = 'user' AND name = '" . $uname . "'"; + $query = "SELECT guid FROM objects WHERE objtype = 'user' AND " . + ($caseInsens ? "" : "BINARY ") . "name = '" . $uname . "'"; $res = database::query($query); if (count($res) == 0) @@ -64,9 +65,9 @@ class user extends agent * is not in use. This function can be used to test the existence * of a user with the given username. */ - public static function getByUname(string $uname) : ?user + public static function getByUname(string $uname, bool $caseInsens = false) : ?user { - if (($guid = self::getGuidByUname($uname))) + if (($guid = self::getGuidByUname($uname, $caseInsens))) return new user($guid); return NULL; @@ -190,7 +191,9 @@ class user extends agent */ public static function initNew(string $uname, string $passwd) : ?user { - if (self::getByUname($uname)) + /* search is case-insensitive, to make sure no duplicates exist + * which differ _only_ by case */ + if (self::getByUname($uname, true)) return NULL; $user = new user(); |