diff options
-rw-r--r-- | login.php | 4 | ||||
-rw-r--r-- | useradm.php | 4 |
2 files changed, 4 insertions, 4 deletions
@@ -5,8 +5,8 @@ @$op = $_REQUEST["op"]; if ($op == "perform-login") { - $user = SQLite3::escapeString($_REQUEST["user"]); - $password = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:" . $_REQUEST["password"])); + $user = SQLite3::escapeString(trim(mb_strtolower($_REQUEST["user"]))); + $password = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:" . trim($_REQUEST["password"]))); $dbh = Db::get(); diff --git a/useradm.php b/useradm.php index d36167a..ee330cb 100644 --- a/useradm.php +++ b/useradm.php @@ -44,8 +44,8 @@ exit; } - $user = SQLite3::escapeString($user); - $pass_hash = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:$pass")); + $user = SQLite3::escapeString(trim(mb_strtolower($user))); + $pass_hash = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:" . trim($pass))); print "Adding user $user with password $pass...\n"; |