From 610a6a8b720a287c5da45516ca480f57bdeeff95 Mon Sep 17 00:00:00 2001
From: flashwave <me@flash.moe>
Date: Mon, 26 Mar 2018 04:24:32 +0200
Subject: [PATCH] Made e-mail and username case insensitive.

---
 public/auth.php    |  6 +++---
 src/Users/User.php | 17 +++++++++++++++--
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/public/auth.php b/public/auth.php
index b732203b..18ee0e58 100644
--- a/public/auth.php
+++ b/public/auth.php
@@ -84,9 +84,9 @@ switch ($mode) {
             $username = $_POST['username'] ?? '';
             $password = $_POST['password'] ?? '';
 
-            try {
-                $user = User::where('username', $username)->orWhere('email', $username)->firstOrFail();
-            } catch (ModelNotFoundException $e) {
+            $user = User::findLogin($username);
+
+            if ($user === null) {
                 LoginAttempt::recordFail($ipAddress, null, $user_agent);
                 $auth_login_error = 'Invalid username or password!';
                 break;
diff --git a/src/Users/User.php b/src/Users/User.php
index 021abbea..3dadee46 100644
--- a/src/Users/User.php
+++ b/src/Users/User.php
@@ -40,6 +40,14 @@ class User extends Model
         return $user;
     }
 
+    public static function findLogin(string $usernameOrEmail): ?User
+    {
+        $usernameOrEmail = strtolower($usernameOrEmail);
+        return User::whereRaw("LOWER(`username`) = '{$usernameOrEmail}'")
+            ->orWhere('email', $usernameOrEmail)
+            ->first();
+    }
+
     public static function validateUsername(string $username, bool $checkInUse = false): string
     {
         $username_length = strlen($username);
@@ -68,7 +76,7 @@ class User extends Model
             return 'spacing';
         }
 
-        if ($checkInUse && static::where('username', $username)->count() > 0) {
+        if ($checkInUse && static::whereRaw("LOWER(`username`) = LOWER('{$username}')")->count() > 0) {
             return 'in-use';
         }
 
@@ -85,7 +93,7 @@ class User extends Model
             return 'dns';
         }
 
-        if ($checkInUse && static::where('email', $email)->count() > 0) {
+        if ($checkInUse && static::whereRaw("LOWER(`email`) = LOWER('{$email}')")->count() > 0) {
             return 'in-use';
         }
 
@@ -194,6 +202,11 @@ class User extends Model
         $this->attributes['password'] = password_hash($password, self::PASSWORD_HASH_ALGO);
     }
 
+    public function setEmailAttribute(string $email): void
+    {
+        $this->attributes['email'] = strtolower($email);
+    }
+
     public function sessions()
     {
         return $this->hasMany(Session::class, 'user_id');