From 905b732989c0dec1336fdbf25b03b8aa1cc0aec4 Mon Sep 17 00:00:00 2001 From: Blou Date: Mon, 17 Sep 2018 16:34:19 -0400 Subject: [PATCH] Bug 20023: Password recovery using email should be case insensitive When entering an email to recover the password, a user should not have to know or remember the casing of the given email. Test 0) enable OpacResetPassword 1) On the OPAC, click "Forgot your password" 2) Enter your email address as in your user account BUT WITH A DIFFERENT CASING 3) Submit. This will fail. 4) Apply the patch, redo with success. Signed-off-by: Michal Denar Signed-off-by: Marcel de Rooy Signed-off-by: Nick Clemens (cherry picked from commit cc3bc2920744e35256b45b784c9788a64fe6dd04) Signed-off-by: Martin Renvoize (cherry picked from commit 0f019c89c18733c0e0220f41012a06c3b39df595) Signed-off-by: Fridolin Somers --- opac/opac-password-recovery.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/opac/opac-password-recovery.pl b/opac/opac-password-recovery.pl index 456aa97ff5..b65eb792b1 100755 --- a/opac/opac-password-recovery.pl +++ b/opac/opac-password-recovery.pl @@ -74,7 +74,7 @@ if ( $query->param('sendEmail') || $query->param('resendEmail') ) { $errMultipleAccountsForEmail = 1; } elsif ( $borrower = $search_results->next() ) { # One matching borrower - my @emails = ( $borrower->email, $borrower->emailpro, $borrower->B_email ); + my @emails = ( $borrower->email || '', $borrower->emailpro || '', $borrower->B_email || ''); my $firstNonEmptyEmail = ''; foreach my $address ( @emails ) { @@ -83,7 +83,7 @@ if ( $query->param('sendEmail') || $query->param('resendEmail') ) { } # Is the given email one of the borrower's ? - if ( $email && !( grep { $_ eq $email } @emails ) ) { + if ( $email && !( grep /^$email$/i, @emails ) ) { $hasError = 1; $errNoBorrowerFound = 1; } -- 2.39.5