diff options
Diffstat (limited to 'inc/auth.php')
| -rw-r--r-- | inc/auth.php | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/inc/auth.php b/inc/auth.php index 1c8a8f5f5..9c458338d 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -535,9 +535,10 @@ function auth_aclcheck($id, $user, $groups) { return AUTH_ADMIN; } - $ci = ''; - if(!$auth->isCaseSensitive()) $ci = 'ui'; - + if(!$auth->isCaseSensitive()) { + $user = utf8_strtolower($user); + $groups = array_map('utf8_strtolower', $groups); + } $user = $auth->cleanUser($user); $groups = array_map(array($auth, 'cleanGroup'), (array) $groups); $user = auth_nameencode($user); @@ -561,11 +562,14 @@ function auth_aclcheck($id, $user, $groups) { } //check exact match first - $matches = preg_grep('/^'.preg_quote($id, '/').'\s+(\S+)\s+/'.$ci, $AUTH_ACL); + $matches = preg_grep('/^'.preg_quote($id, '/').'\s+(\S+)\s+/u', $AUTH_ACL); if(count($matches)) { foreach($matches as $match) { $match = preg_replace('/#.*$/', '', $match); //ignore comments $acl = preg_split('/\s+/', $match); + if(!$auth->isCaseSensitive() && $acl[1] !== '@ALL') { + $acl[1] = utf8_strtolower($acl[1]); + } if(!in_array($acl[1], $groups)) { continue; } @@ -588,11 +592,14 @@ function auth_aclcheck($id, $user, $groups) { } do { - $matches = preg_grep('/^'.preg_quote($path, '/').'\s+(\S+)\s+/'.$ci, $AUTH_ACL); + $matches = preg_grep('/^'.preg_quote($path, '/').'\s+(\S+)\s+/u', $AUTH_ACL); if(count($matches)) { foreach($matches as $match) { $match = preg_replace('/#.*$/', '', $match); //ignore comments $acl = preg_split('/\s+/', $match); + if(!$auth->isCaseSensitive() && $acl[1] !== '@ALL') { + $acl[1] = utf8_strtolower($acl[1]); + } if(!in_array($acl[1], $groups)) { continue; } |