Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
Is this intentional?
  • Hi,

    No idea if this is intentional, but it actually might be a trap for few people:

    Talking about create_user function (Simpleauth), which may lead to unexpected behaviour, as the username check is case-sensitive, in opposite to the email address.

    Fuel makes a direct check in the query, not making any case-checks:
    ->where('username', '=', $username)

    (Yes, I know MySQL queries are case insensitive, but it depends on the MySQL binary configuration)

    This can lead to having multiple users with the same name (admin and Admin). If this intended, should be configureable in my opinion, because it might fool some people wanting unique names.


    Btw: looking at the function, makes me think of another tiny bug: you map all returned fields to lower and check if email is there, so if the $username is an used email address (unlikely, but can happend in certain circumstances) it will throw an invalid exception saying that email address is already in use - and user email may not really be used by another user.

    Regards
    Lucas
  • It is not intended, I'm pretty sure it was wriiten when using MySQL, and the author didn't give this issue a moments thought.

    Please create an issue for it at https://github.com/fuel/auth/issues so it can be addressed.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion