plugins/SpecialUserFuncs.php
changeset 326 ab66d6d1f1f4
parent 304 e2cb5f1432c8
parent 324 16d0c9f33466
child 334 c72b545f1304
--- a/plugins/SpecialUserFuncs.php	Fri Dec 07 18:47:37 2007 -0500
+++ b/plugins/SpecialUserFuncs.php	Wed Dec 19 22:55:40 2007 -0500
@@ -4,13 +4,13 @@
 Plugin URI: http://enanocms.org/
 Description: Provides the pages Special:Login, Special:Logout, Special:Register, and Special:Preferences.
 Author: Dan Fuhry
-Version: 1.0.2
+Version: 1.0.3
 Author URI: http://enanocms.org/
 */
 
 /*
  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
- * Version 1.0.2
+ * Version 1.0.3
  * Copyright (C) 2006-2007 Dan Fuhry
  *
  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
@@ -150,6 +150,7 @@
   
   if ( isset($_GET['act']) && $_GET['act'] == 'getkey' )
   {
+    header('Content-type: application/json');
     $username = ( $session->user_logged_in ) ? $session->username : false;
     $response = Array(
       'username' => $username,
@@ -1504,12 +1505,15 @@
                             array('%', '_'),
                             $finduser);
     $finduser = $db->escape($finduser);
-    $username_where = 'u.username LIKE "' . $finduser . '"';
+    $username_where = ENANO_SQLFUNC_LOWERCASE . '(u.username) LIKE \'%' . strtolower($finduser) . '%\'';
     $finduser_url = 'finduser=' . rawurlencode($_GET['finduser']) . '&';
   }
   else
   {
-    $username_where = 'u.username REGEXP "^' . $startletter_sql . '"';
+    if ( ENANO_DBLAYER == 'MYSQL' )
+      $username_where = 'lcase(u.username) REGEXP lcase("^' . $startletter_sql . '")';
+    else if ( ENANO_DBLAYER == 'PGSQL' )
+      $username_where = 'lower(u.username) ~ lower(\'^' . $startletter_sql . '\')';
     $finduser_url = '';
   }
   
@@ -1533,7 +1537,7 @@
                </tr>';
                
   // determine number of rows
-  $q = $db->sql_query('SELECT u.user_id FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != "Anonymous";');
+  $q = $db->sql_query('SELECT u.user_id FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != \'Anonymous\';');
   if ( !$q )
     $db->_die();
   
@@ -1550,7 +1554,7 @@
   $q = $db->sql_unbuffered_query('SELECT u.user_id, u.username, u.reg_time, u.email, u.user_level, u.reg_time, x.email_public FROM '.table_prefix.'users AS u
                                     LEFT JOIN '.table_prefix.'users_extra AS x
                                       ON ( u.user_id = x.user_id )
-                                    WHERE ' . $username_where . ' AND u.username != "Anonymous"
+                                    WHERE ' . $username_where . ' AND u.username != \'Anonymous\'
                                     ORDER BY ' . $sort_sqllet . ' ' . $target_order . ';');
   if ( !$q )
     $db->_die();
@@ -1580,7 +1584,7 @@
               ' .
               '<div style="float: left;">
                 <form action="' . makeUrlNS('Special', 'Memberlist') . '" method="get" onsubmit="if ( !submitAuthorized ) return false;">'
-               . ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->nslist[$paths->namespace] . $paths->cpage['urlname_nons'] ) . '" />' : '' )
+               . ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->page ) . '" />' : '' )
                . ( $session->sid_super ? '<input type="hidden" name="auth"  value="' . $session->sid_super . '" />' : '')
                . '<p>Find a member: ' . $template->username_field('finduser') . ' <input type="submit" value="Go" /><br /><small>You may use the following wildcards: * to match multiple characters, ? to match a single character.</small></p>'
                . '</form>