X-Git-Url: https://ruin.nu/git/?a=blobdiff_plain;ds=sidebyside;f=lib%2FNDWeb%2FAuth%2FUser.pm;h=a5e8366e5940178fa969144cdae3e712d7501fc5;hb=ab1ec1721c11a109546e162f87488db7dcfb9108;hp=0e49a2e12f46fa80fe7049498f2cb3e67422d633;hpb=b6d8351387cf06b88e362a458aad1e0982e575dd;p=ndwebbie.git

diff --git a/lib/NDWeb/Auth/User.pm b/lib/NDWeb/Auth/User.pm
index 0e49a2e..a5e8366 100644
--- a/lib/NDWeb/Auth/User.pm
+++ b/lib/NDWeb/Auth/User.pm
@@ -31,7 +31,7 @@ sub load {
 
 	if (exists $authinfo->{id}){
 		$self->{id} = $dbh->selectrow_array(q{
-			SELECT uid FROM users WHERE lower(username) = lower(?)
+			SELECT uid FROM users WHERE username = ?
 		},undef,$authinfo->{id});
 	}elsif (exists $authinfo->{uid}){
 		$self->{id} = $authinfo->{uid};
@@ -102,10 +102,20 @@ sub from_session {
 sub check_password {
 	my ( $self, $password ) = @_;
 	my $query = $self->{c}->model->prepare(q{
-		SELECT uid FROM users WHERE uid = ? AND password = md5(?)
+		SELECT uid FROM users WHERE uid = $1 AND password = crypt($2,password)
 	});
 	$query->execute($self->id,$password);
-	if ($query->rows == 1){
+
+	if ($query->rows == 0) {
+		$query = $self->{c}->model->prepare(q{
+			UPDATE users SET password = $2
+			WHERE uid = $1 AND password = md5($2)
+			RETURNING uid
+		});
+		$query->execute($self->id,$password);
+	}
+
+	if ($query->rows == 1) {
 		return $self;
 	}
 	return;