Bug 20023: Password recovery using email should be case insensitive

When entering an email to recover the password, a user should not have to know or remember the casing of the given email.

Test
0) enable OpacResetPassword
1) On the OPAC, click "Forgot your password"
2) Enter your email address as in your user account BUT WITH A DIFFERENT CASING
3) Submit.  This will fail.
4) Apply the patch, redo with success.

Signed-off-by: Michal Denar <black23@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

diff --git a/opac/opac-password-recovery.pl b/opac/opac-password-recovery.pl
index e553744..4c28b0f 100755 (executable)
--- a/opac/opac-password-recovery.pl
+++ b/opac/opac-password-recovery.pl
@@ -73,7 +73,7 @@ if ( $query->param('sendEmail') || $query->param('resendEmail') ) {
         $errMultipleAccountsForEmail = 1;
     }
     elsif ( $borrower = $search_results->next() ) {    # One matching borrower
-        my @emails = ( $borrower->email, $borrower->emailpro, $borrower->B_email );
+        my @emails = ( $borrower->email || '', $borrower->emailpro || '', $borrower->B_email || '');
 
         my $firstNonEmptyEmail = '';
         foreach my $address ( @emails ) {
@@ -82,7 +82,7 @@ if ( $query->param('sendEmail') || $query->param('resendEmail') ) {
         }
 
         # Is the given email one of the borrower's ?
-        if ( $email && !( grep { $_ eq $email } @emails ) ) {
+        if ( $email && !( grep /^$email$/i, @emails ) ) {
             $hasError    = 1;
             $errNoBorrowerFound = 1;
         }