]> WPIA git - gigi.git/blobdiff - src/org/cacert/gigi/pages/LoginPage.java
projects / gigi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
upd: convert to PostgreSQL
[gigi.git] / src / org / cacert / gigi / pages / LoginPage.java
diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java
index 91b6b1b7139383ce20c1d44d61e68b8e19a65406..06006cf264d7ac9507077a709c49c69874b4c304 100644 (file)
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -134,12 +134,17 @@ public class LoginPage extends Page {
     }
 
     public static User fetchUserBySerial(String serial) {
+        if ( !serial.matches("[A-Fa-f0-9]+")) {
+            throw new Error("serial malformed.");
+        }
         GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `memid` FROM `certs` WHERE `serial`=? AND `disablelogin`='0' AND `revoked` is NULL");
-        ps.setString(1, serial);
+        ps.setString(1, serial.toLowerCase());
         GigiResultSet rs = ps.executeQuery();
         User user = null;
         if (rs.next()) {
             user = User.getById(rs.getInt(1));
+        } else {
+            System.out.println("User with serial " + serial + " not found.");
         }
         rs.close();
         return user;
WPIA Certificate Web Issuance Platform