X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FLoginPage.java;h=06006cf264d7ac9507077a709c49c69874b4c304;hp=91b6b1b7139383ce20c1d44d61e68b8e19a65406;hb=03d27b5bdaea6253e674cdf2779465873b657900;hpb=e04e99de1af984634675056004cd031c0b526505

diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java
index 91b6b1b7..06006cf2 100644
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -134,12 +134,17 @@ public class LoginPage extends Page {
     }
 
     public static User fetchUserBySerial(String serial) {
+        if ( !serial.matches("[A-Fa-f0-9]+")) {
+            throw new Error("serial malformed.");
+        }
         GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `memid` FROM `certs` WHERE `serial`=? AND `disablelogin`='0' AND `revoked` is NULL");
-        ps.setString(1, serial);
+        ps.setString(1, serial.toLowerCase());
         GigiResultSet rs = ps.executeQuery();
         User user = null;
         if (rs.next()) {
             user = User.getById(rs.getInt(1));
+        } else {
+            System.out.println("User with serial " + serial + " not found.");
         }
         rs.close();
         return user;