LP#1491571: Ignore Case when Checking PW Reset email

Emails are not passwords and are not case sensitive;
while it is a good idea to require patrons to prove
they know the address associated with their account
it is not cool to deny them because they don't know
the capitalization of the value in the database.

Signed-off-by: Jason Boyer <jboyer@library.in.gov>
Signed-off-by: Ben Shum <ben@evergreener.net>

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
index fcc71a5..8e86249 100644 (file)
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
@@ -3980,7 +3980,7 @@ sub request_password_reset {
     
     my $email_must_match = $U->ou_ancestor_setting_value($user->home_ou, 'circ.password_reset_request_requires_matching_email');
     if ($email_must_match) {
-        if ($user->email ne $email) {
+        if (lc($user->email) ne lc($email)) {
             return OpenILS::Event->new('EMAIL_VERIFICATION_FAILED');
         }
     }