Hello,

the SQL statement selects the users by the names - see where-condition at the end of this statement:

SELECT user_id, user_name, user_pw, user_type, 
UNIX_TIMESTAMP(last_login) AS last_login, 
UNIX_TIMESTAMP(last_logout) AS last_logout, 
thread_order, user_view, sidebar, fold_threads, 
thread_display, category_selection, auto_login_code, 
activate_code, LANGUAGE, time_zone, time_difference, 
theme, tou_accepted, dps_accepted 
FROM ".$db_settings['userdata_table']." 
 
WHERE 
LOWER(user_name) = '". mysqli_real_escape_string($connid, my_strtolower($request_username, $lang['charset'])) ."'") 

Maybe(!), it is possible to add a further condition to the email field user_email, i.e.,

WHERE 
LOWER(user_name) = '". mysqli_real_escape_string($connid, my_strtolower($request_username, $lang['charset'])) ."'") 
OR 
lower(user_email) = '". mysqli_real_escape_string($connid, my_strtolower($request_username, $lang['charset'])) ."'") 

Please note: There is a negative side effect (security issue). Currently, the email filed is NOT a unique field. Different users can have identical mail addresses. This is critical, because the email-password combination is not bijective.

/Micha