--- drupal-7.x-dev/modules/user/user.module     Sat May 17 17:02:56 2008
+++ modules/user/user.module    Wed May 21 01:22:05 2008
@@ -106,6 +106,7 @@ function user_external_load($authname) {
  *    TRUE if the login succeeds, FALSE otherwise.
  */
 function user_external_login($account, $edit = array()) {
+
   $form = drupal_get_form('user_login');

   $state['values'] = $edit;
@@ -543,7 +544,7 @@ function user_access($string, $account =
  * @return boolean TRUE for blocked users, FALSE for active.
  */
 function user_is_blocked($name) {
-  $deny = db_fetch_object(db_query("SELECT name FROM {users} WHERE status = 0 AND name = LOWER('%s')", $name));
+  $deny = db_fetch_object(db_query("SELECT name FROM {users} WHERE status = 0 AND (name = LOWER('%s') OR mail = LOWER('%s'))", $name,$name));

   return $deny;
 }
@@ -1287,7 +1288,7 @@ function user_authenticate($form_values
   $password = trim($form_values['pass']);
   // Name and pass keys are required.
   if (!empty($form_values['name']) && !empty($password)) {
-    $account = db_fetch_object(db_query("SELECT * FROM {users} WHERE name = '%s' AND status = 1", $form_values['name']));
+    $account = db_fetch_object(db_query("SELECT * FROM {users} WHERE (name = '%s' OR mail = '%s') AND status = 1", $form_values['name'],$form_values['name']));
     if ($account) {
       // Allow alternate password hashing schemes.
       require_once variable_get('password_inc', './includes/password.inc');