diff --git a/include/class.auth.php b/include/class.auth.php
index afda9c0e9a2b9610e44a5d363a8b58989fbf5424..1dc5a9ccf8f05172bd081929dfcb4d50c4104fa8 100644
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -1061,7 +1061,7 @@ class AuthTokenAuthentication extends UserAuthenticationBackend {
             if (($ticket = Ticket::lookupByNumber($_GET['t'], $_GET['e']))
                     // Using old ticket auth code algo - hardcoded here because it
                     // will be removed in ticket class in the upcoming rewrite
-                    && !strcasecmp($_GET['a'], md5($ticket->getId() .  $_GET['e'] . SECRET_SALT))
+                    && !strcasecmp($_GET['a'], md5($ticket->getId() .  strtolower($_GET['e']) . SECRET_SALT))
                     && ($owner = $ticket->getOwner()))
                 $user = new ClientSession($owner);
         }