diff options
| author | Michael Große <grosse@cosmocode.de> | 2015-03-12 16:57:13 +0100 |
|---|---|---|
| committer | Michael Große <grosse@cosmocode.de> | 2015-03-12 16:57:13 +0100 |
| commit | 07aec0297354ce1a2bb273def8173ff0a524f852 (patch) | |
| tree | 65f07892ce7361563137978f2ad6e5bc4aadda3a /lib/plugins/authad/auth.php | |
| parent | 7910cbbbce7fd803f3ee4f458d5426eac51bfd89 (diff) | |
| download | rpg-07aec0297354ce1a2bb273def8173ff0a524f852.tar.gz rpg-07aec0297354ce1a2bb273def8173ff0a524f852.tar.bz2 | |
Escape user strings given to adLDAP
Diffstat (limited to 'lib/plugins/authad/auth.php')
| -rw-r--r-- | lib/plugins/authad/auth.php | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/plugins/authad/auth.php b/lib/plugins/authad/auth.php index 321a60f24..400a5efee 100644 --- a/lib/plugins/authad/auth.php +++ b/lib/plugins/authad/auth.php @@ -3,6 +3,7 @@ if(!defined('DOKU_INC')) die(); require_once(DOKU_PLUGIN.'authad/adLDAP/adLDAP.php'); +require_once(DOKU_PLUGIN.'authad/adLDAP/classes/adLDAPUtils.php'); /** * Active Directory authentication backend for DokuWiki @@ -340,19 +341,20 @@ class auth_plugin_authad extends DokuWiki_Auth_Plugin { if (!$filter){ return '*'; } + $adldapUtils = new adLDAPUtils($this->_adldap(null)); $result = '*'; if (isset($filter['name'])) { - $result .= ')(displayname=*' . $filter['name'] . '*'; + $result .= ')(displayname=*' . $adldapUtils->ldapSlashes($filter['name']) . '*'; unset($filter['name']); } if (isset($filter['user'])) { - $result .= ')(samAccountName=*' . $filter['user'] . '*'; + $result .= ')(samAccountName=*' . $adldapUtils->ldapSlashes($filter['user']) . '*'; unset($filter['user']); } if (isset($filter['mail'])) { - $result .= ')(mail=*' . $filter['mail'] . '*'; + $result .= ')(mail=*' . $adldapUtils->ldapSlashes($filter['mail']) . '*'; unset($filter['mail']); } return $result; |