diff options
| -rw-r--r-- | inc/auth/ldap.class.php | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/inc/auth/ldap.class.php b/inc/auth/ldap.class.php index bc59411d8..765ed7c72 100644 --- a/inc/auth/ldap.class.php +++ b/inc/auth/ldap.class.php @@ -261,12 +261,26 @@ class auth_ldap extends auth_basic { } else { $value = $placeholders[$match]; } + $value = $this->_filterEscape($value); $filter = str_replace('%{'.$match.'}', $value, $filter); } return $filter; } /** + * Escape a string to be used in a LDAP filter + * + * Ported from Perl's Net::LDAP::Util escape_filter_value + * + * @author Andreas Gohr + */ + function _filterEscape($string){ + return preg_replace('/([\x00-\x1F\*\(\)\\\\])/e', + '"\\\\\".join("",unpack("H2","$1"))', + $string); + } + + /** * Opens a connection to the configured LDAP server and sets the wanted * option on the connection * |