LDAP: ldap_explode_dn escaped too much, fix it by manual replacement. Fixes different...

author Arthur Schiwon <blizzz@owncloud.com>

Fri, 30 Nov 2012 23:27:48 +0000 (00:27 +0100)

committer Arthur Schiwon <blizzz@owncloud.com>

Mon, 3 Dec 2012 11:55:42 +0000 (12:55 +0100)
author Arthur Schiwon <blizzz@owncloud.com>
Fri, 30 Nov 2012 23:27:48 +0000 (00:27 +0100)
committer Arthur Schiwon <blizzz@owncloud.com>
Mon, 3 Dec 2012 11:55:42 +0000 (12:55 +0100)
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php

index 53d4edbe69cce5cd7829279143d857de6fe85cb6..042076fe62e881917a5cb0989e835531594f8f2c 100644 (file)
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -123,10 +123,17 @@ abstract class Access {
                 //escape DN values according to RFC 2253 – this is already done by ldap_explode_dn
                 //to use the DN in search filters, \ needs to be escaped to \5c additionally
                 //to use them in bases, we convert them back to simple backslashes in readAttribute()
-               $aDN = ldap_explode_dn($dn, false);
-               unset($aDN['count']);
-               $dn = implode(',', $aDN);
-               $dn = str_replace('\\', '\\5c', $dn);
+               $replacements = array(
+                       '\,' => '\5c2C',
+                       '\=' => '\5c3D',
+                       '\+' => '\5c2B',
+                       '\<' => '\5c3C',
+                       '\>' => '\5c3E',
+                       '\;' => '\5c3B',
+                       '\"' => '\5c22',
+                       '\#' => '\5c23',
+               );
+               $dn = str_replace(array_keys($replacements),array_values($replacements), $dn);
  
                 return $dn;
         }
author	Arthur Schiwon <blizzz@owncloud.com>
	Fri, 30 Nov 2012 23:27:48 +0000 (00:27 +0100)
committer	Arthur Schiwon <blizzz@owncloud.com>
	Mon, 3 Dec 2012 11:55:42 +0000 (12:55 +0100)