summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/group_ldap.php
diff options
context:
space:
mode:
authorArthur Schiwon <blizzz@owncloud.com>2015-01-29 00:15:55 +0100
committerArthur Schiwon <blizzz@owncloud.com>2015-01-29 00:27:05 +0100
commit73600cfdd80694a9ffa526147d79b231fd85c5b2 (patch)
tree95544293e6d475851c1f82f6eba9e073195c69c7 /apps/user_ldap/group_ldap.php
parent953a88785bf71bcf0763e98934d6d2b503f88402 (diff)
downloadnextcloud-server-73600cfdd80694a9ffa526147d79b231fd85c5b2.tar.gz
nextcloud-server-73600cfdd80694a9ffa526147d79b231fd85c5b2.zip
and escape the search term
Diffstat (limited to 'apps/user_ldap/group_ldap.php')
-rw-r--r--apps/user_ldap/group_ldap.php3
1 files changed, 3 insertions, 0 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index bd56dbd56c4..40d702360fb 100644
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -444,6 +444,7 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
if(!$this->groupExists($gid)) {
return array();
}
+ $search = $this->access->escapeFilterPart($search, true);
$cacheKey = 'usersInGroup-'.$gid.'-'.$search.'-'.$limit.'-'.$offset;
// check for cache of the exact query
$groupUsers = $this->access->connection->getFromCache($cacheKey);
@@ -557,6 +558,7 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
$this->access->connection->writeToCache($cacheKey, $groupUsers);
return $groupUsers;
}
+ $search = $this->access->escapeFilterPart($search, true);
$isMemberUid =
(strtolower($this->access->connection->ldapGroupMemberAssocAttr)
=== 'memberuid');
@@ -663,6 +665,7 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
if(!$this->enabled) {
return array();
}
+ $search = $this->access->escapeFilterPart($search, true);
$pagingSize = $this->access->connection->ldapPagingSize;
if ((! $this->access->connection->hasPagedResultSupport)
|| empty($pagingSize)) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-10 05:06:45 +0000