merge master into webdav-injection

15 files changed, 179 insertions, 86 deletions

diff --git a/apps/user_ldap/js/ldapFilter.js b/apps/user_ldap/js/ldapFilter.js
new file mode 100644
index 00000000000..df3bd67aec2
--- /dev/null
+++ b/apps/user_ldap/js/ldapFilter.js
@@ -0,0 +1,100 @@
+/* global LdapWizard */
+
+function LdapFilter(target)  {
+	this.locked = true;
+	this.target = false;
+	this.mode = LdapWizard.filterModeAssisted;
+	this.lazyRunCompose = false;
+
+	if( target === 'User' ||
+		target === 'Login' ||
+		target === 'Group') {
+		this.target = target;
+		this.determineMode();
+	}
+}
+
+LdapFilter.prototype.compose = function() {
+	var action;
+
+	if(this.locked) {
+		this.lazyRunCompose = true;
+		return false;
+	}
+
+	if(this.target === 'User') {
+		action = 'getUserListFilter';
+	} else if(this.target === 'Login') {
+		action = 'getUserLoginFilter';
+	} else if(this.target === 'Group') {
+		action = 'getGroupFilter';
+	}
+
+	if(!$('#raw'+this.target+'FilterContainer').hasClass('invisible')) {
+		//Raw filter editing, i.e. user defined filter, don't compose
+		return;
+	}
+
+	var param = 'action='+action+
+		'&ldap_serverconfig_chooser='+
+		encodeURIComponent($('#ldap_serverconfig_chooser').val());
+
+	var filter = this;
+
+	LdapWizard.ajax(param,
+		function(result) {
+			LdapWizard.applyChanges(result);
+			if(filter.target === 'User') {
+				LdapWizard.countUsers();
+			} else if(filter.target === 'Group') {
+				LdapWizard.countGroups();
+				LdapWizard.detectGroupMemberAssoc();
+			}
+		},
+		function () {
+			console.log('LDAP Wizard: could not compose filter. '+
+				'Please check owncloud.log');
+		}
+	);
+};
+
+LdapFilter.prototype.determineMode = function() {
+	var param = 'action=get'+encodeURIComponent(this.target)+'FilterMode'+
+		'&ldap_serverconfig_chooser='+
+		encodeURIComponent($('#ldap_serverconfig_chooser').val());
+
+	var filter = this;
+	LdapWizard.ajax(param,
+		function(result) {
+			var property = 'ldap' + filter.target + 'FilterMode';
+			filter.mode = parseInt(result.changes[property], 10);
+			if(filter.mode === LdapWizard.filterModeRaw &&
+				$('#raw'+filter.target+'FilterContainer').hasClass('invisible')) {
+				LdapWizard['toggleRaw'+filter.target+'Filter']();
+			} else if(filter.mode === LdapWizard.filterModeAssisted &&
+				!$('#raw'+filter.target+'FilterContainer').hasClass('invisible')) {
+				LdapWizard['toggleRaw'+filter.target+'Filter']();
+			} else {
+				console.log('LDAP Wizard determineMode: returned mode was »' +
+					filter.mode + '« of type ' + typeof filter.mode);
+			}
+			filter.unlock();
+		},
+		function () {
+			//on error case get back to default i.e. Assisted
+			if(!$('#raw'+filter.target+'FilterContainer').hasClass('invisible')) {
+				LdapWizard['toggleRaw'+filter.target+'Filter']();
+				filter.mode = LdapWizard.filterModeAssisted;
+			}
+			filter.unlock();
+		}
+	);
+};
+
+LdapFilter.prototype.unlock = function() {
+	this.locked = false;
+	if(this.lazyRunCompose) {
+		this.lazyRunCompose = false;
+		this.compose();
+	}
+};
diff --git a/apps/user_ldap/js/settings.js b/apps/user_ldap/js/settings.js
index 792638f2b58..fca2dc13d15 100644
--- a/apps/user_ldap/js/settings.js
+++ b/apps/user_ldap/js/settings.js
@@ -14,7 +14,7 @@ var LdapConfiguration = {
 
 						//deal with Checkboxes
 						if($(elementID).is('input[type=checkbox]')) {
-							if(parseInt(configvalue) === 1) {
+							if(parseInt(configvalue, 10) === 1) {
 								$(elementID).attr('checked', 'checked');
 							} else {
 								$(elementID).removeAttr('checked');
@@ -145,6 +145,9 @@ var LdapWizard = {
 	spinner: '<img class="wizSpinner" src="'+ OC.imagePath('core', 'loading.gif') +'">',
 	filterModeAssisted: 0,
 	filterModeRaw: 1,
+	userFilter: false,
+	loginFilter: false,
+	groupFilter: false,
 
 	ajax: function(param, fnOnSuccess, fnOnError) {
 		$.post(
@@ -276,41 +279,6 @@ var LdapWizard = {
 		}
 	},
 
-	composeFilter: function(type) {
-		subject = type.charAt(0).toUpperCase() + type.substr(1);
-		if(!$('#raw'+subject+'FilterContainer').hasClass('invisible')) {
-			//Raw filter editing, i.e. user defined filter, don't compose
-			return;
-		}
-
-		if(type == 'user') {
-			action = 'getUserListFilter';
-		} else if(type == 'login') {
-			action = 'getUserLoginFilter';
-		} else if(type == 'group') {
-			action = 'getGroupFilter';
-		}
-
-		param = 'action='+action+
-				'&ldap_serverconfig_chooser='+
-				encodeURIComponent($('#ldap_serverconfig_chooser').val());
-
-		LdapWizard.ajax(param,
-			function(result) {
-				LdapWizard.applyChanges(result);
-				if(type == 'user') {
-					LdapWizard.countUsers();
-				} else if(type == 'group') {
-					LdapWizard.countGroups();
-					LdapWizard.detectGroupMemberAssoc();
-				}
-			},
-			function (result) {
-				// error handling
-			}
-		);
-	},
-
 	controlBack: function() {
 		curTabIndex = $('#ldapSettings').tabs('option', 'active');
 		if(curTabIndex == 0) {
@@ -510,7 +478,7 @@ var LdapWizard = {
 	},
 
 	functionalityCheck: function() {
-		//criterias to enable the connection:
+		//criteria to enable the connection:
 		// - host, port, basedn, user filter, login filter
 		host        = $('#ldap_host').val();
 		port        = $('#ldap_port').val();
@@ -560,7 +528,7 @@ var LdapWizard = {
 	},
 
 	initGroupFilter: function() {
-		LdapWizard.regardFilterMode('Group');
+		LdapWizard.groupFilter = new LdapFilter('Group');
 		LdapWizard.findObjectClasses('ldap_groupfilter_objectclass', 'Group');
 		LdapWizard.findAvailableGroups('ldap_groupfilter_groups', 'Groups');
 		LdapWizard.countGroups();
@@ -569,13 +537,13 @@ var LdapWizard = {
 	/** init login filter tab section **/
 
 	initLoginFilter: function() {
-		LdapWizard.regardFilterMode('Login');
+		LdapWizard.loginFilter = new LdapFilter('Login');
 		LdapWizard.findAttributes();
 	},
 
 	postInitLoginFilter: function() {
 		if($('#rawLoginFilterContainer').hasClass('invisible')) {
-			LdapWizard.composeFilter('login');
+			LdapWizard.loginFilter.compose();
 		}
 	},
 
@@ -588,7 +556,7 @@ var LdapWizard = {
 			noneSelectedText: caption,
 			click: function(event, ui) {
 				LdapWizard.saveMultiSelect(id,
-										   $('#'+id).multiselect("getChecked"));
+										$('#'+id).multiselect("getChecked"));
 			}
 		});
 	},
@@ -601,15 +569,15 @@ var LdapWizard = {
 	initUserFilter: function() {
 		LdapWizard.userFilterObjectClassesHasRun = false;
 		LdapWizard.userFilterAvailableGroupsHasRun = false;
-		LdapWizard.regardFilterMode('User');
+		LdapWizard.userFilter = new LdapFilter('User');
 		LdapWizard.findObjectClasses('ldap_userfilter_objectclass', 'User');
 		LdapWizard.findAvailableGroups('ldap_userfilter_groups', 'Users');
 	},
 
 	postInitUserFilter: function() {
-		if(LdapWizard.userFilterObjectClassesHasRun
-		   && LdapWizard.userFilterAvailableGroupsHasRun) {
-			LdapWizard.composeFilter('user');
+		if(LdapWizard.userFilterObjectClassesHasRun &&
+			LdapWizard.userFilterAvailableGroupsHasRun) {
+			LdapWizard.userFilter.compose();
 			LdapWizard.countUsers();
 		}
 	},
@@ -658,7 +626,7 @@ var LdapWizard = {
 
 		if(triggerObj.id == 'ldap_loginfilter_username'
 		   || triggerObj.id == 'ldap_loginfilter_email') {
-			LdapWizard.composeFilter('login');
+			LdapWizard.loginFilter.compose();
 		}
 
 		if($('#ldapSettings').tabs('option', 'active') == 0) {
@@ -667,32 +635,6 @@ var LdapWizard = {
 		}
 	},
 
-	regardFilterMode: function(subject) {
-		param = 'action=get'+encodeURIComponent(subject)+'FilterMode'+
-				'&ldap_serverconfig_chooser='+
-				encodeURIComponent($('#ldap_serverconfig_chooser').val());
-
-		LdapWizard.ajax(param,
-			function(result) {
-				property = 'ldap' + subject + 'FilterMode';
-				mode = result.changes[property];
-				if(mode == LdapWizard.filterModeRaw
-					&& $('#raw'+subject+'FilterContainer').hasClass('invisible')) {
-					LdapWizard['toggleRaw'+subject+'Filter']();
-				} else if(mode == LdapWizard.filterModeAssisted
-					&& !$('#raw'+subject+'FilterContainer').hasClass('invisible')) {
-					LdapWizard['toggleRaw'+subject+'Filter']();
-				}
-			},
-			function (result) {
-				//on error case get back to default i.e. Assisted
-				if(!$('#raw'+subject+'FilterContainer').hasClass('invisible')) {
-					LdapWizard['toggleRaw'+subject+'Filter']();
-				}
-			}
-		);
-	},
-
 	save: function(inputObj) {
 		if(LdapWizard.blacklistRemove(inputObj.id)) {
 			return;
@@ -714,15 +656,15 @@ var LdapWizard = {
 		LdapWizard._save($('#'+originalObj)[0], $.trim(values));
 		if(originalObj == 'ldap_userfilter_objectclass'
 		   || originalObj == 'ldap_userfilter_groups') {
-			LdapWizard.composeFilter('user');
+			LdapWizard.userFilter.compose();
 			//when user filter is changed afterwards, login filter needs to
 			//be adjusted, too
-			LdapWizard.composeFilter('login');
+			LdapWizard.loginFilter.compose();
 		} else if(originalObj == 'ldap_loginfilter_attributes') {
-			LdapWizard.composeFilter('login');
+			LdapWizard.loginFilter.compose();
 		} else if(originalObj == 'ldap_groupfilter_objectclass'
 		   || originalObj == 'ldap_groupfilter_groups') {
-			LdapWizard.composeFilter('group');
+			LdapWizard.groupFilter.compose();
 		}
 	},
 
@@ -778,10 +720,10 @@ var LdapWizard = {
 			LdapWizard._save({ id: modeKey }, LdapWizard.filterModeAssisted);
 			if(moc.indexOf('user') >= 0) {
 				LdapWizard.blacklistRemove('ldap_userlist_filter');
-				LdapWizard.composeFilter('user');
+				LdapWizard.userFilter.compose();
 			} else {
 				LdapWizard.blacklistRemove('ldap_group_filter');
-				LdapWizard.composeFilter('group');
+				LdapWizard.groupFilter.compose();
 			}
 		}
 	},
@@ -815,7 +757,7 @@ var LdapWizard = {
 		$('#ldap_loginfilter_username').prop('disabled', property);
 		LdapWizard._save({ id: 'ldapLoginFilterMode' }, mode);
 		if(action == 'enable') {
-			LdapWizard.composeFilter('login');
+			LdapWizard.loginFilter.compose();
 		}
 	},
 
diff --git a/apps/user_ldap/l10n/af_ZA.php b/apps/user_ldap/l10n/af_ZA.php
index 130e471e0e4..483a30b8e48 100644
--- a/apps/user_ldap/l10n/af_ZA.php
+++ b/apps/user_ldap/l10n/af_ZA.php
@@ -3,6 +3,7 @@ $TRANSLATIONS = array(
 "_%s group found_::_%s groups found_" => array("",""),
 "_%s user found_::_%s users found_" => array("",""),
 "Help" => "Hulp",
-"Password" => "Wagwoord"
+"Password" => "Wagwoord",
+"Continue" => "Gaan voort"
 );
 $PLURAL_FORMS = "nplurals=2; plural=(n != 1);";
diff --git a/apps/user_ldap/l10n/en_GB.php b/apps/user_ldap/l10n/en_GB.php
index 6dfc3e53f0c..cb0ac1a5497 100644
--- a/apps/user_ldap/l10n/en_GB.php
+++ b/apps/user_ldap/l10n/en_GB.php
@@ -70,6 +70,7 @@ $TRANSLATIONS = array(
 "Backup (Replica) Port" => "Backup (Replica) Port",
 "Disable Main Server" => "Disable Main Server",
 "Only connect to the replica server." => "Only connect to the replica server.",
+"Case insensitive LDAP server (Windows)" => "Case insensitive LDAP server (Windows)",
 "Turn off SSL certificate validation." => "Turn off SSL certificate validation.",
 "Not recommended, use it for testing only! If connection only works with this option, import the LDAP server's SSL certificate in your %s server." => "Not recommended, use it for testing only! If connection only works with this option, import the LDAP server's SSL certificate in your %s server.",
 "Cache Time-To-Live" => "Cache Time-To-Live",
diff --git a/apps/user_ldap/l10n/es.php b/apps/user_ldap/l10n/es.php
index 2c294aff785..bb1c9acb2ab 100644
--- a/apps/user_ldap/l10n/es.php
+++ b/apps/user_ldap/l10n/es.php
@@ -90,6 +90,8 @@ $TRANSLATIONS = array(
 "Group-Member association" => "Asociación Grupo-Miembro",
 "Nested Groups" => "Grupos anidados",
 "When switched on, groups that contain groups are supported. (Only works if the group member attribute contains DNs.)" => "Cuando se active, se permitirán grupos que contenga otros grupos (solo funciona si el atributo de miembro de grupo contiene DNs).",
+"Paging chunksize" => "Tamaño de los fragmentos de paginación",
+"Chunksize used for paged LDAP searches that may return bulky results like user or group enumeration. (Setting it 0 disables paged LDAP searches in those situations.)" => "Tamaño de los fragmentos usado para búsquedas LDAP paginadas que pueden devolver resultados voluminosos, como enumeración de usuarios o de grupos. (Si se establece en 0, se deshabilitan las búsquedas LDAP paginadas en esas situaciones.)",
 "Special Attributes" => "Atributos especiales",
 "Quota Field" => "Cuota",
 "Quota Default" => "Cuota por defecto",
diff --git a/apps/user_ldap/l10n/es_AR.php b/apps/user_ldap/l10n/es_AR.php
index 877141bcdc8..4a8047c6d91 100644
--- a/apps/user_ldap/l10n/es_AR.php
+++ b/apps/user_ldap/l10n/es_AR.php
@@ -33,12 +33,14 @@ $TRANSLATIONS = array(
 "Save" => "Guardar",
 "Test Configuration" => "Probar configuración",
 "Help" => "Ayuda",
+"Groups meeting these criteria are available in %s:" => "Los grupos que cumplen con estos criterios están disponibles en %s:",
 "only those object classes:" => "solo estos objetos de clases:",
 "only from those groups:" => "solo provenientes de estos grupos:",
 "Edit raw filter instead" => "Editar filtro en bruto",
 "Raw LDAP filter" => "Filtro LDAP en bruto",
 "The filter specifies which LDAP groups shall have access to the %s instance." => "El filtro especifica qué grupos LDAP deben tener acceso a la instancia %s.",
 "groups found" => "grupos encontrados",
+"Users login with this attribute:" => "Los usuarios inician sesión con este atributo:",
 "LDAP Username:" => "Nombre de usuario LDAP:",
 "LDAP Email Address:" => "Correo electrónico LDAP:",
 "Other Attributes:" => "Otros atributos:",
@@ -53,6 +55,7 @@ $TRANSLATIONS = array(
 "For anonymous access, leave DN and Password empty." => "Para acceso anónimo, dejá DN y contraseña vacíos.",
 "One Base DN per line" => "Una DN base por línea",
 "You can specify Base DN for users and groups in the Advanced tab" => "Podés especificar el DN base para usuarios y grupos en la pestaña \"Avanzado\"",
+"Limit %s access to users meeting these criteria:" => "Limitar acceso %s a los usuarios que cumplen con este criterio:",
 "The filter specifies which LDAP users shall have access to the %s instance." => "El filtro especifica cuáles usuarios LDAP deben tener acceso a la instancia %s.",
 "users found" => "usuarios encontrados",
 "Back" => "Volver",
@@ -67,6 +70,7 @@ $TRANSLATIONS = array(
 "Backup (Replica) Port" => "Puerto para copia de seguridad (réplica)",
 "Disable Main Server" => "Deshabilitar el Servidor Principal",
 "Only connect to the replica server." => "Conectarse únicamente al servidor de réplica.",
+"Case insensitive LDAP server (Windows)" => "Servidor de LDAP insensible a mayúsculas/minúsculas (Windows)",
 "Turn off SSL certificate validation." => "Desactivar la validación por certificado SSL.",
 "Not recommended, use it for testing only! If connection only works with this option, import the LDAP server's SSL certificate in your %s server." => "No es recomendado, ¡Usalo solamente para pruebas! Si la conexión únicamente funciona con esta opción, importá el certificado SSL del servidor LDAP en tu servidor %s.",
 "Cache Time-To-Live" => "Tiempo de vida del caché",
@@ -84,6 +88,9 @@ $TRANSLATIONS = array(
 "One Group Base DN per line" => "Una DN base de grupo por línea",
 "Group Search Attributes" => "Atributos de búsqueda de grupo",
 "Group-Member association" => "Asociación Grupo-Miembro",
+"Nested Groups" => "Grupos Anidados",
+"When switched on, groups that contain groups are supported. (Only works if the group member attribute contains DNs.)" => "Cuando se activa, grupos que contienen grupos son soportados. (Solo funciona si el atributo de miembro del grupo contiene DNs)",
+"Paging chunksize" => "Tamaño del fragmento de paginación",
 "Special Attributes" => "Atributos Especiales",
 "Quota Field" => "Campo de cuota",
 "Quota Default" => "Cuota por defecto",
diff --git a/apps/user_ldap/l10n/es_CR.php b/apps/user_ldap/l10n/es_CR.php
new file mode 100644
index 00000000000..3a1e002311c
--- /dev/null
+++ b/apps/user_ldap/l10n/es_CR.php
@@ -0,0 +1,6 @@
+<?php
+$TRANSLATIONS = array(
+"_%s group found_::_%s groups found_" => array("",""),
+"_%s user found_::_%s users found_" => array("","")
+);
+$PLURAL_FORMS = "nplurals=2; plural=(n != 1);";
diff --git a/apps/user_ldap/l10n/et_EE.php b/apps/user_ldap/l10n/et_EE.php
index f52449bda8b..11941bf4ac9 100644
--- a/apps/user_ldap/l10n/et_EE.php
+++ b/apps/user_ldap/l10n/et_EE.php
@@ -70,6 +70,7 @@ $TRANSLATIONS = array(
 "Backup (Replica) Port" => "Varuserveri (replika) port",
 "Disable Main Server" => "Ära kasuta peaserverit",
 "Only connect to the replica server." => "Ühendu ainult replitseeriva serveriga.",
+"Case insensitive LDAP server (Windows)" => "Tõusutundetu LDAP server (Windows)",
 "Turn off SSL certificate validation." => "Lülita SSL sertifikaadi kontrollimine välja.",
 "Not recommended, use it for testing only! If connection only works with this option, import the LDAP server's SSL certificate in your %s server." => "Pole soovitatav, kasuta seda ainult testimiseks! Kui ühendus toimib ainult selle valikuga, siis impordi LDAP serveri SSL sertifikaat oma %s serverisse.",
 "Cache Time-To-Live" => "Puhvri iga",
diff --git a/apps/user_ldap/l10n/ia.php b/apps/user_ldap/l10n/ia.php
index e138fd835f1..b29ecbb1d24 100644
--- a/apps/user_ldap/l10n/ia.php
+++ b/apps/user_ldap/l10n/ia.php
@@ -7,6 +7,7 @@ $TRANSLATIONS = array(
 "Save" => "Salveguardar",
 "Help" => "Adjuta",
 "Password" => "Contrasigno",
-"Back" => "Retro"
+"Back" => "Retro",
+"Continue" => "Continuar"
 );
 $PLURAL_FORMS = "nplurals=2; plural=(n != 1);";
diff --git a/apps/user_ldap/l10n/or_IN.php b/apps/user_ldap/l10n/or_IN.php
new file mode 100644
index 00000000000..3a1e002311c
--- /dev/null
+++ b/apps/user_ldap/l10n/or_IN.php
@@ -0,0 +1,6 @@
+<?php
+$TRANSLATIONS = array(
+"_%s group found_::_%s groups found_" => array("",""),
+"_%s user found_::_%s users found_" => array("","")
+);
+$PLURAL_FORMS = "nplurals=2; plural=(n != 1);";
diff --git a/apps/user_ldap/l10n/sk_SK.php b/apps/user_ldap/l10n/sk_SK.php
index edda4244336..3c6b51824f4 100644
--- a/apps/user_ldap/l10n/sk_SK.php
+++ b/apps/user_ldap/l10n/sk_SK.php
@@ -33,12 +33,14 @@ $TRANSLATIONS = array(
 "Save" => "Uložiť",
 "Test Configuration" => "Test nastavenia",
 "Help" => "Pomoc",
+"Groups meeting these criteria are available in %s:" => "Skupiny spĺňajúce tieto kritériá sú k dispozícii v %s:",
 "only those object classes:" => "len tieto triedy objektov:",
 "only from those groups:" => "len z týchto skupín:",
 "Edit raw filter instead" => "Miesto pre úpravu raw filtra",
 "Raw LDAP filter" => "Raw LDAP filter",
 "The filter specifies which LDAP groups shall have access to the %s instance." => "Tento filter LDAP určuje, ktoré skupiny budú mať prístup k %s inštancii.",
 "groups found" => "nájdené skupiny",
+"Users login with this attribute:" => "Používateľov prihlásiť pomocou tohto atribútu:",
 "LDAP Username:" => "LDAP používateľské meno:",
 "LDAP Email Address:" => "LDAP emailová adresa:",
 "Other Attributes:" => "Iné atribúty:",
@@ -53,6 +55,7 @@ $TRANSLATIONS = array(
 "For anonymous access, leave DN and Password empty." => "Pre anonymný prístup ponechajte údaje DN a Heslo prázdne.",
 "One Base DN per line" => "Jedno základné DN na riadok",
 "You can specify Base DN for users and groups in the Advanced tab" => "V rozšírenom nastavení môžete zadať základné DN pre používateľov a skupiny",
+"Limit %s access to users meeting these criteria:" => "Obmedziť %s prístup na používateľov spĺňajúcich tieto kritériá:",
 "The filter specifies which LDAP users shall have access to the %s instance." => "Tento filter LDAP určuje, ktorí používatelia majú prístup k %s inštancii.",
 "users found" => "nájdení používatelia",
 "Back" => "Späť",
@@ -67,6 +70,7 @@ $TRANSLATIONS = array(
 "Backup (Replica) Port" => "Záložný server (kópia) port",
 "Disable Main Server" => "Zakázať hlavný server",
 "Only connect to the replica server." => "Pripojiť sa len k záložnému serveru.",
+"Case insensitive LDAP server (Windows)" => "LDAP server je citlivý na veľkosť písmen (Windows)",
 "Turn off SSL certificate validation." => "Vypnúť overovanie SSL certifikátu.",
 "Not recommended, use it for testing only! If connection only works with this option, import the LDAP server's SSL certificate in your %s server." => "Neodporúčané, použite iba pri testovaní! Pokiaľ spojenie funguje iba z daným nastavením, importujte SSL certifikát LDAP servera do vášho %s servera.",
 "Cache Time-To-Live" => "Životnosť objektov vo vyrovnávacej pamäti",
@@ -84,6 +88,7 @@ $TRANSLATIONS = array(
 "One Group Base DN per line" => "Jedna skupinová základná DN na riadok",
 "Group Search Attributes" => "Atribúty vyhľadávania skupín",
 "Group-Member association" => "Priradenie člena skupiny",
+"Nested Groups" => "Vnorené skupiny",
 "Special Attributes" => "Špeciálne atribúty",
 "Quota Field" => "Pole kvóty",
 "Quota Default" => "Predvolená kvóta",
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 8d622dcb794..712407505fb 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -63,7 +63,6 @@ class Access extends LDAPUtility {
 			return false;
 		}
 		//all or nothing! otherwise we get in trouble with.
-		$this->initPagedSearch($filter, array($dn), $attr, 99999, 0);
 		$dn = $this->DNasBaseParameter($dn);
 		$rr = @$this->ldap->read($cr, $dn, $filter, array($attr));
 		if(!$this->ldap->isResource($rr)) {
@@ -434,6 +433,11 @@ class Access extends LDAPUtility {
 			$ocname = $this->dn2ocname($ldapObject['dn'], $nameByLDAP, $isUsers);
 			if($ocname) {
 				$ownCloudNames[] = $ocname;
+				if($isUsers) {
+					//cache the user names so it does not need to be retrieved
+					//again later (e.g. sharing dialogue).
+					$this->cacheUserDisplayName($ocname, $nameByLDAP);
+				}
 			}
 			continue;
 		}
@@ -441,6 +445,16 @@ class Access extends LDAPUtility {
 	}
 
 	/**
+	 * @brief caches the user display name
+	 * @param string the internal owncloud username
+	 * @param string the display name
+	 */
+	public function cacheUserDisplayName($ocname, $displayName) {
+		$cacheKeyTrunk = 'getDisplayName';
+		$this->connection->writeToCache($cacheKeyTrunk.$ocname, $displayName);
+	}
+
+	/**
 	 * @brief creates a unique name for internal ownCloud use for users. Don't call it directly.
 	 * @param $name the display name of the object
 	 * @returns string with with the name to use in ownCloud or false if unsuccessful
@@ -707,6 +721,9 @@ class Access extends LDAPUtility {
 		$linkResources = array_pad(array(), count($base), $cr);
 		$sr = $this->ldap->search($linkResources, $base, $filter, $attr);
 		$error = $this->ldap->errno($cr);
+		if ($pagedSearchOK) {
+			$this->ldap->controlPagedResult($cr, 999999, false, "");
+		}
 		if(!is_array($sr) || $error !== 0) {
 			\OCP\Util::writeLog('user_ldap',
 				'Error when searching: '.$this->ldap->error($cr).
@@ -1261,9 +1278,9 @@ class Access extends LDAPUtility {
 		if($this->connection->hasPagedResultSupport && !is_null($limit)) {
 			$offset = intval($offset); //can be null
 			\OCP\Util::writeLog('user_ldap',
-				'initializing paged search for  Filter'.$filter.' base '.print_r($bases, true)
+				'initializing paged search for  Filter '.$filter.' base '.print_r($bases, true)
 				.' attr '.print_r($attr, true). ' limit ' .$limit.' offset '.$offset,
-				\OCP\Util::INFO);
+				\OCP\Util::DEBUG);
 			//get the cookie from the search for the previous search, required by LDAP
 			foreach($bases as $base) {
 
@@ -1285,7 +1302,7 @@ class Access extends LDAPUtility {
 				}
 				if(!is_null($cookie)) {
 					if($offset > 0) {
-						\OCP\Util::writeLog('user_ldap', 'Cookie '.$cookie, \OCP\Util::INFO);
+						\OCP\Util::writeLog('user_ldap', 'Cookie '.CRC32($cookie), \OCP\Util::INFO);
 					}
 					$pagedSearchOK = $this->ldap->controlPagedResult(
 						$this->connection->getConnectionResource(), $limit,
diff --git a/apps/user_ldap/lib/ldap.php b/apps/user_ldap/lib/ldap.php
index de9b7481c19..d1ca91045b2 100644
--- a/apps/user_ldap/lib/ldap.php
+++ b/apps/user_ldap/lib/ldap.php
@@ -139,7 +139,9 @@ class LDAP implements ILDAPWrapper {
 		if(function_exists($func)) {
 			$this->preFunctionCall($func, $arguments);
 			$result = call_user_func_array($func, $arguments);
-			$this->postFunctionCall();
+			if ($result === FALSE) {
+				$this->postFunctionCall();
+			}
 			return $result;
 		}
 	}
diff --git a/apps/user_ldap/lib/wizard.php b/apps/user_ldap/lib/wizard.php
index 8ddee8c760c..8406b2d42a5 100644
--- a/apps/user_ldap/lib/wizard.php
+++ b/apps/user_ldap/lib/wizard.php
@@ -799,6 +799,7 @@ class Wizard extends LDAPUtility {
 		\OCP\Util::writeLog('user_ldap', 'Wiz: Setting LDAP Options ', \OCP\Util::DEBUG);
 		//set LDAP options
 		$this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3);
+		$this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0);
 		$this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT);
 		if($tls) {
 			$isTlsWorking = @$this->ldap->startTls($cr);
diff --git a/apps/user_ldap/settings.php b/apps/user_ldap/settings.php
index d077eafdde9..6b7d8e6f53e 100644
--- a/apps/user_ldap/settings.php
+++ b/apps/user_ldap/settings.php
@@ -25,6 +25,7 @@
 
 OC_Util::checkAdminUser();
 
+OCP\Util::addScript('user_ldap', 'ldapFilter');
 OCP\Util::addScript('user_ldap', 'settings');
 OCP\Util::addScript('core', 'jquery.multiselect');
 OCP\Util::addStyle('user_ldap', 'settings');