diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2012-12-01 00:27:48 +0100 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-12-03 12:55:42 +0100 |
| commit | 4cb760a92402ab3eb8550fb05b05eae800030680 (patch) | |
| tree | afd70606cd6ff40b452b97f86dac0ae1835e65ba /apps/user_ldap | |
| parent | 171e669ddac5bb3c30774735e763768f081cedc5 (diff) | |
| download | nextcloud-server-4cb760a92402ab3eb8550fb05b05eae800030680.tar.gz nextcloud-server-4cb760a92402ab3eb8550fb05b05eae800030680.zip | |
LDAP: ldap_explode_dn escaped too much, fix it by manual replacement. Fixes different problems, esp. with non-ascii characters in the dn (#631)
Diffstat (limited to 'apps/user_ldap')
| -rw-r--r-- | apps/user_ldap/lib/access.php | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 53d4edbe69c..042076fe62e 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -123,10 +123,17 @@ abstract class Access { //escape DN values according to RFC 2253 – this is already done by ldap_explode_dn //to use the DN in search filters, \ needs to be escaped to \5c additionally //to use them in bases, we convert them back to simple backslashes in readAttribute() - $aDN = ldap_explode_dn($dn, false); - unset($aDN['count']); - $dn = implode(',', $aDN); - $dn = str_replace('\\', '\\5c', $dn); + $replacements = array( + '\,' => '\5c2C', + '\=' => '\5c3D', + '\+' => '\5c2B', + '\<' => '\5c3C', + '\>' => '\5c3E', + '\;' => '\5c3B', + '\"' => '\5c22', + '\#' => '\5c23', + ); + $dn = str_replace(array_keys($replacements),array_values($replacements), $dn); return $dn; } |