Merge pull request #12901 from owncloud/move-ldap-check-to-manager

Move the Null-Byte LDAP check to the user manager

2 files changed, 3 insertions, 3 deletions

diff --git a/lib/private/user.php b/lib/private/user.php
index 9a2ea3ef74f..17b84d1f93e 100644
--- a/lib/private/user.php
+++ b/lib/private/user.php
@@ -212,9 +212,6 @@ class OC_User {
 	 * Log in a user and regenerate a new session - if the password is ok
 	 */
 	public static function login($loginname, $password) {
-		$loginname = str_replace("\0", '', $loginname);
-		$password = str_replace("\0", '', $password);
-
 		session_regenerate_id(true);
 		$result = self::getUserSession()->login($loginname, $password);
 		if ($result) {
diff --git a/lib/private/user/manager.php b/lib/private/user/manager.php
index 1bc3b51c2ef..2c56ea261d6 100644
--- a/lib/private/user/manager.php
+++ b/lib/private/user/manager.php
@@ -151,6 +151,9 @@ class Manager extends PublicEmitter implements IUserManager {
 	 * @return mixed the User object on success, false otherwise
 	 */
 	public function checkPassword($loginname, $password) {
+		$loginname = str_replace("\0", '', $loginname);
+		$password = str_replace("\0", '', $password);
+		
 		foreach ($this->backends as $backend) {
 			if ($backend->implementsActions(\OC_User_Backend::CHECK_PASSWORD)) {
 				$uid = $backend->checkPassword($loginname, $password);