diff --git a/webui/model/user/auth.php b/webui/model/user/auth.php index ad492a39..1963565f 100644 --- a/webui/model/user/auth.php +++ b/webui/model/user/auth.php @@ -212,9 +212,7 @@ class ModelUserAuth extends Model { if($ldap_auth->is_bind_ok()) { - $a['dn'] = stripslashes($a['dn']); - $a['dn'] = preg_replace("/\(/", '\(', $a['dn']); - $a['dn'] = preg_replace("/\)/", '\)', $a['dn']); + $a['dn'] = $this->escapeLdapFilter($a['dn']); $query = $ldap->query($ldap_base_dn, "(|(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username_prefix$username))(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=$username_prefix$username)" . ")(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=" . $a['dn'] . ")))", array()); @@ -538,6 +536,42 @@ class ModelUserAuth extends Model { return $rc; } + + /* + * For more explanation, see https://bitbucket.org/jsuto/piler/issues/679/get-mailing-list-members-from-active + * Credits: Thoth + */ + + public function escapeLdapFilter($str = '') { + // The characters that need to be escape. + // + // NOTE: It's important that the slash is the first character replaced. + // Otherwise the slash added by other replacements will then be + // replaced as well, resulted in double-escaping all characters + // replaced before the slashes were replaced. + // + $metaChars = array( + chr(0x5c), // \ + chr(0x2a), // * + chr(0x28), // ( + chr(0x29), // ) + chr(0x00) // NUL + ); + + // Build the list of the escaped versions of those characters. + + $quotedMetaChars = array(); + + foreach ($metaChars as $key => $value) { + $quotedMetaChars[$key] = '\\' . + str_pad(dechex(ord($value)), 2, '0', STR_PAD_LEFT); + } + + // Make all the necessary replacements in the input string and return + // the result. + + return str_replace($metaChars, $quotedMetaChars, $str); + } } ?>