mirror of
https://bitbucket.org/jsuto/piler.git
synced 2024-12-24 19:20:12 +01:00
parent
1d57248db9
commit
23e0d829cb
@ -212,9 +212,7 @@ class ModelUserAuth extends Model {
|
||||
|
||||
if($ldap_auth->is_bind_ok()) {
|
||||
|
||||
$a['dn'] = stripslashes($a['dn']);
|
||||
$a['dn'] = preg_replace("/\(/", '\(', $a['dn']);
|
||||
$a['dn'] = preg_replace("/\)/", '\)', $a['dn']);
|
||||
$a['dn'] = $this->escapeLdapFilter($a['dn']);
|
||||
|
||||
$query = $ldap->query($ldap_base_dn, "(|(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username_prefix$username))(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=$username_prefix$username)" . ")(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=" . $a['dn'] . ")))", array());
|
||||
|
||||
@ -538,6 +536,42 @@ class ModelUserAuth extends Model {
|
||||
return $rc;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* For more explanation, see https://bitbucket.org/jsuto/piler/issues/679/get-mailing-list-members-from-active
|
||||
* Credits: Thoth
|
||||
*/
|
||||
|
||||
public function escapeLdapFilter($str = '') {
|
||||
// The characters that need to be escape.
|
||||
//
|
||||
// NOTE: It's important that the slash is the first character replaced.
|
||||
// Otherwise the slash added by other replacements will then be
|
||||
// replaced as well, resulted in double-escaping all characters
|
||||
// replaced before the slashes were replaced.
|
||||
//
|
||||
$metaChars = array(
|
||||
chr(0x5c), // \
|
||||
chr(0x2a), // *
|
||||
chr(0x28), // (
|
||||
chr(0x29), // )
|
||||
chr(0x00) // NUL
|
||||
);
|
||||
|
||||
// Build the list of the escaped versions of those characters.
|
||||
|
||||
$quotedMetaChars = array();
|
||||
|
||||
foreach ($metaChars as $key => $value) {
|
||||
$quotedMetaChars[$key] = '\\' .
|
||||
str_pad(dechex(ord($value)), 2, '0', STR_PAD_LEFT);
|
||||
}
|
||||
|
||||
// Make all the necessary replacements in the input string and return
|
||||
// the result.
|
||||
|
||||
return str_replace($metaChars, $quotedMetaChars, $str);
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
Loading…
Reference in New Issue
Block a user