gunnar: server/kolab-webadmin/kolab-webadmin/www/admin/distributionlist list.php.in, 1.4.4.1, 1.4.4.2
cvs at kolab.org
cvs at kolab.org
Thu Dec 3 22:08:31 CET 2009
Author: gunnar
Update of /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/distributionlist
In directory doto:/tmp/cvs-serv754/kolab-webadmin/www/admin/distributionlist
Modified Files:
Tag: kolab_2_2_branch
list.php.in
Log Message:
kolab/issue3499 (Kolab web admin does not use LDAP escaping)
Index: list.php.in
===================================================================
RCS file: /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/distributionlist/list.php.in,v
retrieving revision 1.4.4.1
retrieving revision 1.4.4.2
diff -u -d -r1.4.4.1 -r1.4.4.2
--- list.php.in 3 Dec 2009 15:49:33 -0000 1.4.4.1
+++ list.php.in 3 Dec 2009 21:08:28 -0000 1.4.4.2
@@ -184,7 +184,7 @@
if ($action == "save") {
if (!$errors) {
- if (!empty($ldap_object['cn'])) $newdn = "cn=".$ldap_object['cn'].",".$dl_root;
+ if (!empty($ldap_object['cn'])) $newdn = "cn=".$ldap->dn_escape($ldap_object['cn']).",".$dl_root;
else $newdn = $dn;
if (strcmp($dn,$newdn) != 0) {
if (($result=ldap_read($ldap->connection,$dn,"(objectclass=*)")) &&
@@ -192,7 +192,7 @@
($oldattrs=ldap_get_attributes($ldap->connection,$entry))) {
// Try to rename the object
- if (!ldap_rename($ldap->connection, $dn, "cn=" . $ldap_object['cn'], $dl_root, true)) {
+ if (!ldap_rename($ldap->connection, $dn, "cn=" . $ldap->dn_escape($ldap_object['cn']), $dl_root, true)) {
array_push($errors, sprintf(_("LDAP Error: could not rename %s to %s: %s"), $dn,
$newdn, ldap_error($ldap->connection)));
}
@@ -226,7 +226,7 @@
// firstsave
if (!$errors) {
if( !$ldap_object['member'] ) unset($ldap_object['member']);
- $dn = "cn=".$ldap_object['cn'].",".$dl_root;
+ $dn = "cn=".$ldap->dn_escape($ldap_object['cn']).",".$dl_root;
if ($dn && !ldap_add($ldap->connection, $dn, $ldap_object)) {
array_push($errors, sprintf( _("LDAP Error: Could not add object %s: %s"), $dn,
ldap_error($ldap->connection)));
More information about the commits
mailing list