gunnar: server/kolab-webadmin/kolab-webadmin/www/admin/domainmaintainer domainmaintainer.php.in, 1.15, 1.16
cvs at kolab.org
cvs at kolab.org
Mon Jan 11 10:30:13 CET 2010
Author: gunnar
Update of /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/domainmaintainer
In directory doto:/tmp/cvs-serv970/kolab-webadmin/www/admin/domainmaintainer
Modified Files:
domainmaintainer.php.in
Log Message:
MFB: kolab/issue3499 (Kolab web admin does not use LDAP escaping)
Index: domainmaintainer.php.in
===================================================================
RCS file: /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/domainmaintainer/domainmaintainer.php.in,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- domainmaintainer.php.in 21 Nov 2007 18:11:37 -0000 1.15
+++ domainmaintainer.php.in 11 Jan 2010 09:30:11 -0000 1.16
@@ -181,7 +181,7 @@
if ($action == "save") {
if (!$errors) {
- if (!empty($ldap_object['cn'])) $newdn = "cn=".$ldap_object['cn'].",cn=internal,".$domain_dn;
+ if (!empty($ldap_object['cn'])) $newdn = "cn=".$ldap->dn_escape($ldap_object['cn']).",cn=internal,".$domain_dn;
else $newdn = $dn;
if (!$visible && !strstr($newdn,$dn_add)) {
list($cn,$rest) = split(',', $newdn, 2);
@@ -196,7 +196,7 @@
$ldap_object['userPassword'] = $oldattrs['userPassword'][0];
// Try to rename the object
- if (!ldap_rename($ldap->connection, $dn, "cn=" . $ldap_object['cn'], "cn=internal,".$domain_dn, true)) {
+ if (!ldap_rename($ldap->connection, $dn, "cn=" . $ldap->dn_escape($ldap_object['cn']), "cn=internal,".$domain_dn, true)) {
array_push($errors, sprintf(_("LDAP Error: could not rename %s to %s: %s"), $dn,
$newdn, ldap_error($ldap->connection)));
}
@@ -255,7 +255,7 @@
} else {
// firstsave
if (!$errors) {
- $dn = "cn=".$ldap_object['cn'].",cn=internal,".$domain_dn;
+ $dn = "cn=".$ldap->dn_escape($ldap_object['cn']).",cn=internal,".$domain_dn;
debug("Calling ldap_add with dn=$dn");
if ($dn && !ldap_add($ldap->connection, $dn, $ldap_object))
array_push($errors, sprintf(_("LDAP Error: could not add object %s: %s"), $dn,
More information about the commits
mailing list