gunnar: server/kolab-webadmin/kolab-webadmin/php/admin/include ldap.class.php.in, 1.1.2.2, 1.1.2.3

cvs at kolab.org cvs at kolab.org
Thu Dec 3 21:34:33 CET 2009 

Author: gunnar

Update of /kolabrepository/server/kolab-webadmin/kolab-webadmin/php/admin/include
In directory doto:/tmp/cvs-serv31945/kolab-webadmin/php/admin/include

Modified Files:
      Tag: kolab_2_2_branch
	ldap.class.php.in 
Log Message:
 kolab/issue3499 (Kolab web admin does not use LDAP escaping) - Fixed handling users with a comma in first or last name.

Index: ldap.class.php.in
===================================================================
RCS file: /kolabrepository/server/kolab-webadmin/kolab-webadmin/php/admin/include/ldap.class.php.in,v
retrieving revision 1.1.2.2
retrieving revision 1.1.2.3
diff -u -d -r1.1.2.2 -r1.1.2.3
--- ldap.class.php.in	3 Dec 2009 19:58:11 -0000	1.1.2.2
+++ ldap.class.php.in	3 Dec 2009 20:34:31 -0000	1.1.2.3
@@ -111,6 +111,31 @@
 	return $str;
   }
   
+
+  // Taken from PEAR_Net_LDAP2
+  function unescape_dn_value($val)
+  {
+	  // strip slashes from special chars
+	  $val = str_replace('\\\\', '\\', $val);
+	  $val = str_replace('\,',    ',', $val);
+	  $val = str_replace('\+',    '+', $val);
+	  $val = str_replace('\"',    '"', $val);
+	  $val = str_replace('\<',    '<', $val);
+	  $val = str_replace('\>',    '>', $val);
+	  $val = str_replace('\;',    ';', $val);
+	  $val = str_replace('\#',    '#', $val);
+	  $val = str_replace('\=',    '=', $val);
+
+	  return KolabLDAP::hex2asc($val);
+  }
+
+  // Taken from PEAR_Net_LDAP2
+  function hex2asc($string)
+  {
+	$string = preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $string);
+	return $string;
+  }
+
   function bind( $dn = false , $pw = '' ) {
     if( !$dn ) {
       // Default ldap auth
@@ -368,7 +393,7 @@
 	if( $excludedn ) {
 	  for ( $i = 0; $i < count( $entries ); $i++ ) {
 		if( is_null( $entries[$i] ) ) continue;
-		if( $entries[$i]['dn'] == $excludedn ) continue;	   
+		if( KolabLDAP::unescape_dn_value($entries[$i]['dn']) == KolabLDAP::unescape_dn_value($excludedn) ) continue;	   
 		debug("found ".$entries[$i]['dn'] );
 		$count++;
 	  }

More information about the commits mailing list