gunnar: server/kolab-webadmin/kolab-webadmin/www/admin/user user.php.in, 1.28, 1.29
cvs at kolab.org
cvs at kolab.org
Mon Jan 11 10:30:13 CET 2010
Author: gunnar
Update of /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/user
In directory doto:/tmp/cvs-serv970/kolab-webadmin/www/admin/user
Modified Files:
user.php.in
Log Message:
MFB: kolab/issue3499 (Kolab web admin does not use LDAP escaping)
Index: user.php.in
===================================================================
RCS file: /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/user/user.php.in,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- user.php.in 4 Mar 2008 18:12:03 -0000 1.28
+++ user.php.in 11 Jan 2010 09:30:11 -0000 1.29
@@ -613,7 +613,7 @@
if ( !$errors ) {
// Try to rename the object
- if (!ldap_rename($ldap->connection, $dn, "cn=" . $ldap_object['cn'], $domain_dn, true)) {
+ if (!ldap_rename($ldap->connection, $dn, "cn=" . $ldap->dn_escape($ldap_object['cn']), $domain_dn, true)) {
array_push($errors, sprintf(_("LDAP Error: could not rename %s to %s: %s"), $dn,
$newdn, ldap_error($ldap->connection)));
}
@@ -656,7 +656,7 @@
if( $ldap->countMail( $_SESSION['base_dn'], $alias, $dn ) > 0 ) {
// Ups!!!
$alias = $ldap_object['alias'][$i];
- $newalias = md5sum( $dn.$alias ).'@'.substr( $alias, 0, strpos( $alias, '@' ) );
+ $newalias = md5( $dn.$alias ).'@'.substr( $alias, 0, strpos( $alias, '@' ) );
$ldap_object['alias'][$i] = $newalias;
if (!ldap_modify($ldap->connection, $dn, $ldap_object)) {
$errors[] = sprintf(_("LDAP Error: Could not modify object %s: %s"), $dn,
@@ -693,7 +693,7 @@
if( $ldap->countMail( $_SESSION['base_dn'], $ldap_object['mail'], $dn ) > 0 ) {
// Ups!!!
$mail = $ldap_object['mail'];
- $newmail = md5sum( $dn.$mail ).'@'.substr( $mail, 0, strpos( $mail, '@' ) );
+ $newmail = md5( $dn.$mail ).'@'.substr( $mail, 0, strpos( $mail, '@' ) );
$ldap_object['uid'] = $ldap_object['mail'] = $newmail;
if (!ldap_modify($ldap->connection, $dn, $ldap_object)) {
$errors[] = sprintf(_("LDAP Error: Could not modify object %s: %s"), $dn,
@@ -708,7 +708,7 @@
if( $ldap->countMail( $_SESSION['base_dn'], $alias, $dn ) > 0 ) {
// Ups!!!
$alias = $ldap_object['alias'][$i];
- $newalias = md5sum( $dn.$alias ).'@'.substr( $alias, 0, strpos( $alias, '@' ) );
+ $newalias = md5( $dn.$alias ).'@'.substr( $alias, 0, strpos( $alias, '@' ) );
$ldap_object['alias'][$i] = $newalias;
if (!ldap_modify($ldap->connection, $dn, $ldap_object)) {
$errors[] = sprintf(_("LDAP Error: Could not modify object %s: %s"), $dn,
More information about the commits
mailing list