[Kolab-devel] [issue242] Bug in escape function in ldap.class.php
Bernhard Herzog
kolab-issues at intevation.de
Wed Jul 14 18:04:00 CEST 2004
New submission from Bernhard Herzog <bh at intevation.de>:
While looking through the code a bit I noticed a bug in the escape function in
kolab-webadmin/kolab-webadmin/php/admin/include/ldap.class.php. The function
backslas escapes some characters in a string like this:
$str = str_replace( '*', '\\2a', $str );
$str = str_replace( '(', '\\28', $str );
$str = str_replace( ')', '\\29', $str );
$str = str_replace( '\\', '\\5c', $str );
$str = str_replace( '\0', '\\00', $str );
AFAICT, this would mean that '*' is transformed to '\\5c2a' instead of the
intended '\\2a'.
----------
assignedto: steffen
messages: 874
nosy: bh, steffen
priority: bug
status: unread
title: Bug in escape function in ldap.class.php
topic: server
________________________________________________
Kolab issue tracker <kolab-issues at intevation.de>
<https://intevation.de/roundup/kolab/issue242>
________________________________________________
More information about the devel
mailing list