summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-08-10 17:40:41 (GMT)
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-08-10 17:40:41 (GMT)
commit1ee8c3aeb69a5c1328b7f41f154c85bd5d0c1ba8 (patch)
tree881cc93616ba08881b4f25fc8237f77649c65238
parent479f4702d7e5c40b3bae46dd6816f8a0c1fb0e8a (diff)
parent31d013e5bb9250be126d961f2838335bd2bbe0f6 (diff)
downloadkolab-wap-kolab-webadmin-3.0.0.tar.gz
Merge branch 'master' of ssh://git.kolab.org/git/kolab-wapkolab-webadmin-3.0.0
-rw-r--r--lib/Auth/LDAP.php25
1 files changed, 8 insertions, 17 deletions
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 644ee8a..77bf6c0 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -408,12 +408,6 @@ class LDAP
$moz_ldapsearch = "/usr/lib/mozldap/ldapsearch";
}
- $passwd = str_replace(
- array('"', '`'),
- array('\"', '\`'),
- $_SESSION['user']->user_bind_pw
- );
-
$command = array(
$moz_ldapsearch,
'-x',
@@ -422,20 +416,17 @@ class LDAP
'-p',
$this->_ldap_port,
'-b',
- '"' . $entry_dn . '"',
+ escapeshellarg($entry_dn),
'-D',
- '"' . $_SESSION['user']->user_bind_dn . '"',
+ escapeshellarg($_SESSION['user']->user_bind_dn),
'-w',
- '"' . $passwd . '"',
+ escapeshellarg($_SESSION['user']->user_bind_pw),
'-J',
- '"' . implode(
- ':',
- array(
- '1.3.6.1.4.1.42.2.27.9.5.2', // OID
- 'true', // Criticality
- 'dn:' . $_SESSION['user']->user_bind_dn // User DN
- )
- ) . '"',
+ escapeshellarg(implode(':', array(
+ '1.3.6.1.4.1.42.2.27.9.5.2', // OID
+ 'true', // Criticality
+ 'dn:' . $_SESSION['user']->user_bind_dn // User DN
+ ))),
'-s',
'base',
'"(objectclass=*)"',