diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 34cad9cf43..35b9f3726e 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -56,7 +56,7 @@ abstract class Access { return false; } //Slashes should only be escaped in filters, not bases. - $dn = $dn = str_replace('\\5c', '\\', $dn); + $dn = $this->DNasBaseParameter($dn); $rr = @ldap_read($cr, $dn, 'objectClass=*', array($attr)); if(!is_resource($rr)) { \OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, \OCP\Util::DEBUG); @@ -649,6 +649,7 @@ abstract class Access { } public function areCredentialsValid($name, $password) { + $name = $this->DNasBaseParameter($name); $testConnection = clone $this->connection; $credentials = array( 'ldapAgentName' => $name, @@ -735,4 +736,16 @@ abstract class Access { return strtoupper($hex_guid_to_guid_str); } + + /** + * @brief converts a stored DN so it can be used as base parameter for LDAP queries + * @param $dn the DN + * @returns String + * + * converts a stored DN so it can be used as base parameter for LDAP queries + * internally we store them for usage in LDAP filters + */ + private function DNasBaseParameter($dn) { + return str_replace('\\5c', '\\', $dn); + } } \ No newline at end of file