LDAP: improve compilation of filters

This commit is contained in:
Arthur Schiwon 2014-02-19 13:13:01 +01:00
parent f9d4780d27
commit c0328b4f0f
2 changed files with 14 additions and 0 deletions

View File

@ -921,6 +921,17 @@ class Access extends LDAPUtility {
return $name;
}
/**
* @brief escapes (user provided) parts for LDAP filter
* @param String $input, the provided value
* @returns the escaped string
*/
public function escapeFilterPart($input) {
$search = array('*', '\\', '(', ')');
$replace = array('\\*', '\\\\', '\\(', '\\)');
return str_replace($search, $replace, $input);
}
/**
* @brief combines the input filters with AND
* @param $filters array, the filters to connect

View File

@ -163,6 +163,8 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
* Check if the password is correct without logging in the user
*/
public function checkPassword($uid, $password) {
$uid = $this->access->escapeFilterPart($uid);
//find out dn of the user name
$filter = \OCP\Util::mb_str_replace(
'%uid', $uid, $this->access->connection->ldapLoginFilter, 'UTF-8');
@ -203,6 +205,7 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
* Get a list of all users.
*/
public function getUsers($search = '', $limit = 10, $offset = 0) {
$search = $this->access->escapeFilterPart($search);
$cachekey = 'getUsers-'.$search.'-'.$limit.'-'.$offset;
//check if users are cached, if so return