I went to http://www.rfc-editor.org/rfc/rfc4514.txt and searched for 'special
character' and saw this section:
This example shows the method of escaping of a special characters
appearing in a common name:
CN=James \"Jim\" Smith\, III,DC=example,DC=net
When nothing else could be found for 'special character,' I made the erroneous
assumption that this example could be extrapolated to parenthesis. I'm
embarrassed that I made that error, and appreciate your patience with my
question.
If I understand the section of 2.4 that you quoted, parenthesis are not special
characters and don't need any special treatment. However, if I don't escape
them with backslashes, my script generates another error in this section:
// search ldap
// change filter to PeopleID
$filter='cn='.$entry['FirstName']." ".$entry['LastName'];
echo '$filter is ' . $filter . "\n";
$result=ldap_search($connection,$rdn,$filter); #This is line 111
[EMAIL PROTECTED]:/var/www/centernet/htdocs/ldap_auth$ php conversion.php
$filter is cn=E. Kevin (Kev) Zembower
Warning: ldap_search(): Search: Bad search filter in
/var/www/centernet/htdocs/ldap_auth/conversion.php on line 112
This error goes away when I escape the parenthesis, but the other error occurs.
The error also doesn't occur if the string doesn't have parenthesis in it. This
led me to believe that the parenthesis needed escaping.
I appreciate any advice you have to help me resolve this issue. Thanks for your
help.
-Kevin
-----Original Message-----
From: Michael Ströder [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 25, 2007 4:20 PM
To: Zembower, Kevin
Cc: [email protected]
Subject: Re: [ldap] RE: Newbie: best method for using special characters?
Zembower, Kevin wrote:
> Michael, thanks for your suggestion. I read the RFC and it seemed to
> say that I just need to escape the parenthesis with a backslash.
Parenthesis?!?
Did you really read RFC 4514, section 2.4? Or did you read another RFC?
-------------------------- snip --------------------------
Otherwise, if the AttributeValue is of a syntax that has a LDAP-
specific string encoding, the value is converted first to a UTF-8-
encoded Unicode string according to its syntax specification (see
[RFC4517], Section 3.3, for examples). If that UTF-8-encoded Unicode
string does not have any of the following characters that need
escaping, then that string can be used as the string representation
of the value.
- a space (' ' U+0020) or number sign ('#' U+0023) occurring at
the beginning of the string;
- a space (' ' U+0020) character occurring at the end of the
string;
- one of the characters '"', '+', ',', ';', '<', '>', or '\'
(U+0022, U+002B, U+002C, U+003B, U+003C, U+003E, or U+005C,
respectively);
- the null (U+0000) character.
Other characters may be escaped.
-------------------------- snip --------------------------
Ciao, Michael.
---
You are currently subscribed to [email protected] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the
SUBJECT of the message.
