svn commit: r1335241 - /incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php

Mon, 07 May 2012 13:36:36 -0700 

Author: jfthomps
Date: Mon May  7 20:36:10 2012
New Revision: 1335241

URL: http://svn.apache.org/viewvc?rev=1335241&view=rev
Log:
VCL-576
Finalizing for 2.3 release

ldapauth.php: modified getLDAPUserData - modified code to handle single quotes 
in userid

Modified:
    incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php

Modified: incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php?rev=1335241&r1=1335240&r2=1335241&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/authmethods/ldapauth.php Mon May  7 
20:36:10 2012
@@ -319,9 +319,11 @@ function getLDAPUserData($authtype, $use
        # FIXME hack
        array_push($ldapsearch, 'gecos');
 
+       $searchuser = stripslashes($userid);
+
        $search = ldap_search($ds,
                              $auth['binddn'], 
-                             "{$auth['unityid']}=$userid",
+                             "{$auth['unityid']}=$searchuser",
                              $ldapsearch, 0, 3, 15);
        $return = array();
        if($search) {

Reply via email to