[Pkg-owncloud-commits] [owncloud] 50/58: and escape the search term
David Prévot
taffit at moszumanska.debian.org
Tue Aug 11 15:58:10 UTC 2015
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to annotated tag v8.0.6
in repository owncloud.
commit 6309dbfa6a292726254e74dc72165c4c77f605b8
Author: Arthur Schiwon <blizzz at owncloud.com>
Date: Thu Jan 29 00:15:55 2015 +0100
and escape the search term
---
apps/user_ldap/group_ldap.php | 3 +++
apps/user_ldap/lib/access.php | 2 +-
apps/user_ldap/lib/connection.php | 1 +
3 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index 87e4a5c..5dc4f83 100644
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -444,6 +444,7 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
if(!$this->groupExists($gid)) {
return array();
}
+ $search = $this->access->escapeFilterPart($search, true);
$cacheKey = 'usersInGroup-'.$gid.'-'.$search.'-'.$limit.'-'.$offset;
// check for cache of the exact query
$groupUsers = $this->access->connection->getFromCache($cacheKey);
@@ -557,6 +558,7 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
$this->access->connection->writeToCache($cacheKey, $groupUsers);
return $groupUsers;
}
+ $search = $this->access->escapeFilterPart($search, true);
$isMemberUid =
(strtolower($this->access->connection->ldapGroupMemberAssocAttr)
=== 'memberuid');
@@ -663,6 +665,7 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
if(!$this->enabled) {
return array();
}
+ $search = $this->access->escapeFilterPart($search, true);
$pagingSize = $this->access->connection->ldapPagingSize;
if ((! $this->access->connection->hasPagedResultSupport)
|| empty($pagingSize)) {
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 23ecd4f..d6d9743 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -958,7 +958,7 @@ class Access extends LDAPUtility implements user\IUserTools {
/**
* escapes (user provided) parts for LDAP filter
* @param string $input, the provided value
- * @param bool $allowAsterisk wether in * at the beginning should be preserved
+ * @param bool $allowAsterisk whether in * at the beginning should be preserved
* @return string the escaped string
*/
public function escapeFilterPart($input, $allowAsterisk = false) {
diff --git a/apps/user_ldap/lib/connection.php b/apps/user_ldap/lib/connection.php
index d22adbd..7f7225f 100644
--- a/apps/user_ldap/lib/connection.php
+++ b/apps/user_ldap/lib/connection.php
@@ -34,6 +34,7 @@ use OC\ServerNotAvailableException;
* @property boolean hasPagedResultSupport
* @property string[] ldapBaseUsers
* @property int|string ldapPagingSize holds an integer
+ * @property bool|mixed|void ldapGroupMemberAssocAttr
*/
class Connection extends LDAPUtility {
private $ldapConnectionRes = null;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list