Skip to content
This repository has been archived by the owner on Apr 11, 2024. It is now read-only.

Update to work with native php ldap library instead of Net_LDAP2 #14

Merged
merged 3 commits into from
Nov 2, 2015

Conversation

tsmgeek
Copy link
Contributor

@tsmgeek tsmgeek commented Oct 21, 2015

No description provided.

Currently working with PHP LDAP native with AD instead of Net_LDAP2
@Mic92
Copy link
Contributor

Mic92 commented Nov 2, 2015

Please escape the user before passing it to the query using ldap_escape, otherwise you allow ldap injection

Escape login using ldap_escape but also add pre 5.6 code to emulate this.
@tsmgeek
Copy link
Contributor Author

tsmgeek commented Nov 2, 2015

Ive updated my code to allow for this.
Note that I had to wrap this in a function as pre php 5.6 does not have ldap_escape function.

@hydrian hydrian self-assigned this Nov 2, 2015
hydrian added a commit that referenced this pull request Nov 2, 2015
Pull to properly escape provided username to prevent exploit.
@hydrian hydrian merged commit a7f7a5a into hydrian:master Nov 2, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants