Skip to content
This repository has been archived by the owner on Apr 11, 2024. It is now read-only.

Update to work with native php ldap library instead of Net_LDAP2 #14

Merged
merged 3 commits into from
Nov 2, 2015

Conversation

tsmgeek
Copy link
Contributor

@tsmgeek tsmgeek commented Oct 21, 2015

No description provided.

Currently working with PHP LDAP native with AD instead of Net_LDAP2
@Mic92
Copy link
Contributor

Mic92 commented Nov 2, 2015

Please escape the user before passing it to the query using ldap_escape, otherwise you allow ldap injection

Escape login using ldap_escape but also add pre 5.6 code to emulate this.
@tsmgeek
Copy link
Contributor Author

tsmgeek commented Nov 2, 2015

Ive updated my code to allow for this.
Note that I had to wrap this in a function as pre php 5.6 does not have ldap_escape function.

@hydrian hydrian self-assigned this Nov 2, 2015
hydrian added a commit that referenced this pull request Nov 2, 2015
Pull to properly escape provided username to prevent exploit.
@hydrian hydrian merged commit a7f7a5a into hydrian:master Nov 2, 2015
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants