if ($ldapUser === null) {
return false;
}
+
if ($ldapUser['uid'] !== $user->external_auth_id) {
return false;
}
$newAttrs = [];
foreach ($attrs as $key => $attrText) {
$newKey = '${' . $key . '}';
- $newAttrs[$newKey] = $attrText;
+ $newAttrs[$newKey] = $this->ldap->escape($attrText);
}
return strtr($filterString, $newAttrs);
}
$baseDn = $this->config['base_dn'];
$groupsAttr = strtolower($this->config['group_attribute']);
- $groups = $this->ldap->searchAndGetEntries($ldapConnection, $baseDn, 'CN='.$groupName, [$groupsAttr]);
+ $groupFilter = 'CN=' . $this->ldap->escape($groupName);
+ $groups = $this->ldap->searchAndGetEntries($ldapConnection, $baseDn, $groupFilter, [$groupsAttr]);
if ($groups['count'] === 0) {
return [];
}
/**
* Filter out LDAP CN and DN language in a ldap search return
* Gets the base CN (common name) of the string
- * @param string $ldapSearchReturn
+ * @param array $userGroupSearchResponse
* @return array
*/
- protected function groupFilter($ldapSearchReturn)
+ protected function groupFilter(array $userGroupSearchResponse)
{
$groupsAttr = strtolower($this->config['group_attribute']);
$ldapGroups = [];
$count = 0;
- if (isset($ldapSearchReturn[$groupsAttr]['count'])) {
- $count = (int) $ldapSearchReturn[$groupsAttr]['count'];
+
+ if (isset($userGroupSearchResponse[$groupsAttr]['count'])) {
+ $count = (int) $userGroupSearchResponse[$groupsAttr]['count'];
}
+
for ($i=0; $i<$count; $i++) {
- $dnComponents = ldap_explode_dn($ldapSearchReturn[$groupsAttr][$i], 1);
+ $dnComponents = $this->ldap->explodeDn($userGroupSearchResponse[$groupsAttr][$i], 1);
if (!in_array($dnComponents[0], $ldapGroups)) {
$ldapGroups[] = $dnComponents[0];
}
}
+
return $ldapGroups;
}
projects / bookstack / blobdiff