diff options
author | Arthur Schiwon <blizzz@owncloud.com> | 2014-12-08 19:12:13 +0300 |
---|---|---|
committer | Lukas Reschke <lukas@owncloud.com> | 2014-12-08 21:18:24 +0300 |
commit | a33dcd359ae8705f9caf6e02b0e6a3149d7874d0 (patch) | |
tree | 28d5d90179606578a44ffe7a3b58598ec6255638 | |
parent | 55ebf024a7e1eac73e77c8389794f89471ee48d4 (diff) |
preserve an asterisk at the start when escaping a search term
-rw-r--r-- | apps/user_ldap/lib/access.php | 9 | ||||
-rw-r--r-- | apps/user_ldap/user_ldap.php | 2 |
2 files changed, 8 insertions, 3 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 8a0191e4244..94be4b77e82 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -1086,10 +1086,15 @@ class Access extends LDAPUtility implements user\IUserTools { * @param string $input, the provided value * @return string the escaped string */ - public function escapeFilterPart($input) { + public function escapeFilterPart($input, $allowAsterisk = false) { + $asterisk = ''; + if($allowAsterisk && strlen($input) > 0 && $input[0] === '*') { + $asterisk = '*'; + $input = mb_substr($input, 1, null, 'UTF-8'); + } $search = array('*', '\\', '(', ')'); $replace = array('\\*', '\\\\', '\\(', '\\)'); - return str_replace($search, $replace, $input); + return $asterisk . str_replace($search, $replace, $input); } /** diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php index b7846625d9e..8bd9dd9e8c5 100644 --- a/apps/user_ldap/user_ldap.php +++ b/apps/user_ldap/user_ldap.php @@ -93,7 +93,7 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface { * Get a list of all users. */ public function getUsers($search = '', $limit = 10, $offset = 0) { - $search = $this->access->escapeFilterPart($search); + $search = $this->access->escapeFilterPart($search, true); $cachekey = 'getUsers-'.$search.'-'.$limit.'-'.$offset; //check if users are cached, if so return |