diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2014-12-08 19:12:13 +0300 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@owncloud.com> | 2014-12-08 19:19:57 +0300 |
| commit | 45443ee28cb0695a99d1d367baee9433d3420914 (patch) | |
| tree | 1e64fc190c21b26fbb749063c7a12115bec025a0 /apps | |
| parent | 1362c0b67a42873e57dc69437a39c4473caef1a5 (diff) | |
preserve an asterisk at the start when escaping a search term
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/user_ldap/lib/access.php | 9 | ||||
| -rw-r--r-- | apps/user_ldap/user_ldap.php | 2 |
2 files changed, 8 insertions, 3 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 5a4d324fba2..1adb25690d0 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -1087,10 +1087,15 @@ class Access extends LDAPUtility implements user\IUserTools { * @param string $input, the provided value * @return string the escaped string */ - public function escapeFilterPart($input) { + public function escapeFilterPart($input, $allowAsterisk = false) { + $asterisk = ''; + if($allowAsterisk && strlen($input) > 0 && $input[0] === '*') { + $asterisk = '*'; + $input = mb_substr($input, 1, null, 'UTF-8'); + } $search = array('*', '\\', '(', ')'); $replace = array('\\*', '\\\\', '\\(', '\\)'); - return str_replace($search, $replace, $input); + return $asterisk . str_replace($search, $replace, $input); } /** diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php index 38c32cbda4a..52278082312 100644 --- a/apps/user_ldap/user_ldap.php +++ b/apps/user_ldap/user_ldap.php @@ -93,7 +93,7 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface { * Get a list of all users. */ public function getUsers($search = '', $limit = 10, $offset = 0) { - $search = $this->access->escapeFilterPart($search); + $search = $this->access->escapeFilterPart($search, true); $cachekey = 'getUsers-'.$search.'-'.$limit.'-'.$offset; //check if users are cached, if so return |