PHP 8.0.0 Released!

ldap_escape

(PHP 5 >= 5.6.0, PHP 7)

ldap_escapeEscape a string for use in an LDAP filter or DN

Beschreibung

ldap_escape ( string $value [, string $ignore = "" [, int $flags = 0 ]] ) : string

Escapes value for use in the context implied by flags.

Parameter-Liste

value

The value to escape.

ignore

Characters to ignore when escaping.

flags

The context the escaped string will be used in: LDAP_ESCAPE_FILTER for filters to be used with ldap_search(), or LDAP_ESCAPE_DN for DNs. If neither flag is passed, all chars are escaped.

R├╝ckgabewerte

Returns the escaped string.

Beispiele

When building an LDAP filter, you should use ldap_escape with LDAP_ESCAPE_FILTER flag.

Beispiel #1 Searching for an email address

<?php
// $ds is a valid link identifier for a directory server

// $mail is an email address provided by the user in a form

$base   "o=My Company, c=US";
$filter "(mail=".ldap_escape($mail""LDAP_ESCAPE_FILTER).")";

$sr ldap_search($ds$base$filter, array("sn""givenname""mail"));

$info ldap_get_entries($ds$sr);

echo 
$info["count"]." entries returned\n";
?>

add a note add a note

User Contributed Notes 2 notes

up
1
support at extollit dot com
9 months ago
Suppose you want to reverse the operation, here is a way to "ldap_unescape"

<?php

function ldap_unescape($string) {
    return
       
preg_replace_callback(
           
"/\\\\[\da-z]{2}/",
            function (
$matches) {
               
$match = array_shift($matches);
                return
hex2bin(substr($match, 1));
            },
           
$string
       
);
}

$result = ldap_unescape("uid=\\61\\6c\\70\\68\\6f\\6e\\7a\\6f,ou=people,dc=foo,dc=com"); // uid=alphonzo,ou=people,dc=foo,dc=com

?>
up
0
martin dot keckeis1 at gmail dot com
5 years ago
You can use it like this for filtering

<?php
$badSearchInput
= 'Domain\username';

$escapedSearchInput = ldap_escape($badSearchInput, null, LDAP_ESCAPE_FILTER);
?>
To Top