From dd0ba120ca41a25da308d0cf84c9eed8ad112177 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Wed, 17 Jan 2018 17:39:31 +0100 Subject: [PATCH] user name suggestions: clean umlauts and special characters only in LDAP values --- lam/lib/modules/posixAccount.inc | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index f4ed156d..c4c1fa08 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -3245,7 +3245,7 @@ class posixAccount extends baseModule implements passwordService { $wc = substr($wildcards[0][$i], 1, strlen($wildcards[0][$i]) - 2); $value = ''; if (isset($attributes[$wc][0]) && !empty($attributes[$wc][0])) { - $value = $attributes[$wc][0][0]; + $value = $this->cleanSuggestionPart($attributes[$wc][0][0]); } $format = str_replace('@' . $wc . '@', $value, $format); } @@ -3257,16 +3257,26 @@ class posixAccount extends baseModule implements passwordService { $wc = substr($wildcards[0][$i], 1, strlen($wildcards[0][$i]) - 2); $value = ''; if (isset($attributes[$wc][0])) { - $value = $attributes[$wc][0]; + $value = $this->cleanSuggestionPart($attributes[$wc][0]); } $format = str_replace('%' . $wc . '%', $value, $format); } } - $format = str_replace(array_keys($this->umlautReplacements), array_values($this->umlautReplacements), strtolower($format)); - $format = str_replace(array(' ', '_', '-'), array('', '', ''), $format); return $format; } + /** + * Cleans a string that is injected in user name suggestion. + * + * @param string $part injected part + * @return string cleaned by removing umlauts, spaces, dashes and underscores + */ + private function cleanSuggestionPart($part) { + $result = str_replace(array_keys($this->umlautReplacements), array_values($this->umlautReplacements), strtolower($part)); + $result = str_replace(array(' ', '_', '-'), array('', '', ''), $result); + return $result; + } + /** * Returns if this account can be locked. * This is the case if a hashed password is set ("{" at the beginning).