user name suggestions: clean umlauts and special characters only in LDAP

values
This commit is contained in:
Roland Gruber 2018-01-17 17:39:31 +01:00
parent 44eb1b93d2
commit dd0ba120ca
1 changed files with 14 additions and 4 deletions

View File

@ -3245,7 +3245,7 @@ class posixAccount extends baseModule implements passwordService {
$wc = substr($wildcards[0][$i], 1, strlen($wildcards[0][$i]) - 2); $wc = substr($wildcards[0][$i], 1, strlen($wildcards[0][$i]) - 2);
$value = ''; $value = '';
if (isset($attributes[$wc][0]) && !empty($attributes[$wc][0])) { if (isset($attributes[$wc][0]) && !empty($attributes[$wc][0])) {
$value = $attributes[$wc][0][0]; $value = $this->cleanSuggestionPart($attributes[$wc][0][0]);
} }
$format = str_replace('@' . $wc . '@', $value, $format); $format = str_replace('@' . $wc . '@', $value, $format);
} }
@ -3257,16 +3257,26 @@ class posixAccount extends baseModule implements passwordService {
$wc = substr($wildcards[0][$i], 1, strlen($wildcards[0][$i]) - 2); $wc = substr($wildcards[0][$i], 1, strlen($wildcards[0][$i]) - 2);
$value = ''; $value = '';
if (isset($attributes[$wc][0])) { if (isset($attributes[$wc][0])) {
$value = $attributes[$wc][0]; $value = $this->cleanSuggestionPart($attributes[$wc][0]);
} }
$format = str_replace('%' . $wc . '%', $value, $format); $format = str_replace('%' . $wc . '%', $value, $format);
} }
} }
$format = str_replace(array_keys($this->umlautReplacements), array_values($this->umlautReplacements), strtolower($format));
$format = str_replace(array(' ', '_', '-'), array('', '', ''), $format);
return $format; return $format;
} }
/**
* Cleans a string that is injected in user name suggestion.
*
* @param string $part injected part
* @return string cleaned by removing umlauts, spaces, dashes and underscores
*/
private function cleanSuggestionPart($part) {
$result = str_replace(array_keys($this->umlautReplacements), array_values($this->umlautReplacements), strtolower($part));
$result = str_replace(array(' ', '_', '-'), array('', '', ''), $result);
return $result;
}
/** /**
* Returns if this account can be locked. * Returns if this account can be locked.
* This is the case if a hashed password is set ("{" at the beginning). * This is the case if a hashed password is set ("{" at the beginning).