From fb1eb4a85a7ab6faf130fd73044f669808439147 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Tue, 30 Aug 2011 18:38:04 +0000
Subject: [PATCH] fixed for special chars in DN

---
 lam/lib/modules.inc | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc
index 5de7a110..c6017fdb 100644
--- a/lam/lib/modules.inc
+++ b/lam/lib/modules.inc
@@ -776,7 +776,7 @@ class accountContainer {
 			if (isset($_POST['accountContainerBackToEdit'])) {
 				// open fresh account page
 				unset($_SESSION[$this->base]);
-				metaRefresh("edit.php?type=" . $this->type . "&amp;DN=" . $this->finalDN);
+				metaRefresh("edit.php?type=" . $this->type . "&amp;DN=" . urlencode($this->finalDN));
 				exit();
 			}
 			// back to account list
@@ -1368,11 +1368,11 @@ class accountContainer {
 		$search = substr($dn, 0, strpos($dn, ','));
 		$result = @ldap_read($_SESSION['ldap']->server(), escapeDN($dn), escapeDN($search), array('*', '+'), 0, 0, 0, LDAP_DEREF_NEVER);
 		if (!$result) {
-			return array(array("ERROR", _("Unable to load LDAP entry:") . " " . $dn, ldap_error($_SESSION['ldap']->server())));
+			return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), ldap_error($_SESSION['ldap']->server())));
 		}
 		$entry = @ldap_first_entry($_SESSION['ldap']->server(), $result);
 		if (!$entry) {
-			return array(array("ERROR", _("Unable to load LDAP entry:") . " " . $dn, ldap_error($_SESSION['ldap']->server())));
+			return array(array("ERROR", _("Unable to load LDAP entry:") . " " . htmlspecialchars($dn), ldap_error($_SESSION['ldap']->server())));
 		}
 		$this->dn = substr($dn, strpos($dn, ',')+1);
 		$this->dn_orig = $dn;