Removing ldap_escape function from username / password

rhallgren69 · Apr 25, 2018 · 399e10f · 399e10f
1 parent ded812c
commit 399e10f
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/login_ldap.php b/login_ldap.php
@@ -114,9 +114,9 @@ function setRights($group,&$person){
       ldap_set_option( $ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3 );
       ldap_set_option( $ldapConn, LDAP_OPT_REFERRALS, 0 );
 
-      $ldapUser = ldap_escape(htmlspecialchars($_POST['username']));
+      $ldapUser = htmlspecialchars($_POST['username']);
       $ldapDN = str_replace( "%userid%", $ldapUser, $config->ParameterArray['LDAPBindDN']);
-      $ldapPassword = ldap_escape($_POST['password']);
+      $ldapPassword = $_POST['password'];
 
       $ldapBind = ldap_bind( $ldapConn, $ldapDN, $ldapPassword );