ldap_escape
(PHP 5 >= 5.6.0, PHP 7, PHP 8)
ldap_escape — Escape a string for use in an LDAP filter or DN
说明
ldap_escape(string
$value, string $ignore = "", int $flags = 0): string
Escapes value for use in the context implied by
flags.
参数
-
value -
The value to escape.
-
ignore -
Characters to ignore when escaping.
-
flags -
The context the escaped string will be used in:
LDAP_ESCAPE_FILTERfor filters to be used with ldap_search(), orLDAP_ESCAPE_DNfor DNs. If neither flag is passed, all chars are escaped.
返回值
Returns the escaped string.
范例
When building an LDAP filter, you should use ldap_escape with LDAP_ESCAPE_FILTER flag.
示例 #1 Searching for an email address
<?php
// $ds is a valid link identifier for a directory server
// $mail is an email address provided by the user in a form
$base = "o=My Company, c=US";
$filter = "(mail=".ldap_escape($mail, "", LDAP_ESCAPE_FILTER).")";
$sr = ldap_search($ds, $base, $filter, array("sn", "givenname", "mail"));
$info = ldap_get_entries($ds, $sr);
echo $info["count"]." entries returned\n";
?>
add a note
User Contributed Notes 2 notes
support at extollit dot com ¶
2 years ago
Suppose you want to reverse the operation, here is a way to "ldap_unescape"
<?php
function ldap_unescape($string) {
return
preg_replace_callback(
"/\\\\[\da-z]{2}/",
function ($matches) {
$match = array_shift($matches);
return hex2bin(substr($match, 1));
},
$string
);
}
$result = ldap_unescape("uid=\\61\\6c\\70\\68\\6f\\6e\\7a\\6f,ou=people,dc=foo,dc=com"); // uid=alphonzo,ou=people,dc=foo,dc=com
?>
martin dot keckeis1 at gmail dot com ¶
6 years ago
You can use it like this for filtering
<?php
$badSearchInput = 'Domain\username';
$escapedSearchInput = ldap_escape($badSearchInput, null, LDAP_ESCAPE_FILTER);
?>