略微加速

PHP官方手册 - 互联网笔记

PHP - Manual: ldap_escape

2024-11-14

ldap_escape

(PHP 5 >= 5.6.0, PHP 7, PHP 8)

ldap_escapeEscape a string for use in an LDAP filter or DN

说明

ldap_escape(string $value, string $ignore = "", int $flags = 0): string

Escapes value for use in the context implied by flags.

参数

value

The value to escape.

ignore

Characters to ignore when escaping.

flags

The context the escaped string will be used in: LDAP_ESCAPE_FILTER for filters to be used with ldap_search(), or LDAP_ESCAPE_DN for DNs. If neither flag is passed, all chars are escaped.

返回值

Returns the escaped string.

范例

When building an LDAP filter, you should use ldap_escape with LDAP_ESCAPE_FILTER flag.

示例 #1 Searching for an email address

<?php
// $ds is a valid link identifier for a directory server

// $mail is an email address provided by the user in a form

$base   "o=My Company, c=US";
$filter "(mail=".ldap_escape($mail""LDAP_ESCAPE_FILTER).")";

$sr ldap_search($ds$base$filter, array("sn""givenname""mail"));

$info ldap_get_entries($ds$sr);

echo 
$info["count"]." entries returned\n";
?>
add a noteadd a note

User Contributed Notes 2 notes

up
1
support at extollit dot com
2 years ago
Suppose you want to reverse the operation, here is a way to "ldap_unescape"

<?php

function ldap_unescape($string) {
    return
       
preg_replace_callback(
           
"/\\\\[\da-z]{2}/",
            function (
$matches) {
               
$match = array_shift($matches);
                return
hex2bin(substr($match, 1));
            },
           
$string
       
);
}

$result = ldap_unescape("uid=\\61\\6c\\70\\68\\6f\\6e\\7a\\6f,ou=people,dc=foo,dc=com"); // uid=alphonzo,ou=people,dc=foo,dc=com

?>
up
0
martin dot keckeis1 at gmail dot com
6 years ago
You can use it like this for filtering

<?php
$badSearchInput
= 'Domain\username';

$escapedSearchInput = ldap_escape($badSearchInput, null, LDAP_ESCAPE_FILTER);
?>

官方地址:https://www.php.net/manual/en/function.ldap-escape.php

北京半月雨文化科技有限公司.版权所有 京ICP备12026184号-3