Closed tsmgeek closed 8 years ago
Please escape the user before passing it to the query using ldap_escape, otherwise you allow ldap injection
Ive updated my code to allow for this. Note that I had to wrap this in a function as pre php 5.6 does not have ldap_escape function.
Please escape the user before passing it to the query using ldap_escape, otherwise you allow ldap injection