I have 1.5.2 running and using GDS (LDAP) for authentication. One of the students
is unable to login. His password is tgb)(I's
I have a feeling that the apostrophe is the cause of the problem. Am I correct?
If so, are there any other characters that should be avoided?
By the way, I tried escaping it with a backslash like so: tgb)(I\'s with no luck.
Getting your password changed here is a real hassle and something I would like
Any help is appreciated.
I guess that the brute force way to find out what these are are to find out the encoding used by your LDAP server, make a file using the encoding of your site and fill it with all the characters on your keyboard and then open it using the encoding that your LDAP server users.
Or somewhere there will be comparative lists of encodings.
solved a similar problem with URL encoding
i was using post.php?username=....&passord=urlencode(...)
post.php code has been contributed by Col G in one of the authentication forums here
We have magic_quotes_gpc = on and php adds the escape '\' , so modifying a line in auth/ldap/lib.php's auth_user_login () worked for us. Now the passwords with ' go through.
Before - $ldap_login = @ldap_bind($ldapconnection, $ldap_user_dn, $password);
After - $ldap_login = @ldap_bind($ldapconnection, $ldap_user_dn, stripslashes($password));
Ah! This is the reason! I will see if
$connection = imap_open($host, $username, stripslashes($password), OP_HALFOPEN);