Posted by yawnmoth on 08/22/07 21:37

Say I have the following in a PHP script of mine:

$sr=ldap_search($ds, "", "(& (sn=$_GET[lastname]) (givenName=
$_GET[firstname]*))");

If $_GET[lastname] contains a ), an attacker could escape out of the
first part of the LDAP query and perform ldap injection, as it were
(not sure what can be done with ldap injection, though).

My question is... how do I prevent this? Would I escape ) with \)?
Would there be other characters I'd need to escape, as well?

Is there a more appropriate newsgroup for questions like this?

• Next in forum: Re: Name of the Form that was POSTed?
• Prev in forum: Re: mail() encoding problems
• Thread view: protecting against ldap injection?

[Reply to this message]