From 783f9a17939cb510406efab94db6d646071da1a7 Mon Sep 17 00:00:00 2001
From: Daniel Cebrian <daniel.cebrian@pandorafms.com>
Date: Wed, 25 Jan 2023 17:01:28 +0100
Subject: [PATCH 1/3] #10115 fixed login with special character in ldap

---
 pandora_console/include/auth/mysql.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pandora_console/include/auth/mysql.php b/pandora_console/include/auth/mysql.php
index be845f3fc0..e33ce54f5b 100644
--- a/pandora_console/include/auth/mysql.php
+++ b/pandora_console/include/auth/mysql.php
@@ -360,7 +360,7 @@ function process_user_login_remote($login, $pass, $api=false)
         }
 
         $user_info = [
-            'fullname' => $login,
+            'fullname' => io_safe_input($login),
             'comments' => 'Imported from '.$config['auth'],
         ];
 
@@ -1565,7 +1565,7 @@ function local_ldap_search(
 
     $filter = '';
     if (!empty($access_attr) && !empty($user)) {
-        $filter = " -s sub '(".$access_attr.'='.$user.")' ";
+        $filter = ' -s sub '.escapeshellarg('('.$access_attr.'='.$user.')');
     }
 
     $tls = '';
@@ -1591,7 +1591,7 @@ function local_ldap_search(
         $ldap_admin_pass = ' -w '.escapeshellarg($ldap_admin_pass);
     }
 
-    $dn = " -b '".$dn."'";
+    $dn = ' -b '.escapeshellarg($dn);
     $ldapsearch_command = 'ldapsearch -LLL -o ldif-wrap=no -o nettimeout='.$ldap_search_time.' -x'.$ldap_host.$ldap_version.' -E pr=10000/noprompt '.$ldap_admin_user.$ldap_admin_pass.$dn.$filter.$tls.' | grep -v "^#\|^$" | sed "s/:\+ /=>/g"';
     $shell_ldap_search = explode("\n", shell_exec($ldapsearch_command));
     foreach ($shell_ldap_search as $line) {

From 8fb5fc0d852fea1be7abcff9647e0b29a53f6e4c Mon Sep 17 00:00:00 2001
From: Daniel Cebrian <daniel.cebrian@pandorafms.com>
Date: Thu, 26 Jan 2023 09:16:02 +0100
Subject: [PATCH 2/3] #10115 fixed special character in fullname if user have
 permission

---
 pandora_console/include/auth/mysql.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pandora_console/include/auth/mysql.php b/pandora_console/include/auth/mysql.php
index e33ce54f5b..94e91116e4 100644
--- a/pandora_console/include/auth/mysql.php
+++ b/pandora_console/include/auth/mysql.php
@@ -398,7 +398,7 @@ function process_user_login_remote($login, $pass, $api=false)
             $config['auth_error'] = __('User not found in database or incorrect password');
             return false;
         } else {
-            $user_info['fullname'] = $sr['cn'][0];
+            $user_info['fullname'] = io_safe_input($sr['cn'][0]);
             $user_info['email'] = $sr['mail'][0];
 
             // Create the user.

From 96efef07d2cb04747f3569c76ec6ec3c50d9c3b9 Mon Sep 17 00:00:00 2001
From: Daniel Cebrian <daniel.cebrian@pandorafms.com>
Date: Thu, 26 Jan 2023 09:28:29 +0100
Subject: [PATCH 3/3] #10115 changed function for control special character in
 mysql.php

---
 pandora_console/include/auth/mysql.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pandora_console/include/auth/mysql.php b/pandora_console/include/auth/mysql.php
index 94e91116e4..fd138f7fbe 100644
--- a/pandora_console/include/auth/mysql.php
+++ b/pandora_console/include/auth/mysql.php
@@ -360,7 +360,7 @@ function process_user_login_remote($login, $pass, $api=false)
         }
 
         $user_info = [
-            'fullname' => io_safe_input($login),
+            'fullname' => db_escape_string_sql($login),
             'comments' => 'Imported from '.$config['auth'],
         ];
 
@@ -398,7 +398,7 @@ function process_user_login_remote($login, $pass, $api=false)
             $config['auth_error'] = __('User not found in database or incorrect password');
             return false;
         } else {
-            $user_info['fullname'] = io_safe_input($sr['cn'][0]);
+            $user_info['fullname'] = db_escape_string_sql($sr['cn'][0]);
             $user_info['email'] = $sr['mail'][0];
 
             // Create the user.