ldap_escape()
(PHP 5 >= 5.6.0, PHP 7)
Escape a string for use in an LDAP filter or DN
说明
ldap_escape(string $value[,string $ignore= ""[,int $flags= 0]]): string
Escapes$valuefor use in the context implied by$flags.
参数
- $value
The value to escape.
- $ignore
Characters to ignore when escaping.
- $flags
The context the escaped string will be used in:
LDAP_ESCAPE_FILTER
for filters to be used with ldap_search(), orLDAP_ESCAPE_DN
for DNs. If neither flag is passed, all chars are escaped.
返回值
Returns the escaped string.
范例
When building an LDAP filter, you should use ldap_escape with LDAP_ESCAPE_FILTER flag.
Example #1 Searching for an email address
<?php // $ds is a valid link identifier for a directory server // $mail is an email address provided by the user in a form $base = "o=My Company, c=US"; $filter = "(mail=".ldap_escape($mail, "", LDAP_ESCAPE_FILTER).")"; $sr = ldap_search($ds, $base, $filter, array("sn", "givenname", "mail")); $info = ldap_get_entries($ds, $sr); echo $info["count"]." entries returned\n"; ?>
You can use it like this for filtering <?php $badSearchInput = 'Domain\username'; $escapedSearchInput = ldap_escape($badSearchInput, null, LDAP_ESCAPE_FILTER); ?>