ldap_escape()
(PHP 5 >= 5.6.0, PHP 7)
Escape a string for use in an LDAP filter or DN
说明
ldap_escape(string $value[,string $ignore= ""[,int $flags= 0]]): string
Escapes$valuefor use in the context implied by$flags.
参数
- $value
The value to escape.
- $ignore
Characters to ignore when escaping.
- $flags
The context the escaped string will be used in:
LDAP_ESCAPE_FILTERfor filters to be used with ldap_search(), orLDAP_ESCAPE_DNfor DNs. If neither flag is passed, all chars are escaped.
返回值
Returns the escaped string.
范例
When building an LDAP filter, you should use ldap_escape with LDAP_ESCAPE_FILTER flag.
Example #1 Searching for an email address
<?php
// $ds is a valid link identifier for a directory server
// $mail is an email address provided by the user in a form
$base = "o=My Company, c=US";
$filter = "(mail=".ldap_escape($mail, "", LDAP_ESCAPE_FILTER).")";
$sr = ldap_search($ds, $base, $filter, array("sn", "givenname", "mail"));
$info = ldap_get_entries($ds, $sr);
echo $info["count"]." entries returned\n";
?>
You can use it like this for filtering <?php $badSearchInput = 'Domain\username'; $escapedSearchInput = ldap_escape($badSearchInput, null, LDAP_ESCAPE_FILTER); ?>