protecting against ldap injection?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Say I have the following in a PHP script of mine:

   $sr=ldap_search($ds, "", "(& (sn=$_GET[lastname]) (givenName=

If $_GET[lastname] contains a ), an attacker could escape out of the
first part of the LDAP query and perform ldap injection, as it were
(not sure what can be done with ldap injection, though).

My question is...  how do I prevent this?  Would I escape ) with \)?
Would there be other characters I'd need to escape, as well?

Is there a more appropriate newsgroup for questions like this?

Re: protecting against ldap injection?

yawnmoth escribió:
Quoted text here. Click to load it

I haven't used LDAP mysql, but the olders comment in the ldap_search()  
manual page says:

Be careful of special characters when generating filters from user input.
*, (, ), \ and NUL should be backslash-escaped. See section 4 of RFC  
2254 (I found it here: )

The link is broken but you can Google for rfc2254 if interested.

-+ - Álvaro G. Vicario - Burgos, Spain
++ Mi sitio sobre programación web:
+- Mi web de humor austrohúngaro:

Site Timeline