- /* Make sure that search does not contain ldap special chars */
- $expression = '(cn=*' . $this->ldapspecialchars($expr) . '*)';
+ /* sanitize search string */
+ $expr = $this->ldapspecialchars($expr);
+
+ /* Search for same string in cn, main and sn */
+ $expression = '(|(cn=*'.$expr.'*)(mail=*'.$expr.'*)(sn=*'.$expr.'*))';