reverting sqm_leftMain style changes.

[squirrelmail.git] / functions / abook_ldap_server.php

diff --git a/functions/abook_ldap_server.php b/functions/abook_ldap_server.php
index 596360a6275a3ad250182771183eac7712bfc11c..87bacd9a6f530ac5ac1f87b94d58d95edabf89f9 100644 (file)
--- a/functions/abook_ldap_server.php
+++ b/functions/abook_ldap_server.php
@@ -1,10 +1,8 @@
 <?php
+
 /**
  * abook_ldap_server.php
  *
- * Copyright (c) 1999-2005 The SquirrelMail Project Team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
  * Address book backend for LDAP server
  *
  * LDAP filtering code by Tim Bell
@@ -14,6 +12,8 @@
  * StartTLS code by John Lane
  *   <starfry at users.sourceforge.net> (#1197703)
  *
+ * @copyright &copy; 1999-2006 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
  * @subpackage addressbook
@@ -246,16 +246,17 @@ class abook_ldap_server extends addressbook_backend {
          * http://www.php.net/ldap-start-tls
          * Check if v3 or newer protocol is used,
          * check if ldap_start_tls function is available.
-         * Silently ignore setting, if requirements are not satisfied
+         * Silently ignore setting, if these requirements are not satisfied.
+         * Break with error message if somebody tries to start TLS on
+         * ldaps or socket connection.
          */
         if($this->starttls && 
            !empty($this->protocol) && $this->protocol >= 3 &&
            function_exists('ldap_start_tls') ) {
-            // make sure that $this->host is not ldaps:// URL.
-            if (preg_match("/^ldaps:\/\/.+/i",$this->server)) {
-                return $this->set_error("you can't enable starttls on ldaps connection.");
+            // make sure that $this->server is not ldaps:// or ldapi:// URL.
+            if (preg_match("/^ldap[si]:\/\/.+/i",$this->server)) {
+                return $this->set_error("you can't enable starttls on ldaps and ldapi connections.");
             }
-            // TODO: starttls and ldapi:// tests are needed
             
             // try starting tls
             if (! @ldap_start_tls($this->linkid)) {
@@ -495,12 +496,14 @@ class abook_ldap_server extends addressbook_backend {
             /* Convert search from user's charset to the one used in ldap */
             $expr = $this->charset_encode($expr);
 
-            /* Make sure that search does not contain ldap special chars */
-            $expression = '(cn=*' . $this->ldapspecialchars($expr) . '*)';
+            /* sanitize search string */
+            $expr = $this->ldapspecialchars($expr);
+
+            /* Search for same string in cn, main and sn */
+            $expression = '(|(cn=*'.$expr.'*)(mail=*'.$expr.'*)(sn=*'.$expr.'*))';
 
             /* Undo sanitizing of * symbol */
             $expression = str_replace('\2a','*',$expression);
-            /* TODO: implement any single character (?) matching */
         }
 
         /* Add search filtering */