From c42d9d439a2aa72d0be159f793c08dfeb612eec9 Mon Sep 17 00:00:00 2001
From: AaronDewes <aaron.dewes@protonmail.com>
Date: Mon, 13 Mar 2023 18:58:59 +0000
Subject: [PATCH] Fix: Escape group names for LDAP

Groups may contain special characters (Like "(" or ")") that should be escaped to ensure geenrted queries are correct.

Signed-off-by: AaronDewes <aaron.dewes@protonmail.com>
---
 apps/user_ldap/lib/Wizard.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/user_ldap/lib/Wizard.php b/apps/user_ldap/lib/Wizard.php
index 3014ec8e8a7..785a0c6359a 100644
--- a/apps/user_ldap/lib/Wizard.php
+++ b/apps/user_ldap/lib/Wizard.php
@@ -973,7 +973,7 @@ class Wizard extends LDAPUtility {
 				if (is_array($cns) && count($cns) > 0) {
 					$filter .= '(|';
 					foreach ($cns as $cn) {
-						$filter .= '(cn=' . $cn . ')';
+						$filter .= '(cn=' . ldap_escape($cn, '', LDAP_ESCAPE_FILTER) . ')';
 					}
 					$filter .= ')';
 				}