From Toshihiro KITA (t-kita at cc.kumamoto-u.ac.jp) Wednesday, 14 September 2005, 11:58 PM:
I belive I finally find the reason.
Moodle always put backslashes before single quotes (') in the data strings submitted by HTML forms.
- by addslashes_deep() defined around L250 in lib/setup.php.
That is, a password like
will always become
when it is passed to authenticate_user_login().
A quick hack might be a modification in auth/ldap/lib.php
around L73 :
// Try to bind with current username and password
$ldap_login = @ldap_bind($ldapconnection, $ldap_user_dn, $password);
the middle line should be
$ldap_login = @ldap_bind($ldapconnection, $ldap_user_dn, stripslashes($password));
if you want use a password from a LDAP server including ' or or \ .
From Martin Langhoff (martin at catalyst.net.nz) Thursday, 6 October 2005, 10:18 AM:
Fixed in HEAD and STABLE – thanks for a superb report & patch!