From c3713350e292137d7f5143eacc9a25526606340e Mon Sep 17 00:00:00 2001
From: Deon George <wurley@users.sf.net>
Date: Tue, 30 Jun 2009 20:28:51 +1000
Subject: [PATCH] RELEASE 0.9.8.5

---
 htdocs/create_form.php        |  2 +-
 htdocs/css/style.css          | 24 ++++++++---------
 htdocs/entry_chooser.php      |  6 +++--
 htdocs/help.php               |  2 +-
 htdocs/login_form.php         | 18 +++++++------
 htdocs/rename.php             |  6 ++---
 htdocs/template_engine.php    | 49 ++++++++++++++++++++++++++++++-----
 htdocs/tree.php               |  2 +-
 htdocs/update.php             | 25 +++++++++++-------
 htdocs/update_confirm.php     | 12 ++++-----
 lib/functions.php             | 49 +++++++++++++++++++++++++++--------
 lib/server_functions.php      |  8 +++---
 lib/tree_functions.php        |  2 +-
 templates/creation/custom.php |  2 +-
 templates/template_header.php |  2 +-
 15 files changed, 141 insertions(+), 68 deletions(-)

diff --git a/htdocs/create_form.php b/htdocs/create_form.php
index 4228cc8..2ed0dd6 100644
--- a/htdocs/create_form.php
+++ b/htdocs/create_form.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/create_form.php,v 1.31.2.5 2005/12/31 04:21:37 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/Attic/create_form.php,v 1.31.2.5 2005/12/31 04:21:37 wurley Exp $
 
 /**
  * The menu where the user chooses an RDN, Container, and Template for creating a new entry.
diff --git a/htdocs/css/style.css b/htdocs/css/style.css
index f753b39..55023de 100644
--- a/htdocs/css/style.css
+++ b/htdocs/css/style.css
@@ -1,4 +1,4 @@
-/* $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/css/style.css,v 1.44.4.2 2005/12/06 22:00:54 wurley Exp $ */
+/* $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/css/style.css,v 1.44.4.3 2008/11/28 14:21:37 wurley Exp $ */
 span.hint {
 	font-size: small;
 	font-weight: normal;
@@ -35,7 +35,7 @@ table.schema_attr th {
 	padding: 5px;
 	color: white;
 	font-weight: bold;
-	font-size: 125%;
+	font-size: 100%;
 }
 
 table.schema_attr td {
@@ -163,7 +163,7 @@ a img {
 body {
 	font-family: arial, helvetica, sans-serif;
 	background-color: white;
-	font-size: 12pt;
+	font-size: 10pt;
 }
 
 table.tree tr.login td {
@@ -204,7 +204,7 @@ table.tree tr.server td {
 	padding-top: 15px;
 	padding-bottom: 0px;
 	vertical-align: top;
-	font-size: 20px;
+	font-size: 12px;
 	text-align: left;
 }
 
@@ -212,7 +212,7 @@ table.tree td.icon {
 	text-align: center;
 	padding: 0px;
 	width: 14px;
-	font-size: 1px;
+	font-size: 10px;
 }
 
 table.tree td.rdn {
@@ -267,7 +267,7 @@ h3.title {
 	background-color: #018;
 	border: 1px solid black;
 	font-weight: normal;
-	font-size: 150%;
+	font-size: 140%;
 }
 
 h3.subtitle {
@@ -317,14 +317,14 @@ table.edit_dn input {
 }
 
 table.edit_dn input.val {
-	font-size: 14px;
+	font-size: 12px;
 	width: 350px; 
 	font-family: arial, helvetica, sans-serif;
 	background-color: white;
 }
 
 table.edit_dn textarea.val {
-	font-size: 14px;
+	font-size: 12px;
 	width: 350px; 
 	font-family: arial, helvetica, sans-serif;
 	background-color: white;
@@ -418,7 +418,7 @@ input.update_dn {
 }
 
 small {
-	font-size: 10pt;
+	font-size: 8pt;
 }
 
 form.edit_dn {
@@ -433,7 +433,7 @@ h4.oclass {
 	margin-top: 8px;
 	font-weight: normal;
 	border: 1px solid black;
-	font-size: 140%;
+	font-size: 120%;
 	color: white;
 }
 
@@ -595,7 +595,7 @@ table.create td.heading {
 }
 
 table.create td.name {
-	font-size: 13px;
+	font-size: 11px;
 	width: 350px; 
 }
 
@@ -642,7 +642,7 @@ table.export_form {
 }
 
 table.export_form tr td {
-	font-size: 13px;
+	font-size: 11px;
 	text-align: left;
 	vertical-align: top;
 	padding: 4px;
diff --git a/htdocs/entry_chooser.php b/htdocs/entry_chooser.php
index 9a8a922..390f40d 100644
--- a/htdocs/entry_chooser.php
+++ b/htdocs/entry_chooser.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/entry_chooser.php,v 1.27.2.4 2005/12/31 03:13:48 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/entry_chooser.php,v 1.27.2.5 2008/11/28 14:21:37 wurley Exp $
 
 /**
  * Display a selection (popup window) to pick a DN.
@@ -70,7 +70,9 @@ if (isset($ldapserver) && $container !== false) {
 
 	else
 		foreach ($dn_list as $dn) {
-			$href = sprintf("javascript:returnDN('%s%s')",($rdn ? "$rdn," : ''),$dn);
+			$href = sprintf("javascript:returnDN('%s%s')",
+				($rdn ? '"'.htmlspecialchars(dn_js_escape($rdn)).',"' : ''),
+				htmlspecialchars(dn_js_escape($dn)));
 			echo '&nbsp;&nbsp;&nbsp;';
 			printf('<a href="entry_chooser.php?server_id=%s&amp;form_element=%s&amp;rdn=%s&amp;container=%s"><img src="images/plus.png" /></a>',
 				$ldapserver->server_id,$return_form_element,$rdn,rawurlencode($dn));
diff --git a/htdocs/help.php b/htdocs/help.php
index 8aa6af6..77d9840 100644
--- a/htdocs/help.php
+++ b/htdocs/help.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/help.php,v 1.5 2005/02/26 12:35:05 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/Attic/help.php,v 1.5 2005/02/26 12:35:05 wurley Exp $
 
 /**
  * @package phpLDAPadmin
diff --git a/htdocs/login_form.php b/htdocs/login_form.php
index bc4a280..32d7082 100644
--- a/htdocs/login_form.php
+++ b/htdocs/login_form.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/login_form.php,v 1.25.4.2 2005/12/11 09:03:07 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/login_form.php,v 1.25.4.3 2008/11/28 14:21:37 wurley Exp $
 
 /**
  * Displays the login form for a server for users who specify 'cookie' or 'session' for their auth_type.
@@ -69,12 +69,6 @@ include './header.php'; ?>
 <center>
 <table class="login">
 
-<?php if( $ldapserver->isAnonBindAllowed() ) { ?>
-<tr>
-	<td colspan="2"><small><label for="anonymous_bind_checkbox"><?php echo _('Anonymous Bind'); ?></label></small> <input type="checkbox" name="anonymous_bind" onclick="toggle_disable_login_fields(this)" id="anonymous_bind_checkbox"/></td>
-</tr>
-<?php } ?>
-
 <tr>
 <td><small>
 <?php
@@ -94,7 +88,15 @@ else
 </tr>
 
 <tr>
-	<td colspan="2"><center><input type="submit" name="submit" value="<?php echo _('Authenticate'); ?>" /></center></td>
+	<td colspan="2" align="center" valign="bottom">
+	<input type="submit" name="submit" value="<?php echo _('Authenticate'); ?>" />
+<?php if( $ldapserver->isAnonBindAllowed() ) { ?>
+	&nbsp;&nbsp;&nbsp;
+	<input type="checkbox" name="anonymous_bind" onclick="toggle_disable_login_fields(this)" 
+	id="anonymous_bind_checkbox"/>&nbsp;
+	<small><label for="anonymous_bind_checkbox"><?php echo _('Anonymous Bind'); ?></label></small>
+<?php } ?>
+	</td>
 </tr>
 </table>
 </center>
diff --git a/htdocs/rename.php b/htdocs/rename.php
index 37f3f7f..ea1a663 100644
--- a/htdocs/rename.php
+++ b/htdocs/rename.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rename.php,v 1.29.2.3 2005/12/08 11:54:19 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rename.php,v 1.29.2.4 2008/11/28 14:21:37 wurley Exp $
 
 /**
  * Renames a DN to a different name.
@@ -47,13 +47,13 @@ if (count($new_dn_value) != 2 || ! isset($new_dn_value[1]))
 $new_dn_attr = $new_dn_value[0];
 $new_dn_value = $new_dn_value[1];
 
-$success = run_hook('pre_rename_entry',array('server_id'=>$ldapserver->server_id,'old_dn'=>$dn,'new_dn'=>$new_dn_value));
+$success = run_hook('pre_rename_entry',array('server_id'=>$ldapserver->server_id,'old_dn'=>dn_escape($dn),'new_dn'=>dn_escape($new_dn_value)));
 
 if ($success) {
 	$success = false;
 
 	$deleteoldrdn = $old_dn_attr == $new_dn_attr;
-	$success = $ldapserver->rename($dn,$new_rdn,$container,$deleteoldrdn);
+	$success = $ldapserver->rename(dn_escape($dn),dn_escape($new_rdn),$container,$deleteoldrdn);
 
 } else {
 	pla_error(_('Could not rename the entry') );
diff --git a/htdocs/template_engine.php b/htdocs/template_engine.php
index 05226f6..2f64b37 100644
--- a/htdocs/template_engine.php
+++ b/htdocs/template_engine.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/template_engine.php,v 1.26.2.38 2007/03/21 23:16:06 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/template_engine.php,v 1.26.2.40 2008/11/28 14:21:37 wurley Exp $
 
 /**
  * Template render engine.
@@ -38,7 +38,7 @@ if (isset($_REQUEST['dn'])) {
 	if (! $ldapserver->haveAuthInfo())
 		pla_error(_('Not enough information to login to server. Please check your configuration.'));
 
-	$ldapserver->dnExists($dn)
+	$ldapserver->dnExists(dn_escape($dn))
 		or pla_error(sprintf(_('No such entry: %s'),pretty_print_dn($dn)));
 
 	$rdn = get_rdn($dn);
@@ -870,15 +870,46 @@ foreach ($template['attrs'] as $attr => $vals) {
 
 					echo '</small>';
 
-				} else
+				} else {
+		if (is_dn_string($val) || $ldapserver->isDNAttr($attr))
+
+			if ($ldapserver->dnExists($val)) {
+				printf('<a title="'._('Go to %s').
+					'" href="template_engine.php?server_id=%s&amp;dn=%s"><img '.
+					'style="vertical-align: top" src="images/go.png" alt="Go" '.
+					'/>&nbsp;%s</a>&nbsp;',
+					htmlspecialchars($val),$ldapserver->server_id,
+					rawurlencode($val),dn_unescape($val));
+			} else {
+				printf('<a title="'._('DN not available %s').'"><img '.
+					'style="vertical-align: top" src="images/nogo.png" alt="N/E" '.
+					'/>&nbsp;%s</a>&nbsp;',
+					htmlspecialchars($val),$ldapserver->server_id,
+					rawurlencode($val),dn_unescape($val));
+			}
+
+		elseif (is_mail_string($val))
+			printf('<img style="vertical-align: center" src="images/mail.png"'.
+				' alt="Mail" />&nbsp;<a href="mailto:%s">%s</a>&nbsp;',
+			 	htmlspecialchars($val),$val);
+
+		elseif (is_url_string($val))
+			printf('<img style="vertical-align: center" src="images/dc.png" '.
+				'alt="URL" />&nbsp;<a href="%s" target="new">%s</a>&nbsp;',
+				htmlspecialchars($val),$val);
+
+		else
 					echo htmlspecialchars($val).'<br />';
+
+				}
 			}
 		}
 
 		if (! strcasecmp($attr,'userPassword') && isset($user_password))
 			printf('<small><a href="javascript:passwordComparePopup(\'%s\')">%s</a></small>',base64_encode($user_password),_('Check password...'));
 
-		if (preg_match("/^${attr}=/",$rdn))
+		if (preg_match("/^${attr}=/",$rdn) &&
+		 !($ldapserver->isReadOnly() || $ldapserver->isAttrReadOnly($attr)))
 			printf('<small>(<a href="%s">%s</a>)</small>',$rename_href,_('rename'));
 
 		echo '</td>';
@@ -1038,9 +1069,9 @@ foreach ($template['attrs'] as $attr => $vals) {
 			printf('<a href="%s" target="new"><img style="vertical-align: center" src="images/dc.png" alt="URL" /></a>&nbsp;',htmlspecialchars($val));
 
 		if ($ldapserver->isMultiLineAttr($attr,$val))
-			printf('<textarea class="val" rows="3" cols="50" name="%s" id="%s">%s</textarea>',$input_name,$input_id,htmlspecialchars($val));
+			printf('<textarea class="val" rows="3" cols="50" name="%s" id="%s">%s</textarea>',$input_name,$input_id,htmlspecialchars(dn_unescape($val)));
 		else
-			printf('<input type="text" class="val" name="%s" id="%s" value="%s" />&nbsp;',$input_name,$input_id,htmlspecialchars($val));
+			printf('<input type="text" class="val" name="%s" id="%s" value="%s" />&nbsp;',$input_name,$input_id,htmlspecialchars(dn_unescape($val)));
 
 		/* draw a link for popping up the entry browser if this is the type of attribute
 		   that houses DNs. */
@@ -1071,8 +1102,12 @@ foreach ($template['attrs'] as $attr => $vals) {
 
 				$description = isset($group['description']) ? $group['description'] : null;
 
-				if ($description)
+				if (is_array($description)) {
+					foreach ($description as $item)
+						printf(' (%s)',htmlspecialchars($item));
+				} else {
 					printf(' (%s)',htmlspecialchars($description));
+				}
 
 				echo '</small>';
 			}
diff --git a/htdocs/tree.php b/htdocs/tree.php
index 8488954..9ed9a68 100644
--- a/htdocs/tree.php
+++ b/htdocs/tree.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/tree.php,v 1.88.4.10 2007/03/18 03:16:06 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/Attic/tree.php,v 1.88.4.10 2007/03/18 03:16:06 wurley Exp $
 
 /**
  * This script displays the LDAP tree for all the servers that you have
diff --git a/htdocs/update.php b/htdocs/update.php
index 4ad8efb..0d00689 100644
--- a/htdocs/update.php
+++ b/htdocs/update.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.25.2.6 2006/01/14 23:33:39 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.25.2.7 2008/11/28 14:21:37 wurley Exp $
 
 /**
  * Updates or deletes a value from a specified attribute for a specified dn.
@@ -49,28 +49,35 @@ $failed_attrs = array();
 if (! is_array($update_array))
 	pla_error(_('update_array is malformed. This might be a phpLDAPadmin bug. Please report it.'));
 
-run_hook ('pre_update',array('server_id'=>$ldapserver->server_id,'dn'=>$dn,'update_array'=>$update_array));
 
 # Check for delete attributes (indicated by the attribute entry appearing like this: attr => ''
-foreach ($update_array as $attr => $val)
-	if (! is_array($val))
+foreach ($update_array as $attr => $val) {
+	if (! is_array($val)) {
 		if (array_key_exists($attr,$skip_array))
 			unset($update_array[$attr]);
-
 		elseif ($val == '')
 			$update_array[$attr] = array();
 
 		# Skip change
-		else
+		else {
+			if (is_dn_string($val) || $ldapserver->isDNAttr($attr))
+				$val=dn_escape($val);
 			$update_array[$attr] = $val;
-
-	else
+		}
+	} else {
 		if (array_key_exists($attr,$skip_array))
 			unset($update_array[$attr]);
 
 		else
-			foreach ($val as $i => $v)
+			foreach ($val as $i => $v) {
+				if (is_dn_string($v) || $ldapserver->isDNAttr($attr))
+					$v=dn_escape($v);
 				$update_array[$attr][$i] = $v;
+			}
+	}
+}
+run_hook ('pre_update',array('server_id'=>$ldapserver->server_id,'dn'=>$dn,'update_array'=>$update_array));
+#die();
 
 /* Call the custom callback for each attribute modification
    and verify that it should be modified.*/
diff --git a/htdocs/update_confirm.php b/htdocs/update_confirm.php
index c50b5ff..03ca4af 100644
--- a/htdocs/update_confirm.php
+++ b/htdocs/update_confirm.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update_confirm.php,v 1.43.2.12 2007/03/18 03:16:06 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update_confirm.php,v 1.43.2.13 2008/11/28 14:21:37 wurley Exp $
 
 /**
  * Takes the results of clicking "Save" in template_engine.php and determines which
@@ -151,15 +151,15 @@ if (count($update_array) > 0) {
 				if (obfuscate_password_display(get_enc_type($old_values[$attr][$key])))
 					echo preg_replace('/./','*',$old_values[$attr][$key]).'<br />';
 				else
-					echo nl2br(htmlspecialchars($old_values[$attr][$key])).'<br />';
+					echo nl2br(htmlspecialchars(dn_unescape($old_values[$attr][$key]))).'<br />';
 			}
 
 		} elseif (is_array($old_values[$attr]))
 			foreach ($old_values[$attr] as $v)
-				echo nl2br(htmlspecialchars($v)).'<br />';
+				echo nl2br(htmlspecialchars(dn_unescape($v))).'<br />';
 
 		else
-			echo nl2br(htmlspecialchars($old_values[$attr])).'<br />';
+			echo nl2br(htmlspecialchars(dn_unescape($old_values[$attr]))).'<br />';
 
 		echo '</span></td>';
 		echo '<td><span style="white-space: nowrap;">';
@@ -172,7 +172,7 @@ if (count($update_array) > 0) {
 						if (obfuscate_password_display(get_enc_type($new_val[$key])))
 							echo preg_replace('/./','*',$new_val[$key]).'<br />';
 						else
-							echo htmlspecialchars($new_val[$key]).'<br />';
+							echo htmlspecialchars(dn_unescape($new_val[$key])).'<br />';
 					}
 				}
 
@@ -185,7 +185,7 @@ if (count($update_array) > 0) {
 						$update_array[$attr] = array_values($update_array[$attr]);
 
 					} else {
-						echo nl2br(htmlspecialchars($v)).'<br />';
+						echo nl2br(htmlspecialchars(dn_unescape($v))).'<br />';
 					}
 				}
 			}
diff --git a/lib/functions.php b/lib/functions.php
index 1d67faa..abb726b 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/functions.php,v 1.283.2.39 2007/03/18 03:12:10 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/functions.php,v 1.283.2.42 2008/11/28 14:21:37 wurley Exp $
 
 /**
  * A collection of functions used throughout phpLDAPadmin.
@@ -316,6 +316,10 @@ function pla_compare_dns($dn1,$dn2) {
 
 	$dn1_parts = pla_explode_dn(pla_reverse_dn($dn1));
 	$dn2_parts = pla_explode_dn(pla_reverse_dn($dn2));
+
+	if (! $dn1_parts || ! $dn2_parts)
+		return;
+
 	assert(is_array($dn1_parts));
 	assert(is_array($dn2_parts));
 
@@ -1688,23 +1692,45 @@ function pla_explode_dn($dn,$with_attributes=0) {
 }
 
 /**
- * Parse a DN and escape any special characters
+ * Parse a DN and escape any special characters (rfc2253)
  */
 function dn_escape($dn) {
 	$olddn = $dn;
-
-	# Check if the RDN has a comma and escape it.
-	while (preg_match('/([^\\\\]),(\s*[^=]*\s*),/',$dn))
-		$dn = preg_replace('/([^\\\\]),(\s*[^=]*\s*),/','$1\\\\2C$2,',$dn);
-
-	$dn = preg_replace('/([^\\\\]),(\s*[^=]*\s*)([^,])$/','$1\\\\2C$2$3',$dn);
-
+	#
+	# http://rfc.net/rfc2253.html
+	# special    = '"' / "," / "=" / "+" / "<" /  ">" / "#" / ";"
+	# Check if the RDN has special chars escape them.
+	# -  only simplest cases are dealt with 
+	# TODO: '=' unhandled
+	# ';' may be used instead of ',' but its use is discouraged
+	while (preg_match('/([^\\\\])[;,](\s*[^=]*\s*)([;,]|$)/',$dn)) {
+		$dn = preg_replace('/([^\\\\]),(\s*[^=]*\s*)([;,]|$)/','$1\\\\2c$2$3',$dn);
+		$dn = preg_replace('/([^\\\\]);(\s*[^=]*\s*)([;,]|$)/','$1\\\\3b$2$3',$dn);
+	}
+	$dn = preg_replace('/([^\\\\])\+/','$1\\\\2b',$dn);
+	$dn = preg_replace('/([^\\\\])"/','$1\\\\22',$dn);
+	$dn = preg_replace('/([^\\\\])#([^0-9a-f]|$)/i','$1\\\\23$2',$dn);
+	$dn = preg_replace('/([^\\\\])>/','$1\\\\3e',$dn);
+	$dn = preg_replace('/([^\\\\])</','$1\\\\3c',$dn);
 	if (DEBUG_ENABLED)
 		debug_log('dn_escape(): Entered with (%s), Returning (%s)',1,$olddn,$dn);
 
 	return $dn;
 }
 
+/**
+ * Parse a DN and escape any special characters for use in javascript selection
+ */
+function dn_js_escape($dn) {
+	$olddn = $dn;
+	#
+	$dn = preg_replace('/([^\\\\])\'/','$1\\\\\'',$dn);
+	if (DEBUG_ENABLED)
+		debug_log('dn_js_escape(): Entered with (%s), Returning (%s)',1,$olddn,$dn);
+
+	return $dn;
+}
+
 /**
  * Parse a DN and unescape any special characters
  */
@@ -1835,6 +1861,7 @@ function pla_reverse_dn($dn) {
 	if (DEBUG_ENABLED)
 		debug_log('pla_reverse_dn(): Entered with (%s)',1,$dn);
 
+	$rev = '';
 	foreach (pla_explode_dn($dn) as $key => $branch) {
 
 		// pla_expode_dn returns the array with an extra count attribute, we can ignore that.
@@ -2274,8 +2301,8 @@ function shadow_date( $attrs, $attr) {
 	if (DEBUG_ENABLED)
 		debug_log('shadow_date(): Entered with (%s,%s)',1,$attrs,$attr);
 
-	$shadowLastChange = isset($attrs['shadowLastChange']) ? $attrs['shadowLastChange'][0] : null;
-	$shadowMax = isset($attrs['shadowMax']) ? $attrs['shadowMax'][0] : null;
+	$shadowLastChange = isset($attrs['shadowLastChange']) ? $attrs['shadowLastChange'] : null;
+	$shadowMax = isset($attrs['shadowMax']) ? $attrs['shadowMax'] : null;
 
 	if( 0 == strcasecmp( $attr, 'shadowLastChange' ) && $shadowLastChange)
 		$shadow_date = $shadowLastChange;
diff --git a/lib/server_functions.php b/lib/server_functions.php
index 49868d3..b4f60a9 100644
--- a/lib/server_functions.php
+++ b/lib/server_functions.php
@@ -1,5 +1,5 @@
 <?php
-/* $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/server_functions.php,v 1.34.2.32 2007/03/18 01:57:18 wurley Exp $ */
+/* $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/server_functions.php,v 1.34.2.33 2008/11/28 14:21:37 wurley Exp $ */
 
 /**
  * Classes and functions for LDAP server configuration and capability
@@ -1698,16 +1698,16 @@ class LDAPserver {
 
 		switch ($scope) {
 			case 'base':
-				$search = @ldap_read($resource,$base_dn,$filter,$attrs,0,$size_limit,0,$deref);
+				$search = @ldap_read($resource,dn_escape($base_dn),$filter,$attrs,0,$size_limit,0,$deref);
 				break;
 
 			case 'one':
-				$search = @ldap_list($resource,$base_dn,$filter,$attrs,0,$size_limit,0,$deref);
+				$search = @ldap_list($resource,dn_escape($base_dn),$filter,$attrs,0,$size_limit,0,$deref);
 				break;
 
 			case 'sub':
 			default:
-				$search = @ldap_search($resource,$base_dn,$filter,$attrs,0,$size_limit,0,$deref);
+				$search = @ldap_search($resource,dn_escape($base_dn),$filter,$attrs,0,$size_limit,0,$deref);
 				break;
 		}
 
diff --git a/lib/tree_functions.php b/lib/tree_functions.php
index ab4ed70..85b8d7e 100644
--- a/lib/tree_functions.php
+++ b/lib/tree_functions.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/tree_functions.php,v 1.20.2.23 2007/03/18 03:21:18 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/Attic/tree_functions.php,v 1.20.2.23 2007/03/18 03:21:18 wurley Exp $
 
 /**
  * @package phpLDAPadmin
diff --git a/templates/creation/custom.php b/templates/creation/custom.php
index d9e1391..87bda76 100644
--- a/templates/creation/custom.php
+++ b/templates/creation/custom.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/templates/creation/custom.php,v 1.43.2.6 2006/03/01 01:04:05 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/templates/creation/Attic/custom.php,v 1.43.2.6 2006/03/01 01:04:05 wurley Exp $
 
 $rdn = isset($_POST['rdn']) ? $_POST['rdn'] : null;
 $container = $_POST['container'];
diff --git a/templates/template_header.php b/templates/template_header.php
index bde3ab4..deb9638 100644
--- a/templates/template_header.php
+++ b/templates/template_header.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/templates/template_header.php,v 1.6.4.7 2007/03/18 03:23:26 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/templates/Attic/template_header.php,v 1.6.4.7 2007/03/18 03:23:26 wurley Exp $
 
 /**
  * Header page for engine.