From da5f7cdb6229014995a7ef6415c47194fc8d9f3b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20Se=C3=9Fler?= <bernhard.sessler@diehl.com>
Date: Mon, 19 Oct 2015 14:07:57 +0200
Subject: [PATCH] Decode HTML entities in LDAP password
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Special characters contained in the password are encoded into HTML
entities when submitting the login form, which in turn causes problems
when trying to authenticate against an LDAP directory (such as Active
Directory).
Decoding potential HTML entities in the password allows for binding
to LDAP with a password containing special characters.

Signed-off-by: Bernhard Seßler <bernhard.sessler@diehl.com>
---
 login_functions.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/login_functions.php b/login_functions.php
index 95ff6a4..ced52d9 100644
--- a/login_functions.php
+++ b/login_functions.php
@@ -88,6 +88,9 @@ function ldapAuthenticate($email, $password, $SessionCachePolicy, $rememberme)
     include "cdash/config.php";
     include_once "models/user.php";
 
+    // Decode possible HTML entities in password
+    $password = html_entity_decode($password);
+
     $ldap = ldap_connect($CDASH_LDAP_HOSTNAME);
     ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, $CDASH_LDAP_PROTOCOL_VERSION);
     ldap_set_option($ldap, LDAP_OPT_REFERRALS, $CDASH_LDAP_OPT_REFERRALS);
-- 
2.6.1