Hi,
Does anyone know if password characters need to be escaped before passing it to this function?
How to avoid injection or is it not possible with this ldap_bind?
Thanks
ldap_bind Injection
Moderator: General Moderators
Re: ldap_bind Injection
No, you pass them in plain text. If you're worried about security, connect to your LDAP server using ldaps://
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.