- $filter = $_REQUEST['filter'];
- $search = $_REQUEST['search'];
- $org = $_REQUEST['org'];
- $marker = $_REQUEST['marker'];
- $_SESSION[ldapab][filter] = $filter;
+ if (empty($_REQUEST['filter'])) { $_REQUEST['filter']=''; }
+ if (empty($_REQUEST['search'])) { $_REQUEST['search']=''; }
+ if (empty($_REQUEST['org'])) { $_REQUEST['org']=''; }
+ if (empty($_REQUEST['marker'])) { $_REQUEST['marker']=''; }
+ $filter = ldap_filterescape($_REQUEST['filter']);
+ $search = ldap_filterescape($_REQUEST['search']);
+ $org = ldap_filterescape($_REQUEST['org']);
+ $marker = ldap_filterescape($_REQUEST['marker']);
+ $_SESSION['ldapab']['filter'] = $_REQUEST['filter'];