X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=search.cgi;h=37695386b8bbde31bc82e6e303219247c776d582;hb=49c05461dc2851df308933e0e2976feb16dec0f3;hp=5a328c093297b1021f398de4f1c2686ca2f71303;hpb=564e86b5e750fb3f448a336fdd7f441b6e57e4ed;p=mirror%2Fuserdir-ldap-cgi.git

diff --git a/search.cgi b/search.cgi
index 5a328c0..3769538 100755
--- a/search.cgi
+++ b/search.cgi
@@ -17,11 +17,11 @@ use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
 my %config = &Util::ReadConfigFile;
 
 my $query = new CGI;
-my $id = $query->param('id');
+my $id = uri_escape($query->param('id'));
 my $authtoken = $query->param('authtoken');
 my $password = &Util::CheckAuthToken($authtoken);
-my $dosearch = $query->param('dosearch');
-my $searchdn = $query->param('searchdn');
+my $dosearch = uri_escape($query->param('dosearch'));
+my $searchdn = uri_escape($query->param('searchdn'));
 my $ldap = undef;
 
 my $proto = ($ENV{HTTPS} ? "https" : "http");
@@ -30,7 +30,7 @@ sub DieHandler {
   $ldap->unbind if (defined($ldap));
 }
 
-$SIG{__DIE__} = \&DieHandler;
+#$SIG{__DIE__} = \&DieHandler;
 
 if (!$dosearch) {
   # No action yet, send back the search form...
@@ -61,7 +61,7 @@ if (!$dosearch) {
 
   # go through %searchdata and pull out all the search criteria the user
   # specified...
-  my $filter = "(objectclass=inetOrgPerson)";
+  my $filter = "(objectclass=inetOrgPerson)(!(accountStatus=*))";
   foreach (keys(%searchdata)) {
     if ($query->param($searchdata{$_}{formname})) {    
       if ($query->param($searchdata{$_}{fuzzy})) {