[vuser] r577 committed - Untested patch to fix password quoting
codesite...@google.com
Author: perlstalker
Date: Fri Oct 16 07:50:47 2009
Log: Untested patch to fix password quoting
http://code.google.com/p/vuser/source/detail?r=577
Modified:
/VUser-Google-ProvisioningAPI/trunk/lib/VUser/Google/ProvisioningAPI/V2_0.pm
=======================================
---
/VUser-Google-ProvisioningAPI/trunk/lib/VUser/Google/ProvisioningAPI/V2_0.pm
Tue Sep 15 21:19:35 2009
+++
/VUser-Google-ProvisioningAPI/trunk/lib/VUser/Google/ProvisioningAPI/V2_0.pm
Fri Oct 16 07:50:47 2009
@@ -721,7 +721,16 @@
$body .= ' hashFunctionName="'.$new_entry->{hashFunctionName}.'"';
}
$body .= ' userName="'.$new_entry->User.'"' if defined $new_entry->User;
- $body .= ' password="'.$new_entry->Password.'"' if defined
$new_entry->Password;
+
+ if (defined $new_entry->Password) {
+ my $passwd = $new_entry->Password;
+ # escape quotes
+ # See section 2.4 of http://www.w3.org/TR/xml/
+ #$passwd ~= s/\"/\\"/;
+ $passwd ~= s/\"/"/;
+ $body .= ' password="'.$new_entry->Password.'"';
+ }
+
$body .= ' suspended="'.($new_entry->isSuspended? 'true' : 'false').'"';
#LP:changePasswordAtNextLogin
#print "too(".$new_entry->changePasswordAtNextLogin.")";