diff options
-rw-r--r-- | core/EjabberdAuth.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/core/EjabberdAuth.php b/core/EjabberdAuth.php index 7817d64..c9b5ec4 100644 --- a/core/EjabberdAuth.php +++ b/core/EjabberdAuth.php @@ -63,6 +63,7 @@ class EjabberdAuth { function execute($data) { $args = explode(':', $data . ':::'); list($command, $username, $server, $password) = $args; + $username = xmpp_unescape_node($username); // Don't log the password, obviously. $this->log("Executing $command on {$username}@{$server}"); @@ -84,3 +85,10 @@ class EjabberdAuth { } } } + +function xmpp_unescape_node($string) { + return str_replace( + ['\\20', '\\22', '\\26', '\\27', '\\2f', '\\3a', '\\3c', '\\3e', '\\40', '\\5c'], + [' ', '"', '&', '\'', '/', ':', '<', '>', '@', '\\'], + $string); +} |