#
# Security fix for LDAP injection (#1293)
# Licensed under the GPLv2
# Olivier Bilodeau <obilodeau@inverse.ca>
#
# old_revision [d0aba756a3e8ff9002c0dd9be1885ea6d38ea0ff]
#
# patch "pf/html/admin/login.php"
#  from [5a1ccaad2d60f3ff17308787bc48e58b5b7fc161]
#    to [52a09fcc6fa308e31f25088f3fa1e283b7a18b77]
#
============================================================
--- pf/html/admin/login.php	5a1ccaad2d60f3ff17308787bc48e58b5b7fc161
+++ pf/html/admin/login.php	52a09fcc6fa308e31f25088f3fa1e283b7a18b77
@@ -30,7 +30,7 @@ function check_input($input){
 }
 
 function check_input($input){
-  if(preg_match("/^[\@a-zA-Z0-9_\:\,\(\)]/", $input) && strlen($input) <= 15){
+  if(preg_match("/^[\@a-zA-Z0-9_\:\,\(\)]+$/", $input) && strlen($input) <= 15){
     return true; 
   }        
   else{