Index: html/includes/authentication/ldap.inc.php
===================================================================
--- html/includes/authentication/ldap.inc.php	(revision 5299)
+++ html/includes/authentication/ldap.inc.php	(working copy)
@@ -155,7 +155,7 @@
     $userdn = ($config['auth_ldap_groupmembertype'] == 'fulldn' ? ldap_dn_from_username($username) : $username);
     $filter = "(&(|(cn=" . join(")(cn=", array_keys($config['auth_ldap_groups'])) . "))(" . $config['auth_ldap_groupmemberattr'] . "=" . $userdn . "))";
     if ($debug) { echo("LDAP[Filter][$filter]\n"); }
-    $search = ldap_search($ds, $config['auth_ldap_groupbase'], $filter);
+    $search = ldap_search($ds, $config['auth_ldap_groupbase'], addslashes($filter));
     $entries = ldap_get_entries($ds, $search);
 
     // Loop the list and find the highest level