Patch to disallow people putting monkeys and other unwanted characters that break internal scripts into their cn

git-svn-id: http://svn.mozilla.org/projects/phonebook/trunk@129691 4eb1ac78-321c-0410-a911-ec516a8615a5

constants.php

@@ -69,3 +69,4 @@ $output_formats = array(
     'jsonp',
     'vcard',
 );
+$MONKEY_FREE_ARRAY = array('cn');

edit.php

@@ -18,12 +18,16 @@ if (isset($_REQUEST["edit_mail"]) && $is_admin) {
 
 $user_search = $search->query_users("mail=$edit_user", "dc=mozilla");
 $user_data = $user_search[0];
-
 if (!empty($_POST)) {
   $new_user_data = array();
   foreach ($editable_fields as $editable_field) {
     if (isset($_POST[$editable_field])) {
-      $new_user_data[$editable_field] = $_POST[$editable_field];
+        if(in_array($editable_field, $MONKEY_FREE_ARRAY)){
+            $update_data = preg_replace('/[^\p{L}\s]/u','', $_POST[$editable_field]);
+        } else {
+            $update_data = $_POST[$editable_field];
+        }
+        $new_user_data[$editable_field] = $update_data;
     }
   }