Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Database functions fail if db_password contains special characters #181

Closed
yorkshire-pudding opened this issue Apr 8, 2022 · 3 comments · Fixed by #183
Closed

Database functions fail if db_password contains special characters #181

yorkshire-pudding opened this issue Apr 8, 2022 · 3 comments · Fixed by #183
Labels
type: bug

Comments

@yorkshire-pudding
Copy link
Collaborator

This also applies to db_name and db_username but these are less likely to have special characters.
For the purposes of Backdrop where rawurlencode is used, special means anything except A-Z, a-z, 0-1, - _ . ~
https://www.php.net/manual/en/function.rawurlencode.php

Steps to reproduce

  1. Create a backdrop database
  2. Set the users password to have special characters
  3. Attempt install, db-import, db-export, sql, or status --show-password

Expected result works as normal

Actual results
install, db-import, db-export, sql will all fail
status --show-password will show the encoded password

The backdrop GUI installer core/install.php, powered by core/includes/install.inc, uses rawurlencode() for db_name, db_username and db_password so what is stored in settings.php has these values encoded.

If the rawurldecode() function is not used to read the database information stored in settings.php then the value returned will be encoded and so won't match the actual DB password.
This was referenced Apr 8, 2022
Closed
Merged
@ghost ghost added pr: needs work and removed pr: needs review labels Apr 12, 2022
@ghost
Copy link

ghost commented Apr 12, 2022

Left a review requesting changes.

@yorkshire-pudding
Copy link
Collaborator Author

yorkshire-pudding commented Apr 12, 2022
edited
Loading

@BWPanda - done all the db.bee.inc changes.
Might be worth a discussion about the install.bee.inc changes. As stated on the PR, I tried parse_url and it couldn't handle complex passwords.

@ghost ghost closed this as completed in #183 May 19, 2022
ghost pushed a commit that referenced this issue May 19, 2022
@yorkshire-pudding
Issue #181 - Properly encode/decode DB name, password, etc.
b29e71d
@ghost
Copy link

ghost commented May 19, 2022

Thanks so much for this @yorkshire-pudding! Did a final review, made one small change I didn't notice before, and merged!

@ghost ghost removed the pr: needs review label May 19, 2022
@yorkshire-pudding yorkshire-pudding mentioned this issue Dec 27, 2022
Closed
yorkshire-pudding added a commit to yorkshire-pudding/bee that referenced this issue Jul 30, 2024
@yorkshire-pudding
Updated install instructions to reflect changes in Issue backdrop-con…
3c55183 
…trib#181
bugfolder pushed a commit to bugfolder/bee that referenced this issue Jul 31, 2024
@yorkshire-pudding @bugfolder
Updated install instructions to reflect changes in Issue backdrop-con…
5d12004 
…trib#181
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: bug
Projects
None yet
Milestone
No milestone
1 participant
@yorkshire-pudding