Download & Extend
Database Scripts » Issues

connect string doesn't allow for blank mysql password

Posted by ryan_courtnage on September 2, 2008 at 8:31pm
Project:Database Scripts
Version:6.x-2.x-dev
Component:Code
Category:bug report
Priority:normal
Assigned:ceardach
Status:closed (fixed)

Issue Summary

In secure development environments, lazy developers like to connect to the DB without using a password.

ex: $db_url = 'mysqli://root@localhost/my_site';

We can allow for this if we tweak the regex:

<?php
function dbscripts_db_connect() {
  require('config.inc');
  require("$settings_path/settings.php");
 
  preg_match('/'.$dbtype.':\/\/([^:]+):*([^@]*)@([^\/]+)\/(.+)/', $db_url, $db_settings);

  $dbuser = $db_settings[1];
  $dbpassword = $db_settings[2];
  $dbhost = $db_settings[3];
  $dbname = $db_settings[4];

  return "-u $dbuser ".($dbpassword ? "-p$dbpassword" : "")." -h $dbhost $dbname";
}
?>

Note that only the preg_match and return lines have been changed
Login or register to post comments

Comments

#1

Posted by ceardach on September 2, 2008 at 9:09pm
Assigned to:Anonymous» ceardach

Thanks, hadn't even thought of that scenario. I'll add the support the next time I work on it (which should be soon, I'm trying to push out v1.0 soonish).

#2

Posted by ceardach on February 22, 2009 at 11:01pm
Version:5.x-1.x-dev» 6.x-2.x-dev

#3

Posted by mikey_p on July 2, 2009 at 9:02pm

This would be another candidate for parse_url.

#4

Posted by hefox on December 18, 2009 at 5:24am
Status:active» fixed

http://drupalcode.org/viewvc/drupal/contributions/modules/dbscripts/dbsc...

#5

Posted by System Message on January 1, 2010 at 5:30am
Status:fixed» closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.