connect string doesn't allow for blank mysql password
ryan_courtnage - September 2, 2008 - 20:31
| Project: | Database Scripts |
| Version: | 6.x-2.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | ceardach |
| Status: | active |
Jump to:
Description
In secure development environments, lazy developers like to connect to the DB without using a password.
ex: $db_url = 'mysqli://root@localhost/my_site';
We can allow for this if we tweak the regex:
<?php
function dbscripts_db_connect() {
require('config.inc');
require("$settings_path/settings.php");
preg_match('/'.$dbtype.':\/\/([^:]+):*([^@]*)@([^\/]+)\/(.+)/', $db_url, $db_settings);
$dbuser = $db_settings[1];
$dbpassword = $db_settings[2];
$dbhost = $db_settings[3];
$dbname = $db_settings[4];
return "-u $dbuser ".($dbpassword ? "-p$dbpassword" : "")." -h $dbhost $dbname";
}
?>Note that only the preg_match and return lines have been changed
#1
Thanks, hadn't even thought of that scenario. I'll add the support the next time I work on it (which should be soon, I'm trying to push out v1.0 soonish).
#2
#3
This would be another candidate for parse_url.