Closed (fixed)
Project:
Database Scripts
Version:
6.x-2.x-dev
Component:
Code
Priority:
Normal
Category:
Bug report
Assigned:
Reporter:
Created:
2 Sep 2008 at 20:31 UTC
Updated:
1 Jan 2010 at 05:30 UTC
In secure development environments, lazy developers like to connect to the DB without using a password.
ex: $db_url = 'mysqli://root@localhost/my_site';
We can allow for this if we tweak the regex:
function dbscripts_db_connect() {
require('config.inc');
require("$settings_path/settings.php");
preg_match('/'.$dbtype.':\/\/([^:]+):*([^@]*)@([^\/]+)\/(.+)/', $db_url, $db_settings);
$dbuser = $db_settings[1];
$dbpassword = $db_settings[2];
$dbhost = $db_settings[3];
$dbname = $db_settings[4];
return "-u $dbuser ".($dbpassword ? "-p$dbpassword" : "")." -h $dbhost $dbname";
}
Note that only the preg_match and return lines have been changed
Comments
Comment #1
ceardach commentedThanks, hadn't even thought of that scenario. I'll add the support the next time I work on it (which should be soon, I'm trying to push out v1.0 soonish).
Comment #2
ceardach commentedComment #3
mikey_p commentedThis would be another candidate for parse_url.
Comment #4
hefox commentedhttp://drupalcode.org/viewvc/drupal/contributions/modules/dbscripts/dbsc...