Closed dwydler closed 1 year ago
Thanks for reporting. I have rewritten the configuration manager from scratch and vastly simplified the DB manager for 2.19 so I am surprised I did not notice more subtle bugs like this.
But when I tried running the following in MySQL:
CREATE USER 'selfoss_test'@'localhost' IDENTIFIED BY '@*()!';
CREATE DATABASE selfoss_test;
GRANT ALL PRIVILEGES ON selfoss_test.* TO selfoss_test@localhost;
and then adding the following to config.ini
:
db_type=mysql
db_host=localhost
db_database=selfoss_test
db_username=selfoss_test
db_password="@*()!"
It worked just fine for me.
logger_level=DEBUG
to your config.ini
and then temporarily modify selfoss as follows:--- a/src/helpers/DatabaseConnection.php
+++ b/src/helpers/DatabaseConnection.php
@@ -35,7 +35,7 @@ class DatabaseConnection {
**/
public function __construct(Logger $logger, $dsn, $user = null, $pw = null, array $options = [], $tableNamePrefix = '') {
$this->logger = $logger;
- $this->logger->debug('Creating database connection', ['dsn' => $dsn]);
+ $this->logger->debug('Creating database connection', ['dsn' => $dsn, 'user' => $user, 'pw' => $pw]);
$this->pdo = new PDO($dsn, $user, $pw, $options);
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$this->tableNamePrefix = $tableNamePrefix;
Something like the following should then be logged, where you can check if the password is parsed correctly:
selfoss.DEBUG: Creating database connection {"dsn":"mysql:host=localhost; dbname=selfoss_test","user":"selfoss_test","pw":"@*()!"}
Maybe you can add a note to make it clear for all other users. Because in previous versions it was not necessary.
Weirdly, for me, (
, (
or !
fail with an error like:
syntax error, unexpected '!' in /home/jtojnar/Projects/selfoss/src/../config.ini on line 36
so I had to add quotes for a DB connection to be even attempted.
But just db_password=@*
works just fine, even without quotes.
I am also using MariaDB but if it works with quotes for you, that probably is not the issue.
Maybe PHP version difference? I am running 8.1.11.
I would be interested to see if the debug log does show your password correctly when you apply the patch above.
But just db_password=@* works just fine, even without quotes.
I tested it detailed. You are right. This chars works without quote the password.
Weirdly, for me, (, ( or ! fail with an error like:
Here the same. I see the same error message like you.
So it is wanted that the password has to be quoted in the configuration file?
We are just using parse_ini_file
function but it looks like it does all sort of weird transformations, even with (that I forgot to add when I ported configuration away from F3. I guess we will need to switch to a custom parser like F3 had.INI_SCANNER_RAW
I have added a warning about this in the news (for people reading them on GItHub).
And pushed a commit that will allow unquoted special characters again. But for 2.19, quoting will be required.
Thank you.
Hello Jan, i do an update from 2.18 to 2.19 with the zip file. The password for the database user include some special chars (@*()!).
After Update selfoss can not connect the database anymore. Here the content of the logfile.
If i remove all special chars from the password, the connection are successfully.
Please double check it. Thanks.