Open schplurtz opened 7 months ago
Thanks for the report, @schplurtz !
Feel free to submit a pull request, if you'd like. Here is some guidance on our pull request best practices.
Looks like we have used addslashes()
function for all values. Is their better function to avoid this issue? Or should we implement special check for double apostrophe?
Ref: https://github.com/wp-cli/config-command/blob/main/src/Config_Command.php#L1204-L1206
if ( is_string( $value ) ) {
return addslashes( $value );
}
Looks like the escaping is on purpose. Ref: https://github.com/wp-cli/config-command/issues/93 https://github.com/wp-cli/config-command/pull/95
I'm glad to se that there is activity on this bug report, although I fail to see how a problem with single quote (#93) is in any way related to this problem with double quote that are escaped but should not.
PHP rules for escaping inside single quotes are so simple : only escape '
and \
, that I expected the fix to be quick and easy. I'm really sorry to give you so much work and wish you good luck with all that.
PR https://github.com/wp-cli/config-command/pull/181 adds a fix for the issue. Also takes care of https://github.com/wp-cli/config-command/issues/94
Tested with success. PR #181 fixes the issue.
Reopening because #181 was reverted for the time being
Bug Report
Describe the current, buggy behavior
If db password has
"
, thenwp config create --dbpass='abcd"efgh' --other...
will create a wrongDB_PASSWORD
line inwp-config.php
. The resulting line is:This is wrong. There should not be the
\
Describe how other contributors can replicate this bug
"
in the password. eg these sql commands:wp config create
. This is where wp generates the wrong lineDescribe what you would expect as the correct outcome
The
"
on theDB_PASSWORD
line should not be escaped. Given the above commands, theDB_PASSWORD
line in wp-config.php should read:Let us know what environment you are running this on
Provide a possible solution
Not a solution, but I found 2 workarounds:
"
in db password, obviouslywp config set
afterwards. Strangely, it generates a correct line in wp-config.php.