Forum
MySQL Passwords with Semicolons
Hi,
Today we have noticed a problem with MySQL connections with passwords that contain a semicolon character. We used the generated password created in cPanel and it took a while for us to figure out that this was causing the problem. Looking at the connection code it makes sense that this would fail with a password such as abCDe;FG12@:
// PerchDB_Mysql.class.php Line 48
foreach($dsn_opts as $key=>$val) {
$dsn .= "$key=$val;";
}
It's a rare occurrence, but there are no restrictions on characters for MySQL passwords so this problem could spring up again in the future.
Yes, that would certainly fail. I can't actually find any information about correctly escaping a PDO DSN - I guess the expectation is that it's being hand entered.
Perch could possibly throw a warning if it can see a semicolon in the password, would help developers to track down the problem and simply create a new password if it's not something that's easily possible.
Thanks for checking it out!
Yes, I was thinking there could well be other characters that need escaping.
The password doesn't get concatenated into the DSN. The only parts that are added in that loop are:
The username and password are passed into the PDO constructor directly:
Was the password the only place the semicolon was appearing? What was the error you were getting?
I believe the password was the only place it was occurring.
Strange, I've tried to recreate it locally and cannot trigger any failing. So far
MySQL user:
testingMySQL pass:password;testGranted access to the database and the connection is fine. I'm thinking now that this may be something more to do with the server than Perch - possibly even cPanel is not capable of passing a semicolon through causing the problem. I'll investigate some more tomorrow back in the office to verify this as MAMP on my home mac isn't exactly a good comparison.