From 25b2a01b6554e269e7f3195952bcac658735d53c Mon Sep 17 00:00:00 2001 From: Jaap Eldering Date: Fri, 22 Nov 2024 18:12:28 +0100 Subject: [PATCH] Fixes for supporting passwords with weird characters Use URL encoding in DATABASE_URL and return mysql_options as an array (via ugly global variable), so each element in it can be separately added to the command line using `@` for expansion. Because of changing the script to bash, also reverts some of the changes in 483200a7feb22f28b64c9fda72c. --- sql/dj_setup_database.in | 46 ++++++++++++++++++++++++++++------------ 1 file changed, 33 insertions(+), 13 deletions(-) diff --git a/sql/dj_setup_database.in b/sql/dj_setup_database.in index 8095fb706c..c4251484e2 100755 --- a/sql/dj_setup_database.in +++ b/sql/dj_setup_database.in @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # @configure_input@ # This script allows one to perform DOMjudge database setup actions. @@ -52,30 +52,47 @@ not have to pass any of the options above. EOF } +urlencode() +{ + php -r "echo rawurlencode('$1');" +} + +# This is global variable to be able to return the output from +# mysql_options() below as an array, which is not possible otherwise. +declare -a _mysql_options + mysql_options() { + local user pass + _mysql_options=() + # shellcheck disable=SC2153 if [ -n "$DBUSER" ]; then - _user="-u $DBUSER" - else - _user="${DBA_USER:+-u ${DBA_USER}}" + _mysql_options+=('-u' "$DBUSER") + elif [ -n "$DBA_USER" ]; then + _mysql_options+=('-u' "$DBA_USER") fi # shellcheck disable=SC2153 if [ -n "$PASSWD" ]; then - _pass="-p$PASSWD" - else - [ -n "$PROMPT_PASSWD" ] && _pass="-p" - [ -n "$DBA_PASSWD" ] && _pass="-p$DBA_PASSWD" + _mysql_options+=("-p$PASSWD") + elif [ -n "$DBA_PASSWD" ]; then + _mysql_options+=("-p$DBA_PASSWD") + elif [ -n "$PROMPT_PASSWD" ]; then + _mysql_options+=('-p') fi - [ -z "$USE_SOCKET" ] && port="-P$DBPORT" - echo $_user ${_pass:+"$_pass"} -h "$DBHOST" ${port:+"$port"} + _mysql_options+=('-h' "$DBHOST") + + if [ -z "$USE_SOCKET" ]; then + _mysql_options+=("-P$DBPORT") + fi } # Wrapper around mysql command to allow setting options, user, etc. mysql() { - command mysql $(mysql_options) --silent --skip-column-names "$@" + mysql_options + command mysql "${_mysql_options[@]}" --silent --skip-column-names "$@" } # Quick shell hack to get a key from an INI file. @@ -126,10 +143,13 @@ symfony_console() fi if [ -n "$DBA_USER" ]; then + user=$(urlencode "${DBA_USER}") + host=$(urlencode "${domjudge_DBHOST}") + db=$(urlencode "${domjudge_DBNAME}") if [ -n "$DBA_PASSWD" ]; then - DATABASE_URL=mysql://${DBA_USER}:${DBA_PASSWD}@${domjudge_DBHOST}:${domjudge_DBPORT}/${domjudge_DBNAME} + DATABASE_URL="mysql://$user:$(urlencode "${DBA_PASSWD}")@$host:${domjudge_DBPORT}/$db" else - DATABASE_URL=mysql://${DBA_USER}@${domjudge_DBHOST}:${domjudge_DBPORT}/${domjudge_DBNAME} + DATABASE_URL="mysql://$user@$host:${domjudge_DBPORT}/$db" fi fi fi