Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Escaping MySQL password

by THRAK (Monk)
on Mar 26, 2001 at 18:06 UTC ( #67188=perlquestion: print w/replies, xml ) Need Help??

THRAK has asked for the wisdom of the Perl Monks concerning the following question:

I have a MySQL database that has a password that is "some@thing". If I connect to the DB using using an escaped string or collect the password as a CGI parameter it connects without a problem. I've found that it chokes on the password when I read it from a file. As a psuedo-code snippet:

$_ = "host|db_name|user|some@thing"; ($host, $database, $username, $password) = split /\|/; $dbh = DBI->connect("DBI:mysql:$database:$host", $username, $password) + || error('login');


This causes the DB connection to fail because of the password. If I do this, it then works:

$_ = "host|db_name|user|some@thing"; ($host, $database, $username, $password) = split /\|/; $password = "some\@thing"; $dbh = DBI->connect("DBI:mysql:$database:$host", $username, $password) + || error('login');


I've tried $password = quotemeta($password) but that didn't work either.

I'm stumped and this is holding up my progress. How do I go about escaping the "@" character so MySQL is happy?

Thanks - THRAK

Replies are listed 'Best First'.
Re: Escaping MySQL password
by sutch (Curate) on Mar 26, 2001 at 18:13 UTC
    Since your password is the last element on the line read from the file, perhaps you need a chomp to remove a newline?
Re: Escaping MySQL password
by ChOas (Curate) on Mar 26, 2001 at 18:15 UTC
    Hey

    Try:
    $_ = "host|db_name|user|some\@thing";

    or:

    $_ = 'host|db_name|user|some@thing';

    In you example Perl is looking for the @thing list...
    (Unless declared by you) it will be 'undef', and your
    password (after the split) will look like "some"

    something you won`t notice when you don't use strict and -w

    So use strict, and -w

    GreetZ!,
      ChOas

    print "profeth still\n" if /bird|devil/;
Re: Escaping MySQL password
by kilinrax (Deacon) on Mar 26, 2001 at 18:17 UTC
    The problem with the specific snippet you quote here is that double-quoting the string leads it being interpolated, thus;
    $_ = "host|db_name|user|some@thing";
    will result in $_ containing `host|db_name|user|some`, at the array `@thing` is undefined at this point in the code.
    Try using single quotes instead.
Re: Escaping MySQL password
by davorg (Chancellor) on Mar 26, 2001 at 18:19 UTC

    I think you'll find that if you develop scripts with -w and use strict then perl will do its best to tell you what you're doing wrong.

    In this case, I'm guessing that it'll complain about an unescaped '@' in a double-quoted string.

    --
    <http://www.dave.org.uk>

    "Perl makes the fun jobs fun
    and the boring jobs bearable" - me

      I am using strict and -w, I alway do. Perl doesn't complain because it's just reading what it found in the file. This isn't the exact code, but just a brief pseudo-code to illustrate the problem. $_ is actually a line as within a while loop from a file read. I haven't tried some of the suggestions above, but I will give it a go and see what happens.

      Thanks - THRAK
Re: Escaping MySQL password
by THRAK (Monk) on Mar 26, 2001 at 18:49 UTC
    Duh! Chomp. Somethings are so obvious you look right through them. Generally when I read from a file I always chomp it immediately to avoid these types of things. Thanks a lot for helping me see the (fairly) obvious.

    THRAK
Re: Escaping MySQL password
by Masem (Monsignor) on Mar 26, 2001 at 19:24 UTC
    Another option is to move the user name and password out from the perl file into a configuration file, which would not need to be quoted there, and you gain the bonus of having your script a bit more secure, particularly from other users on the same system. For MySQL, you simply need a .mycfg in the home dir of the script's owner.

    With mod_perl, you can also stick the username/password details into the http configuration file, but I would suspect that you'd need to quote them there as well.


    Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://67188]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (5)
As of 2020-08-15 11:04 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Which rocket would you take to Mars?










    Results (78 votes). Check out past polls.

    Notices?