|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2010-11-01 18:24 UTC] felipe@php.net
-Status: Open
+Status: Bogus
[2010-11-01 18:24 UTC] felipe@php.net
[2010-11-01 18:44 UTC] bell at ctrlf5 dot co dot za
[2010-11-01 19:19 UTC] felipe@php.net
-Status: Bogus
+Status: Open
[2010-11-01 19:19 UTC] felipe@php.net
[2010-11-25 20:35 UTC] iliaa@php.net
-Status: Open
+Status: Bogus
[2010-11-25 20:35 UTC] iliaa@php.net
[2010-12-04 08:13 UTC] bell at ctrlf5 dot co dot za
-Summary: PDO treats backslashes in pgsql passwords as escape
characters
+Summary: PDO-pgsql fails to escape backslashes in passwords
[2010-12-04 08:13 UTC] bell at ctrlf5 dot co dot za
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Nov 02 19:00:02 2025 UTC |
Description: ------------ When using a password containing a backslash to connect to PostgreSQL database via PDO the driver appears to be treating the backslash as an escape charcter. The problem is not global to PDO since MySQL works as expected. It is not global to libpq since PearDB and the psql command line tool work as expected. Further explanation in the comments in the test script. Test script: --------------- $host = 'localhost'; $database = 'imix'; $username = 'imix'; // Password is |\/|ix3dUp /* Works for MySQL - Doesn't work for pgsql - wireshark shows |/x3edUp sent to server, error message shows password correctly */ $mysql_password = '|\/|ix3dUp'; /* Doesn't work for pg - |/x3edUp still sent to server - error message still shows password correctly - this is because \ is one of the two chars escaped in a single quoted string */ // $password = '|\\/|ix3dUp'; /* Works for pgsql, not for mysql - Error message on mysql attempt shows two backslashes Initial parse treats the first one as an escape, handing two to PDO - pgsql driver seems to interpret the first remaining one as an escape which really doesn't sound right ... */ $pgsql_password = '|\\\/|ix3dUp'; $mysql_connection = new PDO('mysql:host='.$host.';dbname='.$database, $username, $mysql_password); $pgsql_connection = new PDO('pgsql:host='.$host.';dbname='.$database, $username, $pgsql_password); Expected result: ---------------- I would expect the password as used for MySQL to work for both the engines. Actual result: -------------- Test script as it stands executes without error.