php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #37232 mssql_connect and mssql_pconnect do not accept password longer than 30 chars
Submitted: 2006-04-28 06:03 UTC Modified: 2006-04-29 03:06 UTC
From: rriehle at gmail dot com Assigned: fmk (profile)
Status: Not a bug Package: MSSQL related
PHP Version: 5.1.2 OS: XP SP2
Private report: No CVE-ID: None
View Developer Edit
 [2006-04-28 06:03 UTC] rriehle at gmail dot com 
Description:
------------
Using SQL Server 2005 (SP1).  

Unable to connect with logins that have passwords greater than 30 characters long using mssql_connect or mssql_pconnect.  

The logins work fine from the server client tools; I spent hours troubleshooting this. sigh.  

The reason the passwords I was trying to use were 32 characters is becuase I was using MD5 hashes of plain passwords for my server logins.

Reproduce code:
---------------
$dbh = mssql_pconnect("MyHost", "testlogin", "passwordpasswordpasswordpassword");

OR

$dbh = mssql_connect("BUILDWAY-NET", "testlogin", "passwordpasswordpasswordpassword");

Expected result:
----------------
Expect $dbh to hold a link identifier to a mssql connection.

I expected that the statements would connect with passwords that have a length as long as the server can accept.

Actual result:
--------------
Returns false with these messages:

Debug Warning: c:\Inetpub\wwwroot\includes\ez_sql-ms.php line 71 - mssql_pconnect() [<a href='file:///C:\Program Files\Zend\ZendStudioClient-5.1.0\docs\PHPmanual/function.mssql-pconnect'>function.mssql-pconnect</a>]: message: Login failed for user 'testlogin'. (severity 14)

Debug Warning: c:\Inetpub\wwwroot\includes\ez_sql-ms.php line 71 - mssql_pconnect() [<a href='file:///C:\Program Files\Zend\ZendStudioClient-5.1.0\docs\PHPmanual/function.mssql-pconnect'>function.mssql-pconnect</a>]: Unable to connect to server:  BUILDWAY-NET

Errors are the same for mssql_connect (except that the p in mssql_pconnect is left out).

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-04-29 03:06 UTC] fmk@php.net 
This is due to limmitations in ntwdblib from Microsoft. This library has not been updated since SQL server 6.5 where 30 was the max length of passwords etc.

Use the php_dblib.dll extension. This is a dropin replacement build with FreeTDS.
 [2013-11-13 07:36 UTC] amolkulkarni82 at gmail dot com 
Here is the changes required to accept password longer than 30 chars

Steps to follow: 

1) cd /usr/local/src/freetds-0.91/

2) Change the values as required in freetds src:

# Default values:
# Filename:  include/sybdb.h (line 67)
#define DBMAXNAME  30

# Filename:  include/tds.h (line 760)
#define TDS_MAX_DYNID_LEN	30

# Filename:  include/tds.h (line 831)
#define TDS_MAX_LOGIN_STR_SZ 30

3) Modify the TDS_MAX_LOGIN_STR_SZ macro to overcome the password limitation of 30 chars

4) Recompile the freetds

make clean && ./configure --prefix=/usr/local/freetds --with-tdsver=8.0 --enable-msdblib --enable-dbmfix --with-gnu-ld && make && make install

5) Restart the apache
/usr/local/apache2/bin/apachectl stop && /usr/local/apache2/bin/apachectl start

6) Export the FREETDS
export FREETDSCONF=/etc/freetds.conf

Test the MSSQLdatabase connection using CLI

> php -a
Interactive mode enabled

<?php

$conn = mssql_connect('hostname','username','password');

var_dump($conn);

if (!$conn)
	echo $strerr = "ERROR: Failed to connect to MSSQL Server ('hostname') : ".mssql_get_last_message();

?>

CTR+D

expected output:

resource(1) of type (mssql link)
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Tue Feb 11 03:01:57 2025 UTC