FS#680 : Updater script wipes out dbispconfig database if special characters are in mysql password

Welcome to the bugtracker of the ISPConfig project. This bugtracker is for ISPConfig 3.x only.

FS#680 - Updater script wipes out dbispconfig database if special characters are in mysql password

Attached to Project: ISPConfig 3
Opened by peter (strikernl) - Tuesday, 31 March 2009, 11:19 GMT
Last edited by Till (Till) - Tuesday, 31 March 2009, 11:31 GMT

Task Type	Bug Report
Category	Installer
Status	Closed
Assigned To	No-one
Operating System	All
Severity	High
Priority	Normal
Reported Version	3.0.1 Final
Due in Version	3.0.1.1
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

If you have a character in your mysql root password that the commandline cannot interpret (such as a ! in ours), it will cause update.php to completely _wipe_ the dbispconfig database.

This is because the updater script calls mysqldump with something similar to this

mysqldump -uroot -pa!password [blabla]

This will cause an error because the commandline can't interpret this line. Therefore no export will be made, and the database will still be truncated, resulting in everything in the database effectively being lost if not manually backed up beforehand. This can obviously be quite catastrophic in a production enviroment.

It's easy to fix. Make sure the parameters to mysqldump are surround by single or double quotes, like so:

mysqldump '-uroot' '-pa!password' [blabla]

This task depends upon

Closed by Till (Till)
Tuesday, 31 March 2009, 11:31 GMT
Reason for closing: Fixed

Comments (0)
Related Tasks (0/0)

	Tasks related to this task (0)

Duplicate tasks of this task (0)

ISPConfig 3

FS#680 - Updater script wipes out dbispconfig database if special characters are in mysql password

Details

Loading...