underscore in php db variable causing problems

2019-02-17 21:55发布

I store all of my login information for databases in files outside of the public tree in variables such as

$hostname = '172.0.0.0';
$dbname = 'myname_mydbname';
$username = 'myname_user';
$pw = 'password';

That's pretty standard.

The problem is that this particular hosting I am working with requires the myname_ to be appended to the front of all databases and user names. When I store these strings and pass them to a PDO it drops everything in the username after myname, and drops the password string all together... If I put the username and password in the function as strings instead of variables everything works. I am at my wits end. can anyone help? here is the function as it is in code.

Does not work:

$this -> DB = new PDO ("mysql:host={$hostname}; dbname={$dbname}", $username, $pw);

works:

$this -> DB = new PDO ("mysql:host={$hostname};dbname={$dbname}", 'myname_user', 'password');

I am hoping someone here can make me feel stupid... thanks in advance. -David

the error might help...

Failed to get DB handle: SQLSTATE[28000] [1045] Access denied for user 'myname'@'localhost' (using password: NO)

3条回答
该账号已被封号
2楼-- · 2019-02-17 22:49

Nothing I can find in the PDO documentation suggests that you can specify username or password in the DSN string - it is a "Database Source Name" not "Database Source Name and Authentication" String the fact you are using no password should be a hint to this, and the username being 'myname' is probably just because most RDBMs use the $USER environment var to connect if none is specified (which i must assume is set to 'myname')

i.e. i think you simply have to use the extra parameters to pass the authentication credentials

查看更多
The star\"
3楼-- · 2019-02-17 22:51

you should get the same result from appending quotes

 ////the variable
 $myusr='myname_user'; 

////now append quotes
    $user="'".$myusr."'"; 

///which would be the same thing as
  $psswd= "'pass_word'";

the pdo function will strip out the single quotes ( ' ' ) if you wanted to store it with quotes it would be '\'password\'' in your sql statement as stored quotes must be stored with delimiters to prevent auto escaping.

  INSERT INTO `Auth_USERs` (`id`, `usrname`, `passwd`, `email`, `reg_date`) VALUES (NULL, '\'myname_user\'', '\'pass_word\'', 'someone@somewhere.com', CURRENT_TIMESTAMP);

you came across the {} as this treats the variable as inside a container, so it appends ' ' of course the get array does this too (with different characters, then php escapes them on next page load ) since you're executing a java function to make your get functions, you are essentially appending quotes that are not escaped. Until PDO function escapes them.

$this -> DB = new PDO ("mysql:host={$hostname};dbname={$dbname}", $user, $psswd);
查看更多
【Aperson】
4楼-- · 2019-02-17 22:59

As a work around I built get functions in the file that the information is stored that return the strings, and it works. Super strange, but it works.

查看更多
登录 后发表回答