Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#690 closed Bug (fixed)

mysql password html encoded causing problems with special chars like &

Reported by: nico_h Owned by:
Priority: normal Milestone: Piwik 0.4
Component: Core Keywords: mysql password html ampersand
Cc: Sensitive:

Description

hi,

We checked that this bug is not a duplicate of #462 (although it contains the same sql error).

After the installation of piwik on our server, I was unable to login, getting this error :

SQLSTATE[28000] [1045] Access denied for user 'xxx'@'localhost' (using password: YES)
Backtrace:

#0 /xxx/www/piwik/libs/Zend/Db/Adapter/Abstract.php(228): Zend_Db_Adapter_Pdo_Abstract->_connect()
#1 /xxx/www/piwik/core/Piwik.php(1180): Zend_Db_Adapter_Abstract->getConnection()
#2 /xxx/www/piwik/core/FrontController.php(230): Piwik::createDatabaseObject()
#3 /xxx/www/piwik/index.php(48): Piwik_FrontController->init()
#4 {main}

then my admin was able to correct the error in piwik/config/config.ini.php : he found out that the password i use (in mysql database), which contains the char ampersand (&) was apparently twice encoded causing it to be stored as & instead of simply &

once the password was corrected, login was possible and everything seems to work properly.

another strange thing about passwords occured while choosing the piwik super user password : piwik rejected all passwords containing special characters saying they didn't match although they did for sure (as a lazy person, i copied/pasted them in the both fields). tried several times and it worked only when i gave in a password without special characters. we did not retried many times to check which ones did work, which once didn't etc. but we think it might be related to the same bug as the first mentionned here and so we don't think it's worth opening another new ticket.

bye & thanks for providing a nice open source website traffic analyzer !

Change History (7)

comment:1 Changed 5 years ago by matt (mattab)

  • Milestone changed from Stable release to RobotRock

comment:2 Changed 5 years ago by matt (mattab)

  • Milestone changed from 1- RobotRock to 1 - Piwik 0.4

comment:3 Changed 5 years ago by matt (mattab)

from email

Example I use a combination of $"& in my database passwords and the character " is not written correctly in the config.ini.php file.

Strong passwords with non alpha-numeric characters is encouraged generally and this should be noted as a potential problem.

comment:4 Changed 5 years ago by matt (mattab)

  • Resolution set to fixed
  • Status changed from new to closed

(In [1165]) - fix #690 mysql password html encoded causing problems with special chars like &
+ now encoding stuff properly + added tests

comment:5 Changed 5 years ago by koteiko

comment:6 Changed 5 years ago by spomoni

comment:7 Changed 5 years ago by spomoni

Note: See TracTickets for help on using tickets.