Merge pull request #2504 from c960657/urldecode-dsn

URL-decode URL-style DSN

Merge pull request #2504 from c960657/urldecode-dsn
URL-decode URL-style DSN
bfecbebd · Marco Pivetta · GitHub · 4120a721 · cdeb9e8c · bfecbebd
Commit bfecbebd authored Jan 15, 2017 by Marco Pivetta Committed by GitHub Jan 15, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 0 deletions

UPGRADE.md UPGRADE.md +10 -0

DriverManager.php lib/Doctrine/DBAL/DriverManager.php +2 -0

DriverManagerTest.php tests/Doctrine/Tests/DBAL/DriverManagerTest.php +8 -0

No files found.
--- a/UPGRADE.md
+++ b/UPGRADE.md
+# Upgrade to 2.6
+
+## MINOR BC BREAK: URL-style DSN with percentage sign in password
+
+URL-style DSNs (e.g. ``mysql://foo@bar:localhost/db``) are now assumed to be percent-encoded
+in order to allow certain special characters in usernames, paswords and database names. If
+you are using a URL-style DSN and have a username, password or database name containing a
+percentage sign, you need to update your DSN. If your password is, say, ``foo%foo``, it
+should be encoded as ``foo%25foo``.
+
 # Upgrade to 2.5.1

 ## MINOR BC BREAK: Doctrine\DBAL\Schema\Table

--- a/lib/Doctrine/DBAL/DriverManager.php
+++ b/lib/Doctrine/DBAL/DriverManager.php
@@ -259,6 +259,8 @@ final class DriverManager
            throw new DBALException('Malformed parameter "url".');
        }

+        $url = array_map('rawurldecode', $url);
+
        // If we have a connection URL, we have to unset the default PDO instance connection parameter (if any)
        // as we cannot merge connection details from the URL into the PDO instance (URL takes precedence).
        unset($params['pdo']);

--- a/tests/Doctrine/Tests/DBAL/DriverManagerTest.php
+++ b/tests/Doctrine/Tests/DBAL/DriverManagerTest.php
@@ -199,6 +199,14 @@ class DriverManagerTest extends \Doctrine\Tests\DbalTestCase
                'drizzle-pdo-mysql://foo:bar@localhost/baz',
                array('user' => 'foo', 'password' => 'bar', 'host' => 'localhost', 'dbname' => 'baz', 'driver' => 'Doctrine\DBAL\Driver\DrizzlePDOMySql\Driver'),
            ),
+            'simple URL with percent encoding' => array(
+                'mysql://foo%3A:bar%2F@localhost/baz+baz%40',
+                array('user' => 'foo:', 'password' => 'bar/', 'host' => 'localhost', 'dbname' => 'baz+baz@', 'driver' => 'Doctrine\DBAL\Driver\PDOMySQL\Driver'),
+            ),
+            'simple URL with percent sign in password' => array(
+                'mysql://foo:bar%25bar@localhost/baz',
+                array('user' => 'foo', 'password' => 'bar%bar', 'host' => 'localhost', 'dbname' => 'baz', 'driver' => 'Doctrine\DBAL\Driver\PDOMySQL\Driver'),
+            ),

            // DBAL-1234
            'URL without scheme and without any driver information' => array(