]> source.dussan.org Git - nextcloud-server.git/commitdiff
postgresql - add quotes around user names 37116/head
authorSimon L <szaimen@e.mail.de>
Tue, 7 Mar 2023 23:37:19 +0000 (00:37 +0100)
committerSimon L <szaimen@e.mail.de>
Wed, 8 Mar 2023 00:03:27 +0000 (01:03 +0100)
fix https://github.com/nextcloud/server/issues/37114

Signed-off-by: Simon L <szaimen@e.mail.de>
lib/private/Setup/PostgreSQL.php

index 8359f7b75638b6d695abe95171a7e12c0c77fd67..490cbba69a94cb5950c772c51d666cdbfbe22f4c 100644 (file)
@@ -80,7 +80,7 @@ class PostgreSQL extends AbstractDatabase {
                                        // Therefore we assume that the database is only used by one user/service which is Nextcloud
                                        // Additional services should get installed in a separate database in order to stay secure
                                        // Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS
-                                       $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO ' . addslashes($this->dbUser));
+                                       $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO "' . addslashes($this->dbUser) . '"');
                                        $connectionMainDatabase->close();
                                }
                        }
@@ -122,7 +122,7 @@ class PostgreSQL extends AbstractDatabase {
        private function createDatabase(Connection $connection) {
                if (!$this->databaseExists($connection)) {
                        //The database does not exists... let's create it
-                       $query = $connection->prepare("CREATE DATABASE " . addslashes($this->dbName) . " OWNER " . addslashes($this->dbUser));
+                       $query = $connection->prepare("CREATE DATABASE " . addslashes($this->dbName) . " OWNER \"" . addslashes($this->dbUser) . '"');
                        try {
                                $query->execute();
                        } catch (DatabaseException $e) {
@@ -172,10 +172,10 @@ class PostgreSQL extends AbstractDatabase {
                        }
 
                        // create the user
-                       $query = $connection->prepare("CREATE USER " . addslashes($this->dbUser) . " CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'");
+                       $query = $connection->prepare("CREATE USER \"" . addslashes($this->dbUser) . "\" CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'");
                        $query->execute();
                        if ($this->databaseExists($connection)) {
-                               $query = $connection->prepare('GRANT CONNECT ON DATABASE ' . addslashes($this->dbName) . ' TO '.addslashes($this->dbUser));
+                               $query = $connection->prepare('GRANT CONNECT ON DATABASE ' . addslashes($this->dbName) . ' TO "' . addslashes($this->dbUser) . '"');
                                $query->execute();
                        }
                } catch (DatabaseException $e) {