diff options
| author | Simon L <szaimen@e.mail.de> | 2023-03-08 00:37:19 +0100 |
|---|---|---|
| committer | Simon L <szaimen@e.mail.de> | 2023-03-08 01:03:27 +0100 |
| commit | 40edac18f553a9b53dcf76a360ed5d92ec3c7865 (patch) | |
| tree | 47a5d2f27311628d8f50741557379f76abaabf4a /lib/private/Setup | |
| parent | 1f9a8225fd36b83e530fdcb17009ed6282567261 (diff) | |
| download | nextcloud-server-40edac18f553a9b53dcf76a360ed5d92ec3c7865.tar.gz nextcloud-server-40edac18f553a9b53dcf76a360ed5d92ec3c7865.zip | |
postgresql - add quotes around user names
fix https://github.com/nextcloud/server/issues/37114
Signed-off-by: Simon L <szaimen@e.mail.de>
Diffstat (limited to 'lib/private/Setup')
| -rw-r--r-- | lib/private/Setup/PostgreSQL.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php index 8359f7b7563..490cbba69a9 100644 --- a/lib/private/Setup/PostgreSQL.php +++ b/lib/private/Setup/PostgreSQL.php @@ -80,7 +80,7 @@ class PostgreSQL extends AbstractDatabase { // Therefore we assume that the database is only used by one user/service which is Nextcloud // Additional services should get installed in a separate database in order to stay secure // Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS - $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO ' . addslashes($this->dbUser)); + $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO "' . addslashes($this->dbUser) . '"'); $connectionMainDatabase->close(); } } @@ -122,7 +122,7 @@ class PostgreSQL extends AbstractDatabase { private function createDatabase(Connection $connection) { if (!$this->databaseExists($connection)) { //The database does not exists... let's create it - $query = $connection->prepare("CREATE DATABASE " . addslashes($this->dbName) . " OWNER " . addslashes($this->dbUser)); + $query = $connection->prepare("CREATE DATABASE " . addslashes($this->dbName) . " OWNER \"" . addslashes($this->dbUser) . '"'); try { $query->execute(); } catch (DatabaseException $e) { @@ -172,10 +172,10 @@ class PostgreSQL extends AbstractDatabase { } // create the user - $query = $connection->prepare("CREATE USER " . addslashes($this->dbUser) . " CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'"); + $query = $connection->prepare("CREATE USER \"" . addslashes($this->dbUser) . "\" CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'"); $query->execute(); if ($this->databaseExists($connection)) { - $query = $connection->prepare('GRANT CONNECT ON DATABASE ' . addslashes($this->dbName) . ' TO '.addslashes($this->dbUser)); + $query = $connection->prepare('GRANT CONNECT ON DATABASE ' . addslashes($this->dbName) . ' TO "' . addslashes($this->dbUser) . '"'); $query->execute(); } } catch (DatabaseException $e) { |