From 36dbb8edab6de784c45eee688000c5e330e70478 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Tue, 21 Jun 2011 23:58:02 +0200 Subject: [PATCH] prefix the mysql user name to avoid collissions --- lib/setup.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/lib/setup.php b/lib/setup.php index 281f24db50..0a8c9650cb 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -97,13 +97,20 @@ class OC_SETUP { else { $query="SELECT user FROM mysql.user WHERE user='$dbuser'"; //this should be enough to check for admin rights in mysql if(mysql_query($query, $connection)) { - self::createDBUser($username, $password, $connection); //use the admin login data for the new database user - OC_CONFIG::setValue('dbuser', $username); - OC_CONFIG::setValue('dbpassword', $password); + + //add prefix to the mysql user name to prevent collissions + $dbusername='oc_mysql_'.$username; + //hash the password so we don't need to store the admin config in the config file + $dbpassowrd=md5(time().$password); + + self::createDBUser($dbusername, $dbpassowrd, $connection); + + OC_CONFIG::setValue('dbuser', $dbusername); + OC_CONFIG::setValue('dbpassword', $dbpassowrd); //create the database - self::createDatabase($dbname, $username, $connection); + self::createDatabase($dbname, $dbusername, $connection); } else { OC_CONFIG::setValue('dbuser', $dbuser);