Password Decode Failure, Step 3 Installation (Access denied for user 'username'@'hostname' (using password: YES)) #3185

Closed
JonathanCJames opened this Issue Jul 17, 2015 · 3 comments

Projects

None yet

4 participants

@JonathanCJames

When installing version 2.0.3.1 on localhost (using Linux SUSE), I was given the error:
"Access denied for user 'root'@'localhost' (using password: YES)"

The password I always use for accessing 127.0.0.1 contains an ampersand; this was not being decoded properly.

You have already deployed 'html_entity_decode' for the file 'install/controller/step_3.php' on lines 35 and 73. However to resolve the issue, I also had to add 'html_entity_decode' to line 267 as follows:
Replaced: $this->request->post['db_password']
With: html_entity_decode($this->request->post['db_password'], ENT_QUOTES, 'UTF-8')

I also needed to add decoding for the file 'instal/model/install.php' on line 4 as follows:
Replaced: $data['db_password']
With: html_entity_decode($data['db_password'])

Decoding the password in these two places resolved the issue.

@JonathanCJames

Same problem exists for admin password. Don't currently have time to fix this, too.

@danielkerr danielkerr closed this Jul 18, 2015
@danielkerr danielkerr added a commit that referenced this issue Jul 18, 2015
@danielkerr danielkerr #3185 8929798
@tflight
tflight commented Jul 4, 2016

Just pinging this is still an issue in 2.2.0.0.

@drkskwlkr
drkskwlkr commented Aug 7, 2016 edited

@tflight: the fix seems to be implemented but today I found an edge case where a single special characters (or a sequence of special characters, I am not sure which) in the DB password is still an issue even though the password is passed to html_entity_decode (I tested on 2.1.0.2).

The auto-generated password that caused me trouble happened to contain a %& sequence in the middle and this would cause step 3 of the OpenCart installation to fail with a blank web page and MySQL 'access denied' message. Once I replaced the %& with ## the problem went away.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment