Escape variable mysql password - mysql

I have a mysql password that starts with a space. I want to put this password into a variable and then use it to connect in a bash script.
this works fine:
mysql -u me -p' examplepw'
but this does not:
pw=" examplepw"
mysql -u me -p'$pw'
because the single quotes make the variable name be interpreted literally (ie. mysql does not recognise the string $pw as a valid password).
How can I use a variable to hold a mysql password that requires escaping?

Ah I just found the solution: terminate the single quote, and concatenate the variable quoted with double quotes:
mysql -u me -p''"$pw"''

As long as you're using environment variables, you could store the password in MYSQL_PWD. MySQL will just take it from there:
export MYSQL_PWD=" examplepw"
mysql -u me

${} expands a variable.
PASS=" 12345678"
mysql -u me -p"${PASS}"
In this case, ${PASS} is extended to 12345678

Related

Mysql command line password with special characters is not working

I've the following bash script to upgrade my database schema. Script reads hostname and database password from command line.
The problem is here that if the password is alphanumeric e.g r00t then script works. But if password contains special characters e.g pa**w0rd, then script does not work and directly exits. Please help me with this. Thanks.
#!/bin/bash
echo "Enter hostname."
read -p "Hostname [localhost]: " DB_HOST
DB_HOST=${DB_HOST:-localhost}
echo "Enter MySQL root password"
DB_PASS=
while [[ $DB_PASS = "" ]]; do
read -sp "Password: " DB_PASS
done
MYSQL="mysql --force --connect-timeout=90 --host=$DB_HOST -u root --password=${DB_PASS}"
# Apply schema updates. My DBName is "mydb"
# Upgrade schema file is stored in "mysql" folder
$MYSQL mydb -e exit > /dev/null 2>&1 && $MYSQL mydb < "../mysql/upgrade_schema_v.2.1.sql"
Logging into mysql using bash
For ubuntu or linux shell try to use command
mysql -u username -p'p#ssw()rD'
for remote host login use
mysql -h hostname -u user -p'password'
This is occurring because you are using shell GLOB (wildcard) characters in the password, and in Bash (or on Linux generally) wildcards are expanded by the shell.
The safest and most reliable solution is to not use shell wildcard characters or other characters interpreted by the shell in the password. You should also avoid spaces. There are plenty of other characters.
Here are the ones you should avoid:
" ' $ , [ ] * ? { } ~ # % \ < > | ^ ;
Here are the ones it is usually safe to use:
: # . , / + - ! =
To ensure the password is still secure, make it longer. As an example:
K#3amvv7l1wz1192sjqhym
This meets old-fashioned password complexity rules, because upper, lower, numbers and special characters are in the first four, the remainder is randomly generated but avoids any problematic characters.
However if you must use them, you can quote the password parameter with single quotes - though you will still run in to trouble if the password contains single quotes!
Try enclosing your password in single quotes.
If it's pa**w0rd, use 'pa**w0rd'
Variables are best used for data, not code. The layers of variables make it hard to protect the expansion when you want some parts of the expansion (i.e., you want your command line to be word split on the tokens you want), but don't want all the other effects. The solution is to not store the code in a string. Instead, use a function like:
do_mysql() {
host="$1"
pass="$2"
mysql --force --connect-timeout=90 --host="$host" -u root --password="$pass" "$#"
}
then you can run it with extra arguments like
do_mysql "$DB_HOST" "$DB_PASS" -e exit > /dev/null && do_mysql "$DB_HOST" "$DB_PASS" < "../mysql/upgrade_schema_v.2.1.sql"
Though it would also be better not to use upper case for your variables. Doing so makes it so you could collide with environment variables and accidentally change things you don't intend to change (as the number of people who accidentally reset PATH can attest).

bash: How do I use a connection string to connect to a MySQL database?

Can I pass this string
mysql2://user1:rXbNgLjBHrdxYT#localhost/onebody?socket=/opt/bitnami/mysql/tmp/mysql.sock
to the mysql command inside bash, to make a connection?
If so, how...
Not literally. mysql CLI takes several options into which the string needs to be split (see man mysql).
Assuming "onebody" is the DB name, I guess it is:
mysql --protocol=socket --socket=/opt/bitnami/mysql/tmp/mysql.sock --database=onebody --user=user1 --password=rXbNgLjBHrdxYT.
If you omit the password value following the --password or -p option
on the command line, mysql prompts for one.
Specifying a password on the command line should be considered insecure. See Section 6.1.2.1, “End-User Guidelines for Password Security”. You can use an option file to avoid giving the password on the command line.

mysql connection whitespace after user flag

I have a question, What is the significance of the whitespace after the user flag -u inside a mysql connection string?
mysql -u myname -pmypass mydb
I mean to say, the above command works just fine, if I don't pass a whitespace after -u and just write the above command as below.
mysql -umyname -pmypass mydb
I tried searching for an explaination by using the following search terms.
mysql login whitespace after user flag
mysql connection console whitespace after user flag
I found the mention of whitespace after the password flag -p, Here. But the page no where talks about the whitespace after the user flag -u.
....there must be no space between -p or --password= and the password following it.
The -p option takes an optional argument:
mysql --help --verbose
...
-p, --password[=name]
Password to use when connecting to server. If password is
not given it's asked from the tty.
So, a command line that contains:
-p mydb
would be ambiguous ... does this means to:
Prompt the user for a password, and use the mydb database ?
Use the password mydb, and not set a default database ?
This is why the documentation insists on a particular rule for the password option: the value, if given, must be attached (no space).
For options that always take an argument, like -u, there are no special considerations, so the white space is not significant.
See the manual for a full documentation of command line options:
http://dev.mysql.com/doc/refman/5.7/en/command-line-options.html

Unable to direct insert in mysql database from linux xshell

i have run below command to insert data into my mysql database. sql query is ok. but after run the query, a prompt is coming to enter the password. but in my database no password is set. SO if i press enter key without writing anything then it is inserting data. How can i avoid to this prompt. That means i want that command will be directly working. No prompt will come for Enter Password.
Enter password:
linux-pott:/opt/lampp/htdocs # mysql -uroot -p -e 'insert into dialer_rate(date_time,time,mno,trx_type,trx_result,trx_value) values("2015-02-19","12:14","air","N/A","Not_Running",0) ' bkash
Enter password:
linux-pott:/opt/lampp/htdocs #
remove the option -p in your cmd:
linux-pott:/opt/lampp/htdocs # mysql -u root -e 'insert into dialer_rate(date_time,time,mno,trx_type,trx_result,trx_value) values("2015-02-19","12:14","air","N/A","Not_Running",0) ' bkash
From the official documentation:
For a long option that takes a value, separate the option name and the value by an “=” sign. For a short option that takes a value, the option value can immediately follow the option letter, or there can be a space between: -hlocalhost and -h localhost are equivalent. An exception to this rule is the option for specifying your MySQL password. This option can be given in long form as --password=pass_val or as --password. In the latter case (with no password value given), the program prompts you for the password. The password option also may be given in short form as -ppass_val or as -p. However, for the short form, if the password value is given, it must follow the option letter with no intervening space. The reason for this is that if a space follows the option letter, the program has no way to tell whether a following argument is supposed to be the password value or some other kind of argument. Consequently, the following two commands have two completely different meanings:

Escape $ from sql script running from Linux Shell

I am trying to execute an insert statement from linux shell where one of the columns has '$2a$10$zKjqmgld1gDYB/qkDuAS' in the value. When I see the inserted data the value is truncated and I get only 'aKjqmgld1gDYB/qkDuAS' as any digit followed by dollar is treated by linux as a parameter passed to the script.
This is how I am executing the script
mysql -u user --password=password -e "insert into users(id,name,password) values(1,'Some Name','\$2a\$10\$zKjqmgld1gDYB/qkDuAS')"
I have even tried escaping the $ like \$2a\$10\$zKjqmgld1gDYB/qkDuAS, but still it yields the same truncated data , however when I do echo '\$2a\$10\$zKjqmgld1gDYB/qkDuAS', I get the entire thing back.
Sameer
Single quotes don't nest in shell (do they anywhere else, anyway?). So, your string is effectively outside the quotes. Combine with double quotes and backslashes:
mysql -u user --password=password -e \
"insert into users(id,name,password) values(1,'Some Name','\$2a$10\$zKjqmgld1gDYB/qkDuAS')"
it was already in double quotes (sorry, for writing the wrong query). That didn't work either, however I found a workaround
echo "insert into users(id,name,password) values(1,'Some Name','\$2a\$10\$zKjqmgld1gDYB/qkDuAS')" >> temp.sql
mysql -u user --password=password < temp.sql
This finally worked.