Wordpress install; Unsupported special character in password causing SQL error

Troubleshooting
1

I ran into this issue, realizing only after almost completing this bug report that it is an unsupported character in dietpi-config, but I’m putting it here anyway. I think that it would be important to catch these passwords with unsupported characters when they get created, rather than having the user run into possible issues down the line.

Creating a bug report/issue

I have searched the existing open and closed issues

Required Information

  • DietPi version | cat /boot/dietpi/.version
    G_DIETPI_VERSION_CORE=9
    G_DIETPI_VERSION_SUB=3
    G_DIETPI_VERSION_RC=0
    G_GITBRANCH=‘master’
    G_GITOWNER=‘MichaIng’

  • Distro version | echo $G_DISTRO_NAME $G_RASPBIAN
    bookworm

  • Kernel version | uname --all
    Linux DietPi 6.1.0-20-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.85-1 (2024-04-11) x86_64 GNU/Linux

  • Architecture | dpkg --print-architecture
    amd64

  • SBC model | echo $G_HW_MODEL_NAME or (EG: RPi3)
    Native PC (x86_64)

  • Power supply used | (EG: 5V 1A RAVpower)
    n/a

  • SD card used | (EG: SanDisk ultra)
    n/a

Additional Information (if applicable)

  • Software title | (EG: Nextcloud)
    Wordpress
  • Was the software title installed freshly or updated/migrated?
    installed freshly
  • Can this issue be replicated on a fresh installation of DietPi?
    ← If you sent a “dietpi-bugreport”, please paste the ID here →
  • Bug report ID | echo $G_HW_UUID

Steps to reproduce

  1. Create a new account with a password containing the single quote symbol ('), in this example we can use the following password: abc’123

  2. run dietpi-software install 55 (for wordpress) or use the dietpi-software GUI to install wordpress

Expected behaviour

  • Wordpress installs without error.

Actual behaviour

  • a MariaDB error occurs, printing any leftover part of the password (after the single quote) back into the console, followed by ‘flush privileges’
    ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘123;flush privileges’ at line 1

Extra details

  • This is technically an unsupported password according to dietpi config, but dietpi config should detect if you’ve accidentally put in an unsupported password at any point.
2

hmm I guess the password is working for SSH login but not on MariaDB level

@MichaIng Should we prevent the use of such passwords?

3

I’ve actually noticed that the issue may only happen when the password has another character after the initial single quote, e.g. “abc’12%3”.

4

It seems doubling the character can be used to escape/represent it: escaping - How to escape apostrophe (a single quote) in MySql? - Stack Overflow
Else indeed the issue is that single quotes are used to quote the password itself. We can escape this right within /boot/dietpi/func/create_mysql_db.

5

This topic was automatically closed 178 days after the last reply. New replies are no longer allowed.