Quote database and role in queries

Fixes #1793
Signed-off-by: Lari Tikkanen <lartza@outlook.com>
This commit is contained in:
Lari Tikkanen 2016-12-07 22:12:25 +02:00
parent 737d9f3504
commit 9ebd5d5bb2
1 changed files with 4 additions and 4 deletions

View File

@ -111,7 +111,7 @@ class PostgreSQL extends AbstractDatabase {
private function createDatabase(IDBConnection $connection) {
if (!$this->databaseExists($connection)) {
//The database does not exists... let's create it
$query = $connection->prepare("CREATE DATABASE " . addslashes($this->dbName) . " OWNER " . addslashes($this->dbUser));
$query = $connection->prepare("CREATE DATABASE \"" . addslashes($this->dbName) . "\" OWNER '" . addslashes($this->dbUser) . "'");
try {
$query->execute();
} catch (DatabaseException $e) {
@ -119,7 +119,7 @@ class PostgreSQL extends AbstractDatabase {
$this->logger->logException($e);
}
} else {
$query = $connection->prepare("REVOKE ALL PRIVILEGES ON DATABASE " . addslashes($this->dbName) . " FROM PUBLIC");
$query = $connection->prepare("REVOKE ALL PRIVILEGES ON DATABASE \"" . addslashes($this->dbName) . "\" FROM PUBLIC");
try {
$query->execute();
} catch (DatabaseException $e) {
@ -153,10 +153,10 @@ class PostgreSQL extends AbstractDatabase {
try {
if ($this->userExists($connection)) {
// change the password
$query = $connection->prepare("ALTER ROLE " . addslashes($this->dbUser) . " WITH CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'");
$query = $connection->prepare("ALTER ROLE \"" . addslashes($this->dbUser) . "\" WITH CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'");
} else {
// create the user
$query = $connection->prepare("CREATE USER " . addslashes($this->dbUser) . " CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'");
$query = $connection->prepare("CREATE USER \"" . addslashes($this->dbUser) . "\" CREATEDB PASSWORD '" . addslashes($this->dbPassword) . "'");
}
$query->execute();
} catch (DatabaseException $e) {