Added check for empty passwords on update of MySQL users.

Till Brehm · Till Brehm · commit 2c75b730d8e6 · 2016-09-22T11:41:34.000+02:00
diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -142,8 +142,10 @@ function process_host_list($action, $database_name, $database_user, $database_pa
 			} elseif($action == 'PASSWORD') {
 				//if(!$link->query("SET PASSWORD FOR '".$link->escape_string($database_user)."'@'$db_host' = '".$link->escape_string($database_password)."'")) $success = false;
 				// SET PASSWORD for already hashed passwords is not supported by latest MySQL 5.7 anymore, so we set it directly
-				if(!$link->query("UPDATE mysql.user SET `Password` = '".$link->escape_string($database_password)."' WHERE `Host` = '".$db_host."' AND `User` = '".$link->escape_string($database_user)."'")) $success = false;
-				if($success == true) $link->query("FLUSH PRIVILEGES");
+				if(trim($database_password) != '') {
+					if(!$link->query("UPDATE mysql.user SET `Password` = '".$link->escape_string($database_password)."' WHERE `Host` = '".$db_host."' AND `User` = '".$link->escape_string($database_user)."'")) $success = false;
+					if($success == true) $link->query("FLUSH PRIVILEGES");
+				}
 			}
 		}
 

Original file line number	Diff line number	Diff line change
`@@ -142,8 +142,10 @@ function process_host_list($action, $database_name, $database_user, $database_pa`
`142`	`142`	`} elseif($action == 'PASSWORD') {`
`143`	`143`	`//if(!$link->query("SET PASSWORD FOR '".$link->escape_string($database_user)."'@'$db_host' = '".$link->escape_string($database_password)."'")) $success = false;`
`144`	`144`	`// SET PASSWORD for already hashed passwords is not supported by latest MySQL 5.7 anymore, so we set it directly`
`145`		- if(!$link->query("UPDATE mysql.user SET `Password` = '".$link->escape_string($database_password)."' WHERE `Host` = '".$db_host."' AND `User` = '".$link->escape_string($database_user)."'")) $success = false;
`146`		`- if($success == true) $link->query("FLUSH PRIVILEGES");`
	`145`	`+ if(trim($database_password) != '') {`
	`146`	+ if(!$link->query("UPDATE mysql.user SET `Password` = '".$link->escape_string($database_password)."' WHERE `Host` = '".$db_host."' AND `User` = '".$link->escape_string($database_user)."'")) $success = false;
	`147`	`+ if($success == true) $link->query("FLUSH PRIVILEGES");`
	`148`	`+ }`
`147`	`149`	`}`
`148`	`150`	`}`
`149`	`151`