Ensure password used when creating a database is valid; closes pterodactyl#1852

Author: DaneEveritt

CHANGELOG.md

@@ -3,6 +3,10 @@ This file is a running track of new features and fixes to each version of the pa
 
 This project follows [Semantic Versioning](http://semver.org) guidelines.
 
+## v0.7.17 (Derelict Dermodactylus)
+### Fixed
+* Fixes database passwords not being generated with the proper requirements for some MySQL setups.
+
 ## v0.7.16 (Derelict Dermodactylus)
 ### Fixed
 * Fixed the /api/application/servers endpoint erroring when including subusers or egg

app/Helpers/Utilities.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace Pterodactyl\Helpers;
+
+use Exception;
+use Illuminate\Support\Facades\Log;
+
+class Utilities
+{
+    /**
+     * Generates a random string and injects special characters into it, in addition to
+     * the randomness of the alpha-numeric default response.
+     *
+     * @param int $length
+     * @return string
+     */
+    public static function randomStringWithSpecialCharacters(int $length = 16): string
+    {
+        $string = str_random($length);
+        // Given a random string of characters, randomly loop through the characters and replace some
+        // with special characters to avoid issues with MySQL password requirements on some servers.
+        try {
+            for ($i = 0; $i < random_int(2, 6); $i++) {
+                $character = ['!', '@', '=', '.', '+', '^'][random_int(0, 5)];
+
+                $string = substr_replace($string, $character, random_int(0, $length - 1), 1);
+            }
+        } catch (Exception $exception) {
+            // Just log the error and hope for the best at this point.
+            Log::error($exception);
+        }
+
+        return $string;
+    }
+}

app/Services/Databases/DatabaseManagementService.php

@@ -3,6 +3,7 @@
 namespace Pterodactyl\Services\Databases;
 
 use Pterodactyl\Models\Database;
+use Pterodactyl\Helpers\Utilities;
 use Illuminate\Database\DatabaseManager;
 use Illuminate\Contracts\Encryption\Encrypter;
 use Pterodactyl\Extensions\DynamicDatabaseConnection;
@@ -69,7 +70,9 @@ public function create($server, array $data)
         $data['server_id'] = $server;
         $data['database'] = sprintf('s%d_%s', $server, $data['database']);
         $data['username'] = sprintf('u%d_%s', $server, str_random(10));
-        $data['password'] = $this->encrypter->encrypt(str_random(24));
+        $data['password'] = $this->encrypter->encrypt(
+            Utilities::randomStringWithSpecialCharacters(24)
+        );
 
         $this->database->beginTransaction();
         try {

app/Services/Databases/DatabasePasswordService.php

@@ -2,9 +2,8 @@
 
 namespace Pterodactyl\Services\Databases;
 
-use Exception;
 use Pterodactyl\Models\Database;
-use Illuminate\Support\Facades\Log;
+use Pterodactyl\Helpers\Utilities;
 use Illuminate\Database\ConnectionInterface;
 use Illuminate\Contracts\Encryption\Encrypter;
 use Pterodactyl\Extensions\DynamicDatabaseConnection;
@@ -62,19 +61,7 @@ public function __construct(
      */
     public function handle(Database $database): string
     {
-        $password = str_random(24);
-        // Given a random string of characters, randomly loop through the characters and replace some
-        // with special characters to avoid issues with MySQL password requirements on some servers.
-        try {
-            for ($i = 0; $i < random_int(2, 6); $i++) {
-                $character = ['!', '@', '=', '.', '+', '^'][random_int(0, 5)];
-
-                $password = substr_replace($password, $character, random_int(0, 23), 1);
-            }
-        } catch (Exception $exception) {
-            // Just log the error and hope for the best at this point.
-            Log::error($exception);
-        }
+        $password = Utilities::randomStringWithSpecialCharacters(24);
 
         $this->connection->transaction(function () use ($database, $password) {
             $this->dynamic->set('dynamic', $database->database_host_id);