[TASK] Check valid database name specific for DBMS

With this change the check for a valid database name will be done specific for each DBMS. Resolves: #85739 Releases: master Change-Id: Ia006a31fb4686fc45ac2ab3862f3a530ed5eef58 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63053 Tested-by: TYPO3com <noreply@typo3.com> Tested-by: Susanne Moog <look@susi.dev> Tested-by: Benni Mack <benni@typo3.org> Reviewed-by: Susanne Moog <look@susi.dev> Reviewed-by: Benni Mack <benni@typo3.org>

[TASK] Check valid database name specific for DBMS
With this change the check for a valid database name will be done specific for each DBMS. Resolves: #85739 Releases: master Change-Id: Ia006a31fb4686fc45ac2ab3862f3a530ed5eef58 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63053 Tested-by: TYPO3com <noreply@typo3.com> Tested-by: Susanne Moog <look@susi.dev> Tested-by: Benni Mack <benni@typo3.org> Reviewed-by: Susanne Moog <look@susi.dev> Reviewed-by: Benni Mack <benni@typo3.org>
66055927 · Manuel Selbach · Benni Mack · 172cf1e4 · 66055927 · 66055927
Commit 66055927 authored 5 years ago by Manuel Selbach Committed by Benni Mack 5 years ago
--- a/typo3/sysext/install/Classes/SystemEnvironment/DatabaseCheck/Platform/AbstractPlatform.php
+++ b/typo3/sysext/install/Classes/SystemEnvironment/DatabaseCheck/Platform/AbstractPlatform.php
@@ -30,6 +30,11 @@ abstract class AbstractPlatform implements PlatformCheckInterface
     */
    protected $messageQueue;
+    /**
+     * @var int The maximum length of the schema name
+     */
+    protected const SCHEMA_NAME_MAX_LENGTH = 64;
    public function __construct()
    {
        $this->messageQueue = new FlashMessageQueue('install-database-check-platform');
@@ -58,7 +63,7 @@ abstract class AbstractPlatform implements PlatformCheckInterface
     */
    public static function isValidDatabaseName(string $databaseName): bool
    {
-        return strlen($databaseName) <= 50 && preg_match('/^[a-zA-Z0-9\$_]*$/', $databaseName);
+        return strlen($databaseName) <= static::SCHEMA_NAME_MAX_LENGTH && preg_match('/^[a-zA-Z0-9\$_]*$/', $databaseName);
    }
    protected function checkDatabaseName(Connection $connection): void
@@ -69,7 +74,7 @@ abstract class AbstractPlatform implements PlatformCheckInterface
        $this->messageQueue->enqueue(
            new FlashMessage(
-                'Given database name must be shorter than fifty characters'
+                'The given database name must not be longer than ' . static::SCHEMA_NAME_MAX_LENGTH . ' characters'
                . ' and consist solely of basic latin letters (a-z), digits (0-9), dollar signs ($)'
                . ' and underscores (_).',
                'Database name not valid',

--- a/typo3/sysext/install/Classes/SystemEnvironment/DatabaseCheck/Platform/PostgreSql.php
+++ b/typo3/sysext/install/Classes/SystemEnvironment/DatabaseCheck/Platform/PostgreSql.php
@@ -205,4 +205,32 @@ class PostgreSql extends AbstractPlatform
            ));
        }
    }
+    /**
+     * Validate the database name
+     *
+     * @param string $databaseName
+     * @return bool
+     */
+    public static function isValidDatabaseName(string $databaseName): bool
+    {
+        return strlen($databaseName) <= static::SCHEMA_NAME_MAX_LENGTH && preg_match('/^(?!pg_)[a-zA-Z0-9\$_]*$/', $databaseName);
+    }
+    protected function checkDatabaseName(Connection $connection): void
+    {
+        if (static::isValidDatabaseName($connection->getDatabase())) {
+            return;
+        }
+        $this->messageQueue->enqueue(
+            new FlashMessage(
+                'The given database name must not be longer than ' . static::SCHEMA_NAME_MAX_LENGTH . ' characters'
+                . ' and consist solely of basic latin letters (a-z), digits (0-9), dollar signs ($)'
+                . ' and underscores (_) and does not start with "pg_".',
+                'Database name not valid',
+                FlashMessage::ERROR
+            )
+        );
+    }
 }
--- a/typo3/sysext/install/Classes/SystemEnvironment/DatabaseCheck/Platform/SqlSrv.php
+++ b/typo3/sysext/install/Classes/SystemEnvironment/DatabaseCheck/Platform/SqlSrv.php
@@ -27,6 +27,13 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
 */
 class SqlSrv extends AbstractPlatform
 {
+    /**
+     * https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers
+     *
+     * @var int The maximum length of the schema name
+     */
+    protected const SCHEMA_NAME_MAX_LENGTH = 128;
    /**
     * SQL Server has a more complex naming schema for the collation.
     * For more information visit:
@@ -139,4 +146,46 @@ class SqlSrv extends AbstractPlatform
            }
        }
    }
+    /**
+     * Validate the database name
+     * https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers
+     *
+     * Examples:
+     *
+     * valid:
+     *      _foo
+     *      @foo
+     *      #foo
+     *      _floo1äea
+     *      @foo111111111kemcie_l#@
+     *
+     * not valid:
+     *      @@thisShouldNotBeValid
+     *
+     *
+     * @param string $databaseName
+     * @return bool
+     */
+    public static function isValidDatabaseName(string $databaseName): bool
+    {
+        return strlen($databaseName) <= static::SCHEMA_NAME_MAX_LENGTH && preg_match('/^(?!@@)[a-zA-Z0-9\$_@#\p{L}]*$/u', $databaseName);
+    }
+    protected function checkDatabaseName(Connection $connection): void
+    {
+        if (static::isValidDatabaseName($connection->getDatabase())) {
+            return;
+        }
+        $this->messageQueue->enqueue(
+            new FlashMessage(
+                'The given database name must not be longer than ' . static::SCHEMA_NAME_MAX_LENGTH . ' characters'
+                . ' and consist solely of basic latin letters (a-z), unicode characters, digits (0-9), dollar signs ($),'
+                . ' symbol @, underscores (_) and does not start with "@@".',
+                'Database name not valid',
+                FlashMessage::ERROR
+            )
+        );
+    }
 }
--- a/typo3/sysext/install/Classes/SystemEnvironment/DatabaseCheck/Platform/Sqlite.php
+++ b/typo3/sysext/install/Classes/SystemEnvironment/DatabaseCheck/Platform/Sqlite.php
@@ -18,6 +18,7 @@ namespace TYPO3\CMS\Install\SystemEnvironment\DatabaseCheck\Platform;
 use TYPO3\CMS\Core\Database\Connection;
 use TYPO3\CMS\Core\Database\ConnectionPool;
+use TYPO3\CMS\Core\Messaging\FlashMessage;
 use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
@@ -67,4 +68,33 @@ class Sqlite extends AbstractPlatform
    {
        // TODO: Implement getDefaultDatabaseServerCharset() method.
    }
+    /**
+     * Validate the database name
+     * SQLite does not have any limitation for the length of the database name,
+     * but must start with a letter or _
+     *
+     * @param string $databaseName
+     * @return bool
+     */
+    public static function isValidDatabaseName(string $databaseName): bool
+    {
+        return (bool)preg_match('/^[A-Za-z_\/][a-zA-Z0-9\$\/_.-]*$/', $databaseName);
+    }
+    protected function checkDatabaseName(Connection $connection): void
+    {
+        if (static::isValidDatabaseName($connection->getDatabase())) {
+            return;
+        }
+        $this->messageQueue->enqueue(
+            new FlashMessage(
+                'The given database name must consist solely of basic latin letters (a-z), digits (0-9)'
+                . ' and underscores (_).',
+                'Database name not valid',
+                FlashMessage::ERROR
+            )
+        );
+    }
 }