The case of a # use in passwords

How a # in my DB password, had me spinning for a few hours.
Aug 14, 2019 — 2 mins read — Laravel

The case of a # use in passwords

I was recently hoping to rebuild my website with this blog feature and with it I decided to build the entire site in Laravel. When I was ready to switch it I realized that my old host was not allowing a newer version of PHP so I decided to switch hosts and I’m now hosting everything on DreamHost.

The entire process of moving was really straight forward and I had the site uploaded quite quickly. Only when I needed to connect the DB that the problems started. 

DreamHost has this panel where you can manage all of the aspects of the hosting and among that is the MySQL database. I created the database, entered phpMyAdmin and successfully imported the backup that I extracted from my local development environment without any issues. With the files ready and the database in place, my next step was to connect the Laravel application with it in the ‘.env’ file. 

I entered all of the details, including the password that I’ve used a generator to create and set it in DreamHost, and saved the file. To my surprise, when I opened the site, I’ve got a database connection issue saying that the user could not connect to the database. 

To make sure that I did everything right, I once again checked everything, the DB user, reset the password, checked the host, the content of the ‘.env’ file and still nothing. As a last resort, I’ve allowed remote access to the DB from my local IP address and when I tried to connect to it from MySQL Workbench, it worked so I had my ‘AHA’ moment that the problem must be in the ‘.env’ file as the database worked..

After once again looking at the configuration, I spot the problem. When I used the password generator to generate the database password, it was generated in the following format:

someRandomString1WithNumbers&SpecialChars#

Can you see it?

At the end of it, there was a # (hash) symbol that apparently worked on DreamHost to set it like a password and it also worked with MySQL workbench for me to connect to it. The root cause of the problem is with the PHP dotenv library that is used by Laravel to parse the ‘.env’ the file where it uses the # symbol as an identifier for comments. Basically, the last symbol was seen as an added comment and not as part of the password. 

Once I changed the password to something without the # symbol, everything worked as expected.

php dotenv laravel mysql
Read this next

DIY Power Bank

I had some battery cells that I salvaged from old Samsung mobile phones that I had laying around and I've build them into a power bank. Chec...

You might enjoy

Add comments to any website

Today, we will look into Disqus and how it can be added as a comments platform to any site. In particular, we will look at how to properly s...