Add quotes to password argument for dump/import

The password is passed on a command line for dump and import and needs quoting. Ideally, this would not be passed on a command line at all - any ideas? Or at least have a stronger form of quoting so that embedded single quotes will be escaped.
11 years ago · dacef1915a
parent f532b449d7
commit dacef1915a
1 changed files with 2 additions and 2 deletions
--- a/library/database/mysql_db
+++ b/library/database/mysql_db
@ -118,7 +118,7 @@ def db_delete(cursor, db):

 def db_dump(module, host, user, password, db_name, target, port, socket=None):
    cmd = module.get_bin_path('mysqldump', True)
-    cmd += " --quick --user=%s --password=%s" %(user, password)
+    cmd += " --quick --user=%s --password='%s'" %(user, password)
    if socket is not None:
        cmd += " --socket=%s" % socket
    else:
@ -135,7 +135,7 @@ def db_dump(module, host, user, password, db_name, target, port, socket=None):

 def db_import(module, host, user, password, db_name, target, port, socket=None):
    cmd = module.get_bin_path('mysql', True)
-    cmd += " --user=%s --password=%s" %(user, password)
+    cmd += " --user=%s --password='%s'" %(user, password)
    if socket is not None:
        cmd += " --socket=%s" % socket
    else: