archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 13:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

pdo: Deprecate the uri: DSN scheme (#19274)

Browse source 
RFC: https://wiki.php.net/rfc/deprecations_php_8_5#deprecate_pdo_s_urischeme
This commit is contained in:
Tim Düsterhus 2025-08-08 22:24:15 +02:00 committed by GitHub
parent 21625006e5
commit 732069d98b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 57 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ext/pdo/pdo_dbh.c
View file

@ -347,6 +347,11 @@ PDO_API void php_pdo_internal_construct_driver(INTERNAL_FUNCTION_PARAMETERS, zen
}
if (!strncmp(data_source, "uri:", sizeof("uri:")-1)) {
zend_error(E_DEPRECATED, "Looking up the DSN from a URI is deprecated due to possible security concerns with DSNs coming from remote URIs");
if (EG(exception)) {
RETURN_THROWS();
}
/* the specified URI holds connection details */
data_source = dsn_from_uri(data_source + sizeof("uri:")-1, alt_dsn, sizeof(alt_dsn));
if (!data_source) {

5
ext/pdo_mysql/tests/pdo_mysql___construct_uri.phpt
View file

@ -63,5 +63,8 @@ MySQLPDOTest::skip();
print "done!";
?>
--EXPECT--
--EXPECTF--
Deprecated: Looking up the DSN from a URI is deprecated due to possible security concerns with DSNs coming from remote URIs in %s on line %d
Deprecated: Looking up the DSN from a URI is deprecated due to possible security concerns with DSNs coming from remote URIs in %s on line %d
done!

48
ext/pdo_sqlite/tests/pdo_sqlite___construct_uri.phpt Normal file
View file

@ -0,0 +1,48 @@
--TEST--
PDO_sqlite: PDO->__construct() - URI
--EXTENSIONS--
pdo_sqlite
--FILE--
<?php
$dsnFile = __DIR__ . DIRECTORY_SEPARATOR . "pdo_sqlite___construct_uri.dsn";
$dbFile = __DIR__ . DIRECTORY_SEPARATOR . "pdo_sqlite___construct_uri.db";
file_put_contents($dsnFile, "sqlite:{$dbFile}");
clearstatcache();
var_dump(file_exists($dbFile));
new PDO("uri:{$dsnFile}");
clearstatcache();
var_dump(file_exists($dbFile));
unlink($dbFile);
set_error_handler(function (int $errno, string $errstr, string $errfile, int $errline) {
throw new \ErrorException($errstr, 0, $errno, $errfile, $errline);
});
clearstatcache();
var_dump(file_exists($dbFile));
try {
new PDO("uri:{$dsnFile}");
} catch (Throwable $e) {
echo $e::class, ": ", $e->getMessage(), PHP_EOL;
}
clearstatcache();
var_dump(file_exists($dbFile));
?>
--CLEAN--
<?php
@unlink(__DIR__ . DIRECTORY_SEPARATOR . "pdo_sqlite___construct_uri.dsn");
@unlink(__DIR__ . DIRECTORY_SEPARATOR . "pdo_sqlite___construct_uri.db");
?>
--EXPECTF--
bool(false)
Deprecated: Looking up the DSN from a URI is deprecated due to possible security concerns with DSNs coming from remote URIs in %s on line %d
bool(true)
bool(false)
ErrorException: Looking up the DSN from a URI is deprecated due to possible security concerns with DSNs coming from remote URIs
bool(false)