Forums

Database security

Permalink
Hi Everyone,

I need my package to check to see if a database called 'mother' exists in database.php and if so use it, if it doesn't exists - then it would use the default database.

I tried lots of different ways which weren't successful, this is the only way I've managed to get it working - but I'm worried that its vulnerable.. What do you guys think? I'm a little bit concerned about the $connections variable, dumping it shows all the database config, including password..

protected function setDatabase(){
      $connections = $this->app['config']['database.connections'];
        if (is_null($config = array_get($connections, 'mother'))) {
      $db = \database::connection('mother');
        }
        else{
        $db = \database::connection();
        }
return $db;
}
omars786
 
rge replied on at Permalink Best Answer Reply
You can use a try catch statement. If the connection is not found Concrete will throw an exception in this case you can fallback to the default.

try {
    $db = $this->app->make('database')->connection('mother');
} catch (\Exception $exception) {
    $db = $this->app->make('database')->connection();
}
omars786 replied on at Permalink Reply
omars786
Thanks Rge,

I'll give it a go later and get back to you

All the best
omars786 replied on at Permalink Reply
omars786
Hi Rge,

Thanks, I believe that worked very well!

Just a side question,

Do you know if there's a way to add another database programatically, or is the only way to do this by editing database.php?

for sure the user would need to either set up the database beforehand outside of C5, or have someone provide them with these details to connect to a database outside their localhost, its just to make the process more userfriendly