-1

I want to run mysqldump from PHP by using proc_open(). The problem is that PHP script is called from shell and I still get Enter password: prompt.

$cmd = "mysqldump -u ".$db_user." -p -h ".$db_host." ".$db_name." > /files/database-backups/db-backup.sql";

$desc = [
    0 => ["pipe", "r"]
];
    
$p = proc_open($cmd, $desc, $pipes);
    
fwrite($pipes[0], $db_pass);
fclose($pipes[0]);
proc_close($p);

I want it to get the password and finish without the need for any external input. Is it possible? If yes how to make it work using the code above?

Answers from the other question do not apply to this one: I can't use password inside the command, I can't use external config file, I don't want to use export command.

Alan
  • 1,322
  • 1
  • 21
  • 36
  • 3
    Does this answer your question? [How to perform a mysqldump without a password prompt?](https://stackoverflow.com/questions/9293042/how-to-perform-a-mysqldump-without-a-password-prompt) – DevWithZachary Dec 02 '21 at 15:46
  • @DevWithZachary thanks for the suggestion but I would like to avoid putting password string inside the command as it can be viewed with `ps aux` - according to some commenters in that question. Also, using an external file with these details is not an option for me - it is sourced inside the script. – Alan Dec 02 '21 at 22:56

2 Answers2

0

Within a bash script file, you can use

mysql -u user -p`cat /folder/user-pwd.txt` dbname <<EOFSCRIPT

put all your mysql commands below followed by

EOFSCRIPT

By keeping the pwd in a secure place (may be under /usr/local/bin or /etc/yourfolder/ or other). This way ps aux can not expose the pwd.

Natarajan N Napoleon
  • 369
  • 1
  • 4
  • 9
-2

As soon as i know, you can add the password to the command.

To correct this, try using --password=YOUR_PASSWORD or -p=YOUR_PASSWORD.

Yannick
  • 177
  • 2
  • 13
  • 3
    Thanks but according to some it's not the most secure way. Passwords used inline can be seen via `ps aux` or logged. – Alan Dec 02 '21 at 23:01