Level 1
Thank you for warning. its always good to use quotes
1 like
Mar 3, 2019
8
Level 122
Beware # in .env files
Not a question, but a warning to upgraders to 5.8
the new version of phpenv in laravel 5.8 now treats # in password strings differently.
So, if your DB password contains a # then the rest of the line is treated as a comment.
For example
DB_PASSWORD=wh27Ty25#528
might have been your password in versions prior to 5.8 but now the # makes everything from that point an in-line comment, meaning you now have no access to the database.
The way around it is to quote the password string
DB_PASSWORD="wh27Ty25#528"
I think there is a similar risk to your password and other variables from trailing spaces.
Level 75
Thanks for the heads up.
1 like
Level 2
Good to know!
Level 5
Since vlucas/phpdotenv package is what handles the .env parsing. We should all read up on v3.3. https://github.com/vlucas/phpdotenv. A lot has changed since 2015 (v2.2) which was being used up until 5.7.
Basically wrap all your old string values in quotations.
I looked, not too hard, but 5.8 doesn't have anyway to hook the LoadEnvironmentVariables.php that is defined as a bootstrapper on the HTTP Kernel. It would be nice to be able to extend that internal service provider on the laravel/laravel side like any other service provider.
Since v3.3 has a bunch of new features like constraints, value type checking or seeing if a value is empty.
We could then:
- Check if the required .env variables are present
- Constrain them to certain values and/or types
- Check them before loading your app to see if they are empty or not
- etc
Something like
use Illuminate\Contracts\Foundation\Application;
use Illuminate\Foundation\Bootstrap\LoadEnvironmentVariables;
use Dotenv\Exception\ValidationException;
class CustomEnvProvider extends LoadEnvironmentVariables
{
/**
* Override original Bootstrap
*
* @param \Illuminate\Contracts\Foundation\Application $app
* @return void
*/
public function bootstrap(Application $app)
{
if ($app->configurationIsCached()) {
return;
}
$this->checkForSpecificEnvironmentFile($app);
try {
$env = $this->createDotenv($app);
$env->safeLoad();
// Ensure debugging is a boolean
$env->required('APP_DEBUG')->isBoolean();
// Constrain the team to 3 environments
$env->required('APP_ENV')->allowedValues([
'local',
'development',
'production'
]);
// Ensure newbies on the team have the proper set up in their .env
$env->required([
'APP_SERVER',
'APP_BASE'
])->notEmpty();
} catch (InvalidFileException $e) {
$this->writeErrorAndDie($e);
} catch (ValidationException $e) { // Validation exception if any of the checks fail.
$this->writeErrorAndDie($e);
}
}
}
Level 75
Just curious, was anything in the docs, I searched just now but did I miss something. Nothing in laravel docs I found.
Knowing me I over looked something.
Level 67
No, it's not mentioned in the upgrade guide or the docs for config, although it talks about quoting multiple words for a value, like APP_NAME="My Application"
Level 18
I've just PRed this to the upgrade guide so it doesn't get missed.
It's worth looking at the phpdotenv upgrade guide as there are a few other changes that might bite you if you're not aware.
1 like
Level 2
This saved alot of my time
Please or to participate in this conversation.