What's a secure alternative to using a MySQL password on the command line?

Benjamin asked:

We have a PHP command-line script to version a database.
We run this script whenever a developer has added a new database patch.

The script runs the patch with the MySQL command-line:

system('mysql --user=xxx --password=xxx < patch.sql');

However, MySQL 5.6 now issues the following warning:

Warning: Using a password on the command line interface can be insecure

Which is obviously true, but might or might not be a problem for the user.

  • What’s the secure alternative then?
  • Alternatively, is it possible to disable this warning?

Please note that I don’t want to have to rely on an external password file.

My answer:

If your PHP script already has an open database connection, why don’t you just use mysqli_multi_query() to import the .sql file? If the syntax of the .sql file is valid, of course…

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.