From 122ac8f600ee74d2dc472f06eb8c3e9aafe72344 Mon Sep 17 00:00:00 2001
From: Johannes Meyer <johannes.meyer@icinga.com>
Date: Mon, 14 Jul 2025 11:32:18 +0200
Subject: [PATCH] setup: Warn users about wildcards in their database name

---
 .../application/forms/DatabaseCreationPage.php      | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/modules/setup/application/forms/DatabaseCreationPage.php b/modules/setup/application/forms/DatabaseCreationPage.php
index f7092a176..d1786fccd 100644
--- a/modules/setup/application/forms/DatabaseCreationPage.php
+++ b/modules/setup/application/forms/DatabaseCreationPage.php
@@ -91,6 +91,19 @@ class DatabaseCreationPage extends Form
      */
     public function createElements(array $formData)
     {
+        if ($this->config['db'] === 'mysql' && preg_match('/[_%]/', $this->config['dbname'])) {
+            $this->warning(sprintf(
+                $this->translate(
+                    'The database name may contain either an underscore or a percent sign.'
+                    . ' In MySQL these characters represent a wildcard. If part of a database name,'
+                    . ' they might not have been escaped when manually granting privileges.'
+                    . ' Privileges might not be detected in this case. Check the documentation and'
+                    . ' update your grants accordingly: %s'
+                ),
+                'https://dev.mysql.com/doc/refman/8.0/en/grant.html#grant-quoting'
+            ));
+        }
+
         $skipValidation = isset($formData['skip_validation']) && $formData['skip_validation'];
         $this->addElement(
             'text',