Decoding your application's database connection: Looking for help

Question

I am new to Php and have recently been offered work on some applications (php/laravel) running on a server (AWS) using MySQL and RDS with the app/php content hosted by nginx

This is the file that defines the nginx path found in /etc/nginx/conf.d

server {

    server_name mytable.sa;
    http2_max_field_size 64k;
    http2_max_header_size 512k;
    client_max_body_size 100m;

    index index.php admin.php;

    error_log /var/log/nginx/error.log;
    access_log /var/log/nginx/access.log main;

    location = /favicon.ico {
        access_log off; log_not_found off;
    }
    location = /robots.txt {
        access_log off; log_not_found off;
    }

    root /var/www/project/public_html;

    # ssl files
    #include project.tech/ssl.conf;

    include compression.conf;
        location ~ /.well-known/apple-app-site-association {
         default_type application/pkcs7-mime;
    }


    # allow letsencrypt
    location ~ /.well-known {
        allow all;
    }

    location / {
        try_files $uri /index.php$is_args$args;
        #try_files $uri /Home.html;
    }

    location /admin {
        try_files $uri $uri/ /admin.php$is_args$args;
        proxy_connect_timeout 900;
        proxy_send_timeout 900;
        proxy_read_timeout 900;
        send_timeout 900;
        # location ~ \.php$ {
        #     include snippets/fastcgi-php.conf;
        #     fastcgi_pass unix:/run/php-fpm/www.sock;
     }

  location /api {
        try_files $uri $uri/ /api.php$is_args$args;
    }

    location /opelia {
        try_files $uri /adminRest.php$is_args$args;
    }

    location /delivery-app {
        try_files $uri /delivery-app.php$is_args$args;
        proxy_connect_timeout 900;
        proxy_send_timeout 900;
        proxy_read_timeout 900;
        send_timeout 900;
    }

    location /social {
        try_files $uri /social.php$is_args$args;
    }


    location ~ \.php$ {
        fastcgi_pass unix:/run/php-fpm/www.sock;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    location /project {
        index index.html;
        autoindex on;
    }

    location /docs {
        index index.html;
    }

    # Proxy any URL request to S3 bucket and remove any Amazon headers
    location ~ "^/uploads/(.*)$" {
        add_header X-Asset-Location $hostname;

        set $bucket "mytable-files-new";
        set $key ;
      rewrite .* /uploads/$key break;

        # no client headers
        proxy_pass_request_headers off;

        # let amazon take the buffering load
        proxy_buffering off;

        # let amazon retry a few times if first timeouts are 5xx response
        proxy_next_upstream error timeout http_500 http_502 http_503 http_504;

        proxy_set_header Host $bucket.s3.amazonaws.com;

        proxy_pass https://s3.amazonaws.com;
        proxy_hide_header "x-amz-id-2";
        proxy_hide_header "x-amz-request-id";
    }


    set $no_cache 0;

    # If non GET/HEAD, don't cache & mark user as uncacheable for 1 second via cookie
    if ($request_method !~ ^(GET|HEAD)$) {
        set $no_cache "1";
    }

    if ($request_uri ~* "/(uploads/|admin/|opelia/)") {
        set $no_cache 1;
    }

    if ($request_uri ~* "^/entity1/search") {
        set $no_cache 1;
    }
    if ($request_uri ~* "^/entity1/") {
        set $no_cache 1;
    }
    if ($request_uri = "/booking") {
        set $no_cache 1;
    }

    if ($request_uri = "/api/me") {
        set $no_cache 1;
    }
    if ($request_uri = "/api/me/favourite/entity1") {
        set $no_cache 1;
    }
    if ($request_uri = "/api/me/need-review") {
        set $no_cache 1;
    # refactor frontend languages to seprate urls to enable cache
    if ($request_uri ~* "^/register_restaurant_step") {
        set $no_cache 1;
    }


    # Don't cache or serve pages specified above
#    fastcgi_cache_bypass $no_cache;
 #   fastcgi_no_cache $no_cache;

    # Select which cache to use
  #  fastcgi_cache microcache;
    # Cache successful responses for one second, you could also cache redirects here by adding status code 302!
    #fastcgi_cache_valid any 60s;
   # # Show cache status in HTTP headers, useful for debugging
    #add_header X-Cache $upstream_cache_status;


listen 80;

I have the source code, but the previous freelancer has stopped working with the client. I don't have database credentials, I need to access the database but I can't. I tried looking for the password from the php file and all I could find was a configuration folder containing a file database.php with the following content:

'connections' => [

        'sqlite' => [
            'driver' => 'sqlite',
            'database' => env('DB_DATABASE', database_path('database.sqlite')),
            'prefix' => '',
        ],

        'mysql' => [
            'driver' => 'mysql',           
            'read' => [
                'host' => [
                    env('DB_HOST_READ_2'),
                    env('DB_HOST_READ_1'),
                    env('DB_HOST_READ'),
                    // env('DB_HOST_WRITE'),
                ],
            ],
            'write' => [
                'host' => [
                    env('DB_HOST_WRITE'),
                 ],
            ],                
            //'host' => env('DB_HOST', '127.0.0.1'),
            'port' => env('DB_PORT', '3306'),
            'database' => env('DB_DATABASE', 'forge'),
            'username' => env('DB_USERNAME', 'forge'),
            'password' => env('DB_PASSWORD', ''),
            'unix_socket' => env('DB_SOCKET', ''),
            'charset' => 'utf8mb4',
            'collation' => 'utf8mb4_unicode_ci',
            'prefix' => '',
            'strict' => false,
            'engine' => null,
        ],

        'pgsql' => [
            'driver' => 'pgsql',
            'host' => env('DB_HOST', '127.0.0.1'),
            'port' => env('DB_PORT', '5432'),
            'database' => env('DB_DATABASE', 'forge'),
            'username' => env('DB_USERNAME', 'forge'),
            'password' => env('DB_PASSWORD', ''),
            'charset' => 'utf8',
            'prefix' => '',
            'schema' => 'public',
            'sslmode' => 'prefer',
        ],
        'sqlsrv' => [
            'driver' => 'sqlsrv',
            'host' => env('DB_HOST', 'localhost'),
            'port' => env('DB_PORT', '1433'),
            'database' => env('DB_DATABASE', 'forge'),
            'username' => env('DB_USERNAME', 'forge'),
            'password' => env('DB_PASSWORD', ''),
            'charset' => 'utf8',
            'prefix' => '',
        ],

    ],

    /*
    |--------------------------------------------------------------------------
    | Migration Repository Table
    |--------------------------------------------------------------------------
    |
    | This table keeps track of all the migrations that have already run for
    | your application. Using this information, we can determine which of
    | the migrations on disk haven't actually been run in the database.
    |
    */

    'migrations' => 'migrations',

    /*
    |--------------------------------------------------------------------------
    | Redis Databases
    |--------------------------------------------------------------------------
    |
    | Redis is an open source, fast, and advanced key-value store that also
    | provides a richer set of commands than a typical key-value systems
    | such as APC or Memcached. Laravel makes it easy to dig right in.
    |
    */

    'redis' => [

        'client' => 'predis',

        'default' => [
            'host' => env('REDIS_HOST', '127.0.0.1'),
            'password' => env('REDIS_PASSWORD', null),
            'port' => env('REDIS_PORT', 6379),
            'database' => 0,
        ],
];

I have checked the environment variables using printenv but cannot find any environment variables such as DB_USERNAME. Since the application is running fine, it is able to connect to the database.

How to obtain the credentials of the database. Is there any way to figure out how the application connects to the database and runs fine?

Answer 1

In the laravel root directory you should see a file named ".env", open this file and you should see all laravel instance variables in it

Answer 2

This is a PHP/Laravel application and the connection information is stored in the server environment. The database connection logic is part of the framework, you don't have to fiddle with it (it's 3rd party code, not part of the business logic)

In some cases, the environment is stored in a file named .env (located in the root folder of the PHP application)

In some setups, the environment may not be in the file, but it is created during deployment and stored with the system environment variables.

Either way, you should look for the DB_* environment variables to obtain the database connection credentials, server, and port.