Branch: refs/heads/QA_4_8 Home: https://github.com/phpmyadmin/phpmyadmin Commit: aeac90623e525057a7672ab3d98154b5c57c15ec https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d981... Author: Michal Čihař michal@cihar.com Date: 2019-01-20 (Sun, 01 January 2019) +01:00
Changed paths: M libraries/classes/Dbi/DbiMysql.php
Log Message: ----------- Deny using mysql extension with mysql.allow_local_infile
This allows reading arbitrary files on the server without any way to disable.
Signed-off-by: Michal Čihař michal@cihar.com
Commit: c5e01f84ad48c5c626001cb92d7a95500920a900 https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7a... Author: Jakub Vrana jakub@vrana.cz Date: 2019-01-21 (Mon, 01 January 2019) +01:00
Changed paths: M libraries/classes/Dbi/DbiMysqli.php
Log Message: ----------- Actually set MYSQLI_OPT_LOCAL_INFILE
1e6b740e tried to set this but failed due to https://bugs.php.net/77496 and nobody probably ever tested it.
Tested: Executed `LOAD DATA LOCAL INFILE 'README' INTO TABLE text(text)` SQL command successfully before, unsuceesfully after.
Signed-off-by: Jakub Vrana jakub@vrana.cz
Commit: 828f740158e7bf14aa4a7473c5968d06364e03a2 https://github.com/phpmyadmin/phpmyadmin/commit/828f740158e7bf14aa4a7473c596... Author: Michal Čihař michal@cihar.com Date: 2019-01-21 (Mon, 01 January 2019) +01:00
Changed paths: M libraries/classes/Dbi/DbiMysql.php
Log Message: ----------- Merge branch 'allow_local_infile' into QA_4_8