[phpMyAdmin Git] [phpmyadmin/phpmyadmin] aeac90: Deny using mysql extension with mysql.allow_local_infile

Branch: refs/heads/QA_4_8 Home: https://github.com/phpmyadmin/phpmyadmin Commit: aeac90623e525057a7672ab3d98154b5c57c15ec https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98… Author: Michal Čihař <michal(a)cihar.com> Date: 2019-01-20 (Sun, 01 January 2019) +01:00 Changed paths: M libraries/classes/Dbi/DbiMysql.php Log Message: ----------- Deny using mysql extension with mysql.allow_local_infile This allows reading arbitrary files on the server without any way to disable. Signed-off-by: Michal Čihař <michal(a)cihar.com> Commit: c5e01f84ad48c5c626001cb92d7a95500920a900 https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7… Author: Jakub Vrana <jakub(a)vrana.cz> Date: 2019-01-21 (Mon, 01 January 2019) +01:00 Changed paths: M libraries/classes/Dbi/DbiMysqli.php Log Message: ----------- Actually set MYSQLI_OPT_LOCAL_INFILE 1e6b740e tried to set this but failed due to https://bugs.php.net/77496 and nobody probably ever tested it. Tested: Executed `LOAD DATA LOCAL INFILE 'README' INTO TABLE text(text)` SQL command successfully before, unsuceesfully after. Signed-off-by: Jakub Vrana <jakub(a)vrana.cz> Commit: 828f740158e7bf14aa4a7473c5968d06364e03a2 https://github.com/phpmyadmin/phpmyadmin/commit/828f740158e7bf14aa4a7473c59… Author: Michal Čihař <michal(a)cihar.com> Date: 2019-01-21 (Mon, 01 January 2019) +01:00 Changed paths: M libraries/classes/Dbi/DbiMysql.php Log Message: ----------- Merge branch 'allow_local_infile' into QA_4_8