[Phpmyadmin-devel] [Patch] Allow for "LOAD DATA INFILE" when using the PHP-bundled mysql client
Marc Delisle
DelislMa at CollegeSherbrooke.qc.ca
Mon Sep 20 18:38:23 CEST 2004
Matthias,
I merged this:
if (PMA_MYSQL_CLIENT_API >= 32349) {
$client_flags = $cfg['Server']['compress'] &&
defined('MYSQL_CLIENT_COMPRESS') ? MYSQL_CLIENT_COMPRESS : 0;
// always use CLIENT_LOCAL_FILES as defined in mysql_com.h
// for the case where the client library was not compiled
// with --enable-local-infile
$client_flags |= 128;
}
IMO there was no typo (COMPRESS was working). "ORing" a new variable
with 32 or setting it to 32 makes no difference.
Marc
Matthias Pigulla wrote:
> Hi all,
>
> I hope this is the right place and right way to submit this patch?
>
> As you probably know, MySQL has disabled the "LOCAL" option for "LOAD
> DATA INFILE" statements for security reasons as of MySQL 3.23.49. To be
> able to use "LOAD DATA LOCAL", you will have to add
>
> local-infile = 1
>
> to both you server's and client's my.cnf files. (Please be aware of the
> security implications!)
>
> However, when using the mysql client bundled with PHP, these settings
> don't apply. Instead, you will have to pass the appropriate flag as an
> extra parameter to mysql_connect.
>
> This patch adds a new config directive
> $cfg['Servers'][..]['infile_local'] = (TRUE | FALSE). Setting it to
> "TRUE" enables the mysql client bundled with PHP to use "LOAD DATA
> LOCAL" for this connection.
>
> Without having tested it, you should be able to use LOAD DATA LOCAL
> without setting this option if you compiled PHP with
> --with-mysql=/path/to/mysql (thus you did not use the client bundled
> with PHP) and setup my.cnf correctly.
>
> Even when passing the additional parameter to mysql_(p)connect, the use
> of open_basedir may restrict its usage.
>
> Besides that, there was a typo in mysql.dbi.lib.php that prevented
> passing the $client_flags to mysql_(p)connect at all; so far, that
> should have broken the use of MYSQL_CLIENT_COMPRESS.
>
> Best regards,
> Matthias
>
>
>
>
>
>
>
>
> ------------------------------------------------------------------------
>
> diff -ru phpMyAdmin-2.6.0-rc2/config.inc.php www/config.inc.php
> --- phpMyAdmin-2.6.0-rc2/config.inc.php Sat Sep 4 15:40:11 2004
> +++ www/config.inc.php Mon Sep 20 12:09:00 2004
> @@ -71,6 +71,7 @@
> $cfg['Servers'][$i]['socket'] = ''; // Path to the socket - leave blank for default socket
> $cfg['Servers'][$i]['connect_type'] = 'tcp'; // How to connect to MySQL server ('tcp' or 'socket')
> $cfg['Servers'][$i]['extension'] = 'mysql'; // The php MySQL extension to use ('mysql' or 'mysqli')
> +$cfg['Servers'][$i]['infile_local'] = TRUE; // Upon mysql_connect, set client flag to allow for 'LOAD DATA LOCAL INFILE'
> $cfg['Servers'][$i]['compress'] = FALSE; // Use compressed protocol for the MySQL connection
> // (requires PHP >= 4.3.0)
> $cfg['Servers'][$i]['controluser'] = ''; // MySQL control user settings
>
> diff -ru phpMyAdmin-2.6.0-rc2/libraries/dbi/mysql.dbi.lib.php www/libraries/dbi/mysql.dbi.lib.php
> --- phpMyAdmin-2.6.0-rc2/libraries/dbi/mysql.dbi.lib.php Sun Jul 18 00:58:31 2004
> +++ www/libraries/dbi/mysql.dbi.lib.php Mon Sep 20 12:05:19 2004
> @@ -47,11 +47,14 @@
> ? ''
> : ':' . $cfg['Server']['socket'];
>
> + $client_flags = 0;
> if (PMA_MYSQL_CLIENT_API >= 32349) {
> - $client_flags = $cfg['Server']['compress'] && defined('MYSQL_CLIENT_COMPRESS') ? MYSQL_CLIENT_COMPRESS : 0;
> + $client_flags |= $cfg['Server']['compress'] && defined('MYSQL_CLIENT_COMPRESS') ? MYSQL_CLIENT_COMPRESS : 0;
> + $client_flags |= $cfg['Server']['infile_local'] ? 128 : 0; /* CLIENT_LOCAL_FILES as defined in PHP's /ext/mysql/libmysql/mysql_com.h */
> }
>
> - if (empty($client_clags)) {
> +
> + if (empty($client_flags)) {
> $connect_func = 'mysql_' . ($cfg['PersistentConnections'] ? 'p' : '') . 'connect';
> $link = @$connect_func($cfg['Server']['host'] . $server_port . $server_socket, $user, $password);
> } else {
More information about the Developers
mailing list