Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: lists.mysql.com > commits > 07 > 071352.html (Request Expert lists.mysql.com Support)

PHP mysqlnd svn commit: r708 - in trunk: php5/ext/mysqli php6/ext/mysqli

From: <ahristov(at)mysql.com>
Date: Wed Jul 11 2007 - 09:05:38 EDT


Author: ahristov
Date: 2007-07-11 15:05:38 +0200 (Wed, 11 Jul 2007) New Revision: 708

Modified:

   trunk/php5/ext/mysqli/mysqli_api.c
   trunk/php6/ext/mysqli/mysqli_api.c
Log:
Fixing also mysqli_real_connect() agains LOCAL INFILE attacks

Modified: trunk/php5/ext/mysqli/mysqli_api.c

  • trunk/php5/ext/mysqli/mysqli_api.c 2007-07-11 12:54:35 UTC (rev 707) +++ trunk/php5/ext/mysqli/mysqli_api.c 2007-07-11 13:05:38 UTC (rev 708) @@ -1645,6 +1645,8 @@ php_set_local_infile_handler_default(mysql);
    #endif

+ mysql_options(mysql->mysql, MYSQL_OPT_LOCAL_INFILE, &MyG(allow_local_infile)); + 

 	/* change status */
 	MYSQLI_SET_STATUS(&mysql_link, MYSQLI_STATUS_VALID);

Modified: trunk/php6/ext/mysqli/mysqli_api.c

  • trunk/php6/ext/mysqli/mysqli_api.c 2007-07-11 12:54:35 UTC (rev 707) +++ trunk/php6/ext/mysqli/mysqli_api.c 2007-07-11 13:05:38 UTC (rev 708) @@ -1683,6 +1683,10 @@ flags ^= CLIENT_LOCAL_FILES; } 
+	if (UG(unicode)) {
+		mysql_options(mysql->mysql, MYSQL_SET_CHARSET_NAME, "utf8");
+	}
+

 #if !defined(HAVE_MYSQLND)

 	if (mysql_real_connect(mysql->mysql, hostname, username, passwd, dbname ,port, socket ,flags) == NULL)

#else

@@ -1699,6 +1703,12 @@ 
 		RETURN_FALSE;
 	}
 
+	/* when PHP runs in unicode, set default character set to utf8 */
+	if (UG(unicode)) {
+		mysql->conv = UG(utf8_conv);
+	}
+
+	/* clear error */
 	php_mysqli_set_error(mysql_errno(mysql->mysql), (char *)mysql_error(mysql->mysql) TSRMLS_CC);

#if !defined(HAVE_MYSQLND)

@@ -1708,6 +1718,8 @@

         php_set_local_infile_handler_default(mysql);
#endif
 

Do you need help?X

+ mysql_options(mysql->mysql, MYSQL_OPT_LOCAL_INFILE, (char *)&MyG(allow_local_infile)); + 

 	/* change status */
 	MYSQLI_SET_STATUS(&mysql_link, MYSQLI_STATUS_VALID);
 

-- 
MySQL Code Commits Mailing List
For list archives: 
http://lists.mysql.com/commits
To unsubscribe:    
http://lists.mysql.com/commits?unsub=lists@pantek.com
Received on Wed Jul 11 09:05:43 2007

This archive was generated by hypermail 2.1.8 : Thu Aug 02 2007 - 01:53:59 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library