}
MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link, "mysqli_link", MYSQLI_STATUS_INITIALIZED);
+ if (PG(open_basedir) && PG(open_basedir)[0] != '\0') {
+ if(mysql_option == MYSQL_OPT_LOCAL_INFILE) {
+ RETURN_FALSE;
+ }
+ }
+
switch (Z_TYPE_PP(&mysql_value)) {
case IS_UNICODE:
zval_unicode_to_string(mysql_value TSRMLS_CC);
MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link, "mysqli_link", MYSQLI_STATUS_INITIALIZED);
/* remove some insecure options */
- flags ^= CLIENT_MULTI_STATEMENTS; /* don't allow multi_queries via connect parameter */
- if (PG(open_basedir) && strlen(PG(open_basedir))) {
- flags ^= CLIENT_LOCAL_FILES;
+ flags &= ~CLIENT_MULTI_STATEMENTS; /* don't allow multi_queries via connect parameter */
+ if (PG(open_basedir) && PG(open_basedir)[0] != '\0') {
+ flags &= ~CLIENT_LOCAL_FILES;
}
if (!socket) {
H->emulate_prepare = pdo_attr_lval(driver_options, PDO_MYSQL_ATTR_DIRECT_QUERY, 1 TSRMLS_CC);
H->max_buffer_size = pdo_attr_lval(driver_options, PDO_MYSQL_ATTR_MAX_BUFFER_SIZE, H->max_buffer_size TSRMLS_CC);
+ if (PG(open_basedir) && PG(open_basedir)[0] != '\0') {
+ local_infile = 0;
+ }
+
if (mysql_options(H->server, MYSQL_OPT_CONNECT_TIMEOUT, (const char *)&connect_timeout)) {
pdo_mysql_error(dbh);
goto cleanup;
projects / php / commitdiff