Branch: refs/heads/QA_4_8 Home: https://github.com/phpmyadmin/phpmyadmin Commit: aeac90623e525057a7672ab3d98154b5c57c15ec https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98154b5c57c15ec Author: Michal Čihař <mic...@cihar.com> Date: 2019-01-20 (Sun, 01 January 2019) +01:00
Changed paths: M libraries/classes/Dbi/DbiMysql.php Log Message: ----------- Deny using mysql extension with mysql.allow_local_infile This allows reading arbitrary files on the server without any way to disable. Signed-off-by: Michal Čihař <mic...@cihar.com> Commit: c5e01f84ad48c5c626001cb92d7a95500920a900 https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7a95500920a900 Author: Jakub Vrana <ja...@vrana.cz> Date: 2019-01-21 (Mon, 01 January 2019) +01:00 Changed paths: M libraries/classes/Dbi/DbiMysqli.php Log Message: ----------- Actually set MYSQLI_OPT_LOCAL_INFILE 1e6b740e tried to set this but failed due to https://bugs.php.net/77496 and nobody probably ever tested it. Tested: Executed `LOAD DATA LOCAL INFILE 'README' INTO TABLE text(text)` SQL command successfully before, unsuceesfully after. Signed-off-by: Jakub Vrana <ja...@vrana.cz> Commit: 828f740158e7bf14aa4a7473c5968d06364e03a2 https://github.com/phpmyadmin/phpmyadmin/commit/828f740158e7bf14aa4a7473c5968d06364e03a2 Author: Michal Čihař <mic...@cihar.com> Date: 2019-01-21 (Mon, 01 January 2019) +01:00 Changed paths: M libraries/classes/Dbi/DbiMysql.php Log Message: ----------- Merge branch 'allow_local_infile' into QA_4_8 _______________________________________________ Git mailing list Git@phpmyadmin.net https://lists.phpmyadmin.net/mailman/listinfo/git
