mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-01 06:20:46 +02:00
Code Issues Releases Wiki Activity

Merge pull request #52 from phpbb/ticket/security/247

Browse Source 
[ticket/security/247] Disable loading of local files on client side
This commit is contained in:
Marc Alexander
2019-08-25 18:28:56 +02:00
parent 79be901cea 4555817a8b
commit 42e278e1c3
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
phpBB/phpbb/db/driver/mysqli.php
View File

@@ -68,6 +68,9 @@ class mysqli extends \phpbb\db\driver\mysql_base
if ($this->db_connect_id && $this->dbname != '') if ($this->db_connect_id && $this->dbname != '')
{ {
// Disable loading local files on client side
@mysqli_options($this->db_connect_id, MYSQLI_OPT_LOCAL_INFILE, false);
@mysqli_query($this->db_connect_id, "SET NAMES 'utf8'"); @mysqli_query($this->db_connect_id, "SET NAMES 'utf8'");
// enforce strict mode on databases that support it // enforce strict mode on databases that support it