mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-04-05 00:13:29 +02:00
Code Issues Releases Wiki Activity

[ticket/security/247] Disable loading of local files on client side

Browse Source 
SECURITY-247
This commit is contained in:
Marc Alexander 2019-08-11 21:31:59 +02:00
parent 0a5d167441
commit 4555817a8b
No known key found for this signature in database
GPG Key ID: 50E0D2423696F995
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
phpBB/phpbb/db/driver/mysqli.php
View File

@ -68,6 +68,9 @@ class mysqli extends \phpbb\db\driver\mysql_base
if ($this->db_connect_id && $this->dbname != '')
{
// Disable loading local files on client side
@mysqli_options($this->db_connect_id, MYSQLI_OPT_LOCAL_INFILE, false);
@mysqli_query($this->db_connect_id, "SET NAMES 'utf8'");
// enforce strict mode on databases that support it