Yes this for sure works. CLIENT_CAPABILITIES is a bitmask consisting of
the capabilities of the mysql client. CLIENT_LOCAL_FILES is bit 8 of the
mask (128). This information is sent to the server, which is actually
who decides whether local file uploads happen.
server code in mysql_server 3.23.49: sql_parse.cc:
if (!(thd->client_capabilities & CLIENT_LOCAL_FILES) ||
! opt_local_infile)
{
send_error(&thd->net,ER_NOT_ALLOWED_COMMAND);
goto error;
...
In earlier versions of mysql server this code is not present, however,
the file will still not be uploaded because of the code in the
mysql_load() function in sql_load.cc (which is present in every version
I have):
if (read_file_from_client && (thd->client_capabilities &
CLIENT_LOCAL_FILES))
{
char tmp [FN_REFLEN+1],*end;
DBUG_PRINT("info",("reading local file"));
tmp[0] = (char) 251; /* NULL_LENGTH
*/
end=strnmov(tmp+1,ex->file_name,sizeof(tmp)-2);
(void) my_net_write(&thd->net,tmp,(uint) (end-tmp));
(void) net_flush(&thd->net);
file = -1;
}
I have tested this with great success.
Thanks
-Jason
On Thu, 2002-02-28 at 06:03, Zak Greant wrote:
> Hi Jason,
>
> Did this actually work? I wrote almost the same code on my own and
> tested it, only to find that nothing changed. I walked through the code,
> but did not spot a point where the CLIENT_LOCAL_FILES is actually used
> other than:
>
> % grep -rn CLIENT_LOCAL_FILES *
> ext/mysql/libmysql/libmysql.c:53:#define CLIENT_CAPABILITIES ...
> ext/mysql/libmysql/mysql_com.h:73:#define CLIENT_LOCAL_FILES 128 ...
>
> I have not yet looked further than this.
>
> Monty cooked up a patch just before he went on vacation, but the patch
> is for a *way* newer version of libmysql and is not even remotely
> compatible.
>
> We (errr.. the PHP we that is) may wish to consider updating the
> embedded libmysql.
>
> --zak
>
> On Wed, 2002-02-27 at 09:59, Jason Greene wrote:
> > This simple patch resolves this issue in a clean way, without
> > introducing complex sql pre-processing code that introduces mutex
> > problems.
> >
> > The only issue is that it requires a modification to libmysql.c, which
> > provided that everyone here agrees with this fix, then I will post it to
> > [EMAIL PROTECTED] to get there reaction.
> >
> > -Jason
> > ----
> >
>
> > Index: ext/mysql/config.m4
> > ===================================================================
> > RCS file: /repository/php4/ext/mysql/config.m4,v
> > retrieving revision 1.38
> > diff -u -r1.38 config.m4
> > --- ext/mysql/config.m4 30 Nov 2001 18:59:45 -0000 1.38
> > +++ ext/mysql/config.m4 27 Feb 2002 16:51:33 -0000
> > @@ -41,6 +41,9 @@
> >
> > if test "$PHP_MYSQL" != "no"; then
> > AC_DEFINE(HAVE_MYSQL, 1, [Whether you have MySQL])
> > + if test "$PHP_SAFE_MODE" = "yes"; then
> > + AC_DEFINE(DISALLOW_MYSQL_LOAD_LOCAL, 1, [Whether to disable load local])
> > + fi
> > PHP_EXTENSION(mysql,$ext_shared)
> > fi
> >
> > Index: ext/mysql/libmysql/libmysql.c
> > ===================================================================
> > RCS file: /repository/php4/ext/mysql/libmysql/libmysql.c,v
> > retrieving revision 1.9
> > diff -u -r1.9 libmysql.c
> > --- ext/mysql/libmysql/libmysql.c 6 Nov 2001 16:59:07 -0000 1.9
> > +++ ext/mysql/libmysql/libmysql.c 27 Feb 2002 16:51:33 -0000
> > @@ -50,7 +50,11 @@
> > uint mysql_port=0;
> > my_string mysql_unix_port=0;
> >
> > +#ifndef DISALLOW_MYSQL_LOAD_LOCAL
> > #define CLIENT_CAPABILITIES (CLIENT_LONG_PASSWORD | CLIENT_LONG_FLAG |
>CLIENT_LOCAL_FILES | CLIENT_TRANSACTIONS)
> > +#else
> > +#define CLIENT_CAPABILITIES (CLIENT_LONG_PASSWORD | CLIENT_LONG_FLAG |
>CLIENT_TRANSACTIONS)
> > +#endif
> >
> > #ifdef __WIN__
> > #define CONNECT_TIMEOUT 20
> >
> > ----
> >
>
> > --
> > PHP Development Mailing List <http://www.php.net/>
> > To unsubscribe, visit: http://www.php.net/unsub.php
> --
> __ ___ ___ ____ __
> / |/ /_ __/ __/ __ \/ / Zak Greant <[EMAIL PROTECTED]>
> / /|_/ / // /\ \/ /_/ / /__ MySQL AB, Advocate
> /_/ /_/\_, /___/\___\_\___/ Calgary, Canada
> <___/ www.mysql.com 403.244.7213
>
--
Jason T. Greene
Internet Software Engineer
<[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
Use PHP: http://www.php.net
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
