Tweet
[MySQL 3.23.X] LOAD DATA / PHP 4.3 Bug?
Eine Sache die mir bis jetzt immer selbstverständlich war gibt mir im Augenblick rätsel auf. Normalerweise verarbeite ich größere csv, oder csv ähnliche Dumps über LOAD DATA INFILE.
Syntaktisch passt das auch alles jedoch setzt er auf einem meiner neuen Server mit PHP 4.3 die Fehlermeldung access denied with password xy ab.
User und Passwort stimmen jedoch auf alle Fälle so dass ich ein wenig in den Newsgroups gestöbert habe und mittlerweile den Eindruck habe, dass die aktuellen 4.3 nicht mit der mySQL zusammenarbeitet, respektive das vom PHP dev Team so nicht gewollt ist.
Siehe Auszüge aus den newsgroups:
ID: 21356
Updated by: georg@php.net
Reported By: michael at tapinternet dot com
-Status: Open
+Status: Wont fix
Bug Type: MySQL related
Operating System: Slackware
PHP Version: 4.3.0
New Comment:
It's not a bug, it's a feature
We will not change this in PHP4 anymore, it's already on TODO for
ext/mysql and ext/mysqli in PHP5.
If you need LOAD DATA LOCAL INFILE (and LOAD DATA INFILE doesn't work
for you), use an external mysql library.
Previous Comments:
------------------------------------------------------------------------
[2003-02-03 19:26:08] rlm at pricegrabber dot com
This "security patch" is extremely dubious on MySQL clients standalone,
much less PHP. It purports to prevent patched MySQL clients/servers
from causing problems by reading local files, but if you have a patched
MySQL server, you have a much, much worse problem than remote file
reads. Besides, if you can read arbitrary files using MySQL, you can
do the same for PHP. This should have never entered the code stream,
and really ought to be disabled (it's turned off by default in 3.23.49a
and subsequent).
------------------------------------------------------------------------
[2003-02-01 14:27:42] brunofr at ioda-net dot ch
This bug is found and test with W2K and NT4.0
PhP 4.3.0
Try with Mysql 3.23.53 - 3.23.54 - 3.23.55
Was not present PhP version before ( 4.2.4-dev snapshot from the 24
October 2002
Why this bug ???
Is there a lack in Quality Test...
found this in the news.txt disto
- Fixed a security bug in the bundled MySQL library. (Georg, Stefan)
question why 3.23.49 client version as Mysql released very more up to
date lib at the build 4.3. date.
Could this be corrected in the snapshot-stable version.
Thank ... have lost to much time today with this.
------------------------------------------------------------------------
.... und ...
ich hab bisher nach Lösungen gesucht, gefunden in der Newsgroup:
$m=mysql_connect($host, $user, $pass, false, 128);
// connect with MYSQL_OPT_LOCAL_INFILE (in php manual undocumented)
was aber auch nicht klappt...
Kennt jemand den Hintergrund von der ganzen Sache bzw. am BESTEN DIE LÖSUNG
Bis denn!
Alex
Syntaktisch passt das auch alles jedoch setzt er auf einem meiner neuen Server mit PHP 4.3 die Fehlermeldung access denied with password xy ab.
User und Passwort stimmen jedoch auf alle Fälle so dass ich ein wenig in den Newsgroups gestöbert habe und mittlerweile den Eindruck habe, dass die aktuellen 4.3 nicht mit der mySQL zusammenarbeitet, respektive das vom PHP dev Team so nicht gewollt ist.
Siehe Auszüge aus den newsgroups:
ID: 21356
Updated by: georg@php.net
Reported By: michael at tapinternet dot com
-Status: Open
+Status: Wont fix
Bug Type: MySQL related
Operating System: Slackware
PHP Version: 4.3.0
New Comment:
It's not a bug, it's a feature
We will not change this in PHP4 anymore, it's already on TODO for
ext/mysql and ext/mysqli in PHP5.
If you need LOAD DATA LOCAL INFILE (and LOAD DATA INFILE doesn't work
for you), use an external mysql library.
Previous Comments:
------------------------------------------------------------------------
[2003-02-03 19:26:08] rlm at pricegrabber dot com
This "security patch" is extremely dubious on MySQL clients standalone,
much less PHP. It purports to prevent patched MySQL clients/servers
from causing problems by reading local files, but if you have a patched
MySQL server, you have a much, much worse problem than remote file
reads. Besides, if you can read arbitrary files using MySQL, you can
do the same for PHP. This should have never entered the code stream,
and really ought to be disabled (it's turned off by default in 3.23.49a
and subsequent).
------------------------------------------------------------------------
[2003-02-01 14:27:42] brunofr at ioda-net dot ch
This bug is found and test with W2K and NT4.0
PhP 4.3.0
Try with Mysql 3.23.53 - 3.23.54 - 3.23.55
Was not present PhP version before ( 4.2.4-dev snapshot from the 24
October 2002
Why this bug ???
Is there a lack in Quality Test...
found this in the news.txt disto
- Fixed a security bug in the bundled MySQL library. (Georg, Stefan)
question why 3.23.49 client version as Mysql released very more up to
date lib at the build 4.3. date.
Could this be corrected in the snapshot-stable version.
Thank ... have lost to much time today with this.
------------------------------------------------------------------------
.... und ...
ich hab bisher nach Lösungen gesucht, gefunden in der Newsgroup:
$m=mysql_connect($host, $user, $pass, false, 128);
// connect with MYSQL_OPT_LOCAL_INFILE (in php manual undocumented)
was aber auch nicht klappt...
Kennt jemand den Hintergrund von der ganzen Sache bzw. am BESTEN DIE LÖSUNG
Bis denn!
Alex