PHP :: Bug #77956 :: When mysqli.allow_local_infile = Off, use a meaningful error message

Bug #77956	When mysqli.allow_local_infile = Off, use a meaningful error message
Submitted:	2019-05-01 14:38 UTC	Modified:	2019-05-18 15:08 UTC
From:	j dot knappen at mx dot uni-saarland dot de	Assigned:	sjon (profile)
Status:	Closed	Package:	MySQLi related
PHP Version:	7.2.17	OS:	ubuntu 18.04 LTS
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	j dot knappen at mx dot uni-saarland dot de
New email:
PHP Version:		OS:

New Comment:

[2019-05-01 14:38 UTC] j dot knappen at mx dot uni-saarland dot de

Description:
------------
php has changed the default value for mysqli.allow_local_infile to "Off". However, when an application tries to execute a LOAD DATA LOCAL INFILE a completely uninformative and misleading error message is thrown:

===
A MySQL query did not run successfully!

Original query: LOAD DATA LOCAL INFILE '/data2/cqpweb/cach/tab_dist_fycel9oplk' INTO TABLE `db_dist_g2f3ndxf40` FIELDS ESCAPED BY '' /* from User: knappen |
 Function: create_db() | 2019-Apr-25 11:23:01 */

Error # 0:
===

It seems to blame MySQL for not running the query although the cause of failure is the php configuration.

The error message should say something like "MySQL query forbidden by configuration, mysqli.allow_local_infile = Off".

In this case it is possible to search for the cause of this behaviour and for a remedy.

php --version
PHP 7.2.17-0ubuntu0.18.04.1 (cli) (built: Apr 18 2019 14:12:38) ( NTS )

mysql --version
mysql  Ver 14.14 Distrib 5.7.25, for Linux (x86_64) using  EditLine wrapper



Test script:
---------------
https://askubuntu.com/q/1138415/284224

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2019-05-01 15:29 UTC] j dot knappen at mx dot uni-saarland dot de

As I have learned, the php error message is just the error number, in this case the uninformative code "0" meaning "no error at all". There should be an error code for "Forbidden by configuration" that the application can translate into something meaningful.

[2019-05-18 15:08 UTC] sjon@php.net

-Status: Open +Status: Assigned -Assigned To: +Assigned To: sjon

[2019-05-18 15:08 UTC] sjon@php.net

I reproduced this - but I got a perfectly fine warning:

Warning: mysqli::query(): LOAD DATA LOCAL INFILE forbidden in test.php on line 17

maybe cqpweb fiddles with your error-reporting settings?

I do agree with the missing error-code btw

[2019-05-22 10:45 UTC] nikic@php.net

Automatic comment on behalf of sjon@hortensius.net
Revision: http://git.php.net/?p=php-src.git;a=commit;h=96404eb8e223bde0f5f697987a81acb640cc539f
Log: Fix #77956 - When mysqli.allow_local_infile = Off, return a client error

[2019-05-22 10:45 UTC] nikic@php.net

-Status: Assigned +Status: Closed

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 11:01:29 2024 UTC