PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Tue Aug 22, 2017 2:02 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Sat Aug 06, 2016 9:06 am 
Offline
Forum Newbie

Joined: Sat Aug 06, 2016 8:56 am
Posts: 1
Hello,

I came a cross this situation. I set the sql.safe_mode to ON in php.ini. The php code uses mysqli interface to connect to MySQL database. It is using the object version of mysqli. That means, the host, username and password is passed to the mysqli class constructor. With the sql.safe_mode = On, I would expect the host, username and password arguments to the mysqli class constructor would be ignored, and it would use the mysqli.default_host, default_user, default_pw instead. It turns out it is still using those arguments.

Is there anyone having similar situation?

I am using php 7.0.8 with Apache 2.4 (fpm-php). And it is running on Ubuntu Server 16.04.1 LTS.


Top
 Profile  
 
PostPosted: Sat Aug 06, 2016 1:29 pm 
Offline
Spammer :|
User avatar

Joined: Wed Oct 15, 2008 2:35 am
Posts: 6493
Location: WA, USA
Apparently mysqli and some others don't check sql.safe_mode.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group