diff options
| author | David Rothstein <drothstein@gmail.com> | 2015-10-03 14:37:59 -0400 |
|---|---|---|
| committer | David Rothstein <drothstein@gmail.com> | 2015-10-03 14:37:59 -0400 |
| commit | e575b47da2f00016ee62d169ecdfaf09e8cb4cd5 (patch) | |
| tree | c4f5875c090cbed9df99fb18c14c636685d25f20 /includes/database/mysql | |
| parent | 4cc037d4dd9b52ee59eecb3bbf1795c75c0ead5a (diff) | |
| download | brdo-e575b47da2f00016ee62d169ecdfaf09e8cb4cd5.tar.gz brdo-e575b47da2f00016ee62d169ecdfaf09e8cb4cd5.tar.bz2 | |
Issue #2388255 by dawehner, pwolanin, hussainweb, greggles: Limit PDO MySQL to executing single statements if PHP supports it
Diffstat (limited to 'includes/database/mysql')
| -rw-r--r-- | includes/database/mysql/database.inc | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/includes/database/mysql/database.inc b/includes/database/mysql/database.inc index 0b84f2719..fdf9271be 100644 --- a/includes/database/mysql/database.inc +++ b/includes/database/mysql/database.inc @@ -51,6 +51,11 @@ class DatabaseConnection_mysql extends DatabaseConnection { // Because MySQL's prepared statements skip the query cache, because it's dumb. PDO::ATTR_EMULATE_PREPARES => TRUE, ); + if (defined('PDO::MYSQL_ATTR_MULTI_STATEMENTS')) { + // An added connection option in PHP 5.5.21+ to optionally limit SQL to a + // single statement like mysqli. + $connection_options['pdo'] += array(PDO::MYSQL_ATTR_MULTI_STATEMENTS => FALSE); + } parent::__construct($dsn, $connection_options['username'], $connection_options['password'], $connection_options['pdo']); @@ -78,8 +83,10 @@ class DatabaseConnection_mysql extends DatabaseConnection { $connection_options['init_commands'] += array( 'sql_mode' => "SET sql_mode = 'ANSI,STRICT_TRANS_TABLES,STRICT_ALL_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER'", ); - // Set connection options. - $this->exec(implode('; ', $connection_options['init_commands'])); + // Execute initial commands. + foreach ($connection_options['init_commands'] as $sql) { + $this->exec($sql); + } } public function __destruct() { |