summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
Diffstat (limited to 'includes')
-rw-r--r--includes/database/mysql/database.inc4
1 files changed, 4 insertions, 0 deletions
diff --git a/includes/database/mysql/database.inc b/includes/database/mysql/database.inc
index 4907a39dd..0b84f2719 100644
--- a/includes/database/mysql/database.inc
+++ b/includes/database/mysql/database.inc
@@ -36,6 +36,10 @@ class DatabaseConnection_mysql extends DatabaseConnection {
// Default to TCP connection on port 3306.
$dsn = 'mysql:host=' . $connection_options['host'] . ';port=' . (empty($connection_options['port']) ? 3306 : $connection_options['port']);
}
+ // Character set is added to dsn to ensure PDO uses the proper character
+ // set when escaping. This has security implications. See
+ // https://www.drupal.org/node/1201452 for further discussion.
+ $dsn .= ';charset=utf8';
$dsn .= ';dbname=' . $connection_options['database'];
// Allow PDO options to be overridden.
$connection_options += array(
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 08:03:10 +0000