| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
LOAD DATA LOCAL
The LOAD DATA statement can load a file that is located on the
server host, or, when the LOCAL keyword is specified, a file that
is located on the client host.
There are two possible problems with supporting the LOCAL version of
LOAD DATA statements:
LOAD DATA LOCAL to read any files
that the web server process has read access to (assuming a user could
run any command against the SQL server). In this environment, the client with
respect to the MySQL server actually is the web server, not the program being
run by the user connecting to the web server.
To deal with these potential security issues, we changed how LOAD DATA
LOCAL is handled as of MySQL 3.23.49 and MySQL 4.0.2 (4.0.13 on Windows):
--enable-local-infile option, to be compatible
with MySQL 3.23.48 and before.
--enable-local-infile
option to configure, LOAD DATA LOCAL cannot be used
by any client unless it is written explicitly to invoke
mysql_options(... MYSQL_OPT_LOCAL_INFILE, 0).
See section mysql_options().
LOAD DATA LOCAL commands from the server side
by starting mysqld with --local-infile=0.
mysql command-line client, LOAD DATA LOCAL can be
enabled by specifying the --local-infile[=1] option, or disabled with
the --local-infile=0 option. Similarly, for mysqlimport,
the --local or -L option enable local datafile loading. In
any case, successful use of a local loading operation requires that the
server is enabled to allow it.
LOAD DATA LOCAL INFILE is disabled, either in the server or
the client, a client that attempts to issue such a statement receives the
following error message:
ERROR 1148: The used command is not allowed with this MySQL version |
| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |