@KaanErturk opened this Issue on December 26th 2016

When you use a remote MySQL server and can't get FILE privilege, i.e. AWS RDS, you need LOAD DATA LOCAL INFILE capability. For some reason that was an issue in PHP when open_basedir or safe_mode were enabled and their workaround was to just disable it. However it's been fixed since last year, for PHP version 5.6.17 and above and when mysqlnd is used. See the fix here: https://github.com/php/php-src/commit/be6fd4ba89e151b68ddd68e53d6a403c2e8eb862

There is a similar workaround in Piwik codebase (see https://github.com/piwik/piwik/blob/9243b9a7b6fae8237596f76cda1fe8b6816463af/core/Db/BatchInsert.php#L193). I think that should be removed, perhaps conditionally for PHP 5.6.17+.

open_basedir and safe_mode are not the ultimate security measures but still, it would be good to enable them and have Security and System Check pages on Piwik all-green as well as LOAD DATA LOCAL INFILE working as it should.

@KaanErturk commented on December 26th 2016

This is related to #10732 and #7519 btw.

@mattab commented on December 26th 2016 Member

@KaanErturk Sounds good to make the code in https://github.com/piwik/piwik/blob/9243b9a7b6fae8237596f76cda1fe8b6816463af/core/Db/BatchInsert.php#L193 conditional to PHP 5.6.17+. Did you check it works with safe mode and/or open basedir?
Pull request welcome :+1:

@mattab commented on February 20th 2017 Member

Hi @KaanErturk any chance you could create a Pull request for this issue? Would be very appreciated!

@djosip commented on November 2nd 2017

It has been over a year since KaanErturk wrote his comment about this issue and I can see that the problem with open_basedir and LOAD DATA LOCAL INFILE still persists.
Is there any hope that piwik might finally change its behavior as per KaanErtuk's suggestion?

@rick-pri commented on February 10th 2020

I can see that there was an attempt to rectify this issue here https://github.com/matomo-org/matomo/commit/93a363ce7b5dd284b9d463e39442c2da0211b200

However, if safe_mode is on this will disable INFILE_LOCAL. I'm not sure that this should be the case. Anyway, I still get the message about this. I eventually found the issue. Basically I had to set mysqli.allow_local_infile = On in my php.ini file. I found this by accident, I found that the PDO driver was working and then I found this setting and setting it in my php.ini fixed the issue. (I mention this as it would be worth putting into the documentation page on this issue, as I gave up on this last September and have only just come back to revisit it.)

Next up is pecl geoip 2 ...

@tsteur commented on February 10th 2020 Member

Thanks @rick-pri added this to https://matomo.org/faq/troubleshooting/#faq_194 seeing here this was disabled by default a while ago: https://www.php.net/manual/en/mysqli.configuration.php

Will also create a new issue to eventually try enable this automatically

Powered by GitHub Issue Mirror