When you use a remote MySQL server and can't get FILE privilege, i.e. AWS RDS, you need LOAD DATA LOCAL INFILE capability. For some reason that was an issue in PHP when
safe_mode were enabled and their workaround was to just disable it. However it's been fixed since last year, for PHP version
5.6.17 and above and when
mysqlnd is used. See the fix here: https://github.com/php/php-src/commit/be6fd4ba89e151b68ddd68e53d6a403c2e8eb862
There is a similar workaround in Piwik codebase (see https://github.com/piwik/piwik/blob/9243b9a7b6fae8237596f76cda1fe8b6816463af/core/Db/BatchInsert.php#L193). I think that should be removed, perhaps conditionally for PHP 5.6.17+.
safe_mode are not the ultimate security measures but still, it would be good to enable them and have
System Check pages on Piwik all-green as well as LOAD DATA LOCAL INFILE working as it should.
@KaanErturk Sounds good to make the code in https://github.com/piwik/piwik/blob/9243b9a7b6fae8237596f76cda1fe8b6816463af/core/Db/BatchInsert.php#L193 conditional to PHP 5.6.17+. Did you check it works with safe mode and/or open basedir?
Pull request welcome :+1:
Hi @KaanErturk any chance you could create a Pull request for this issue? Would be very appreciated!
It has been over a year since KaanErturk wrote his comment about this issue and I can see that the problem with open_basedir and LOAD DATA LOCAL INFILE still persists.
Is there any hope that piwik might finally change its behavior as per KaanErtuk's suggestion?
I can see that there was an attempt to rectify this issue here https://github.com/matomo-org/matomo/commit/93a363ce7b5dd284b9d463e39442c2da0211b200
However, if safe_mode is on this will disable INFILE_LOCAL. I'm not sure that this should be the case. Anyway, I still get the message about this. I eventually found the issue. Basically I had to set
mysqli.allow_local_infile = On in my
php.ini file. I found this by accident, I found that the PDO driver was working and then I found this setting and setting it in my php.ini fixed the issue. (I mention this as it would be worth putting into the documentation page on this issue, as I gave up on this last September and have only just come back to revisit it.)
Next up is pecl geoip 2 ...
Thanks @rick-pri added this to https://matomo.org/faq/troubleshooting/#faq_194 seeing here this was disabled by default a while ago: https://www.php.net/manual/en/mysqli.configuration.php
Will also create a new issue to eventually try enable this automatically