diff options
-rw-r--r-- | application/config/database.php | 7 | ||||
-rw-r--r-- | system/database/drivers/mysqli/mysqli_driver.php | 76 | ||||
-rw-r--r-- | user_guide_src/source/database/configuration.rst | 35 |
3 files changed, 22 insertions, 96 deletions
diff --git a/application/config/database.php b/application/config/database.php index 26353cfb2..7baab3fd5 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -86,12 +86,7 @@ $db['default'] = array( 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '', + 'ssl_options' => array(), 'failover' => array(), 'save_queries' => TRUE ); diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 26b2a8a09..61a37bd03 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -60,21 +60,6 @@ class CI_DB_mysqli_driver extends CI_DB { public $dbdriver = 'mysqli'; /** - * Database options list - * - * Used to set various database options and values. - * - * @example http://php.net/manual/en/mysqli.options.php Allows to set options not built-in/handled by CI. - * - * <code> - * array( MYSQLI_OPT_SSL_VERIFY_SERVER_CERT => true ); - * </code> - * - * @var array - */ - public $db_options = array(); - - /** * Compression flag * * @var bool @@ -102,49 +87,19 @@ class CI_DB_mysqli_driver extends CI_DB { public $stricton = FALSE; /** - * The path name to the key file. + * Used to set various SSL options that can be used when making SSL connections. * * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi * - * @var string - */ - public $ssl_key = ''; - - /** - * The path name to the certificate file. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var string - */ - public $ssl_cert = ''; - - /** - * The path name to the certificate authority file. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var string - */ - public $ssl_ca = ''; - - /** - * The pathname to a directory that contains trusted SSL CA certificates in PEM format. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var string - */ - public $ssl_capath = ''; - - /** - * A list of allowable ciphers to use for SSL encryption. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var string + * @var array */ - public $ssl_cipher = ''; + public $ssl_options = array( + "ssl_key" => '', // The path name to the key file. + "ssl_cert" => '', // The path name to the certificate file. + "ssl_ca" => '', // The path name to the certificate authority file. + "ssl_capath" => '', // The pathname to a directory that contains trusted SSL CA certificates in PEM format. + "ssl_cipher" => '' // A list of allowable ciphers to use for SSL encryption. + ); // -------------------------------------------------------------------- @@ -192,14 +147,15 @@ class CI_DB_mysqli_driver extends CI_DB { $mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode="STRICT_ALL_TABLES"'); } - foreach ($this->db_options AS $key => $value) - { - $mysqli->options($key, $value); - } - if ($this->encrypt === TRUE) { - $mysqli->ssl_set($this->ssl_key, $this->ssl_cert, $this->ssl_ca, $this->ssl_capath, $this->ssl_cipher); + $ssl_key = array_key_exists('ssl_key', $this->ssl_options) ? $this->ssl_options['ssl_key'] : ''; + $ssl_cert = array_key_exists('ssl_cert', $this->ssl_options) ? $this->ssl_options['ssl_cert'] : ''; + $ssl_ca = array_key_exists('ssl_ca', $this->ssl_options) ? $this->ssl_options['ssl_ca'] : ''; + $ssl_capath = array_key_exists('ssl_capath', $this->ssl_options) ? $this->ssl_options['ssl_capath'] : ''; + $ssl_cipher = array_key_exists('ssl_cipher', $this->ssl_options) ? $this->ssl_options['ssl_cipher'] : ''; + + $mysqli->ssl_set($ssl_key, $ssl_cert, $ssl_ca, $ssl_capath, $ssl_cipher); $client_flags |= MYSQLI_CLIENT_SSL; } diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 510037dba..6f1726ef6 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -30,12 +30,7 @@ prototype:: 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '', + 'ssl_options' => array(), 'failover' => array() ); @@ -78,12 +73,7 @@ These failovers can be specified by setting the failover for a connection like t 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '' + 'ssl_options' => array() ), array( 'hostname' => 'localhost2', @@ -102,12 +92,7 @@ These failovers can be specified by setting the failover for a connection like t 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '' + 'ssl_options' => array() ) ); @@ -138,12 +123,7 @@ example, to set up a "test" environment you would do this:: 'compress' => FALSE, 'encrypt' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '', + 'ssl_options' => array(), 'failover' => array() ); @@ -211,12 +191,7 @@ Explanation of Values: $db['default']['port'] = 5432; -**db_options** Used to set various database connections options and values. (MySQLi only) -**ssl_key** The path name to the key file. (MySQLi only) -**ssl_cert** The path name to the certificate file. (MySQLi only) -**ssl_ca** The path name to the certificate authority file. (MySQLi only) -**ssl_capath** The pathname to a directory that contains trusted SSL CA certificates in PEM format. (MySQLi only) -**ssl_cipher** A list of allowable ciphers to use for SSL encryption. (MySQLi only) +**ssl_options** Used to set various SSL connection options and values. ====================== ================================================================================================== .. note:: Depending on what database platform you are using (MySQL, PostgreSQL, |