| | 10 | mysql_connect takes only the parameters (host, user, password) and returns the connection resource. |
| | 11 | ==== mysqli_connect === |
| | 12 | For this function requires a few more parameters. Our currently functional implementation looks like this: |
| | 13 | {{{ |
| | 14 | $flags = 0; |
| | 15 | $flags = MYSQL_CLIENT_SSL; |
| | 16 | $sql = mysqli_init(); |
| | 17 | if (!($sql->options(MYSQLI_READ_DEFAULT_FILE, '/root/horror/my.cnf'))) |
| | 18 | printf("failed to set the default file (MYSQLI_READ_DEFAULT_FILE: %d)\n", MYSQLI_READ_DEFAULT_FILE); |
| | 19 | if (!($sql->options(MYSQLI_READ_DEFAULT_GROUP, 'red'))) |
| | 20 | printf("failed to set the group for the default file (MYSQLI_READ_DEFAULT_GROUP: %d)\n", MYSQLI_READ_DEFAULT_GROUP); |
| | 21 | if (!($sql->real_connect($db_host,$db_user,$db_pass, $db_name))) { |
| | 22 | printf("failed to really connect\n"); |
| | 23 | } |
| | 24 | }}} |
| | 25 | ===== Notable changes ===== |
| | 26 | * $flags = MYSQL_CLIENT_SSL; |
| | 27 | * This flag ensures the client is connection via ssl. |
| | 28 | * $sql->options(MYSQLI_READ_DEFAULT_FILE, '/root/horror/my.cnf') |
| | 29 | * Here we add a new set of options in a custom my.cnf file, probably stored in /user/local/etc/red/my.cnf. The configured options are: |
| | 30 | {{{ |
| | 31 | [red] |
| | 32 | ssl=true |
| | 33 | ssl-ca=/etc/mysql/red-cert.pem |
| | 34 | ssl-verify-server-cert=true |
| | 35 | }}} |
| | 36 | * where `red-cert.pem` is the mysql ca certificate, which will need to be stored on all MOSHes and on hay. |
| | 37 | * $sql->options(MYSQLI_READ_DEFAULT_GROUP, 'red') |
| | 38 | * This simply says, "Read from the my.cnf group `red`. |
| | 39 | * $sql->real_connect($db_host,$db_user,$db_pass, $db_name) |
| | 40 | * This makes the mysql connection. |
