| 10 | mysql_connect takes only the parameters (host, user, password) and returns the connection resource. |
| 11 | ==== mysqli_connect === |
| 12 | For this function requires a few more parameters. Our currently functional implementation looks like this: |
| 13 | {{{ |
| 14 | $flags = 0; |
| 15 | $flags = MYSQL_CLIENT_SSL; |
| 16 | $sql = mysqli_init(); |
| 17 | if (!($sql->options(MYSQLI_READ_DEFAULT_FILE, '/root/horror/my.cnf'))) |
| 18 | printf("failed to set the default file (MYSQLI_READ_DEFAULT_FILE: %d)\n", MYSQLI_READ_DEFAULT_FILE); |
| 19 | if (!($sql->options(MYSQLI_READ_DEFAULT_GROUP, 'red'))) |
| 20 | printf("failed to set the group for the default file (MYSQLI_READ_DEFAULT_GROUP: %d)\n", MYSQLI_READ_DEFAULT_GROUP); |
| 21 | if (!($sql->real_connect($db_host,$db_user,$db_pass, $db_name))) { |
| 22 | printf("failed to really connect\n"); |
| 23 | } |
| 24 | }}} |
| 25 | ===== Notable changes ===== |
| 26 | * $flags = MYSQL_CLIENT_SSL; |
| 27 | * This flag ensures the client is connection via ssl. |
| 28 | * $sql->options(MYSQLI_READ_DEFAULT_FILE, '/root/horror/my.cnf') |
| 29 | * Here we add a new set of options in a custom my.cnf file, probably stored in /user/local/etc/red/my.cnf. The configured options are: |
| 30 | {{{ |
| 31 | [red] |
| 32 | ssl=true |
| 33 | ssl-ca=/etc/mysql/red-cert.pem |
| 34 | ssl-verify-server-cert=true |
| 35 | }}} |
| 36 | * where `red-cert.pem` is the mysql ca certificate, which will need to be stored on all MOSHes and on hay. |
| 37 | * $sql->options(MYSQLI_READ_DEFAULT_GROUP, 'red') |
| 38 | * This simply says, "Read from the my.cnf group `red`. |
| 39 | * $sql->real_connect($db_host,$db_user,$db_pass, $db_name) |
| 40 | * This makes the mysql connection. |