Ref T13238. See PHI1014. To attempt to defuse attacks based on "LOAD DATA INFILE LOCAL", set `MYSQLI_OPT_LOCAL_INFILE`. This option is documented as disabling local file loads.
This doesn't actually work for me: I can still "LOAD DATA INFILE LOCAL" with this option set. However, it probably can't hurt? I'll dig into this a bit more before I land this change, I suspect this option must work sometimes and maybe it's just detecting that my client and server are both the same host or something.
Separately, capture and raise errors from `mysqli->query()` which do not set the connection error code more accurately. Before this change, trying "LOAD DATA INFILE LOCAL" with "mysqli.allow_local_infile = 0" raised `Error #0: `.
Now, it raises `EXCEPTION: (AphrontQueryException) #777777: mysqli::query(): LOAD DATA LOCAL INFILE forbidden`.