This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Subject: [Slashcode] MySQL 3.23.x and de-hardwiring Anonymous Coward
From: Declan McCullagh <lists@politechbot.com>
Date: Thu, 21 Sep 2000 15:12:48 -0400
Chris Nandor (pudge@pobox.com) wrote on Mon, 21 Aug 2000 16:57:07 -0400:
>As mentioned several times on this list and on the web site, MySQL 3.23 is
>NOT compatible with Slash yet. It will fail. Don't use it. It's not a
>matter of being in beta, it is a matter of incompatible changes to the
>database (most notably the fact that autoincrement fields cannot have
>negative values in them, but Slash relies on the uid, which is an
>autoincrement field, for anonymous users being -1).
I'm using MySQL 3.23.X because of some of the new features. I came across
the above-mentioned problem yesterday, and it appears to be a bug in MySQL.
Going through the change lists in the newest version of MySQL, it does not
appear to have been fixed.
So I have a few options:
* Give up the 3.23.X features and just deal.
* Fix the bug in MySQL myself (ick).
* Change Slash -- apparently just users.pl -- to use UID "0" or "1" for
Anonymous Coward instead of "-1". This seems to be an easy fix, based on a
quick glance at the code.
So two questions:
* Will changing from -1 to 1 break anything anywhere else?
* Are there any other serious MySQL 3.23.X interaction problems with Slash
1.0.8 that I need to know about, besides the dump problem?
===
Subject: Re: [Slashcode] MySQL 3.23.x and de-hardwiring Anonymous Coward
From: Chris Nandor <pudge@pobox.com>
Date: Thu, 21 Sep 2000 15:57:15 -0400
At 15:12 -0400 2000.09.21, Declan McCullagh wrote:
>Chris Nandor (pudge@pobox.com) wrote on Mon, 21 Aug 2000 16:57:07 -0400:
>>As mentioned several times on this list and on the web site, MySQL 3.23 is
>>NOT compatible with Slash yet. It will fail. Don't use it. It's not a
>>matter of being in beta, it is a matter of incompatible changes to the
>>database (most notably the fact that autoincrement fields cannot have
>>negative values in them, but Slash relies on the uid, which is an
>>autoincrement field, for anonymous users being -1).
>
>I'm using MySQL 3.23.X because of some of the new features. I came across
>the above-mentioned problem yesterday, and it appears to be a bug in MySQL.
>Going through the change lists in the newest version of MySQL, it does not
>appear to have been fixed.
I thought it was a design decision in MySQL 3.23.
>* Change Slash -- apparently just users.pl -- to use UID "0" or "1" for
>Anonymous Coward instead of "-1". This seems to be an easy fix, based on a
>quick glance at the code.
There are a lot of places where we check to see if uid < 0 etc. It is not
"hard" to fix, it takes awhile, though.
>* Are there any other serious MySQL 3.23.X interaction problems with Slash
>1.0.8 that I need to know about, besides the dump problem?
I dunno. I do know that this is fixed in bender (the development branch of
Slash) where you can set anonymous coward's uid to anything.
===
Subject: Re: [Slashcode] MySQL 3.23.x and de-hardwiring Anonymous Coward
From: Steve Linberg <steve@silicon-goblin.com>
Date: Thu, 21 Sep 2000 16:56:00 -0400
At 3:57 PM -0400 9/21/00, Chris Nandor wrote:
>There are a lot of places where we check to see if uid < 0 etc. It is not
>"hard" to fix, it takes awhile, though.
I'd be really interested in seeing this done; I'm about to go online
with a colo box and I need to run MySQL 3.23, and plan to run a
couple of slash sites too. Right at the moment I'm pretty tied up
securing my box against the 1337 h4X0R 5kr1p7 k1|)|)135 who will hit
it with their rootkits the momennt it appears online, but next week
I'd have some time to help out if anyone wants to head the effort up.
Is hard-coding it to something else the best way to do it?
===
Subject: Re: [Slashcode] MySQL 3.23.x and de-hardwiring Anonymous Coward
From: Chris Nandor <pudge@pobox.com>
Date: Thu, 21 Sep 2000 17:02:06 -0400
At 16:56 -0400 2000.09.21, Steve Linberg wrote:
>At 3:57 PM -0400 9/21/00, Chris Nandor wrote:
>
>>There are a lot of places where we check to see if uid < 0 etc. It is not
>>"hard" to fix, it takes awhile, though.
>
>I'd be really interested in seeing this done; I'm about to go online
>with a colo box and I need to run MySQL 3.23, and plan to run a
>couple of slash sites too. Right at the moment I'm pretty tied up
>securing my box against the 1337 h4X0R 5kr1p7 k1|)|)135 who will hit
>it with their rootkits the momennt it appears online, but next week
>I'd have some time to help out if anyone wants to head the effort up.
>
>Is hard-coding it to something else the best way to do it?
It depends on your needs.
I've said this before, and am going to say it again in case some of you
don't know: we are working on bender, and all development, except for major
bugfixes or trivial changes, has stopped on the main branch. We may resume
development on it again after we get bender to a certain point, but we need
to focus on bender (and this is also why updates to slashcode.com have been
very few and far between, we've been busy coding).
So anyway if we were going to do it in the main branch, we would make it a
variable, as we did in bender. Make "anonymous_coward_uid" in
slashdotrc.pl, and every time uid is compared to 1, -1, 0, etc., change it
to be $uid == $I{anonymous_coward_uid} or $uid != $I{anonymous_coward_uid}
or whatever.
It isn't too hard, just time consuming to make sure you get them all.
===