[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-hackers] pastiche db drop
From: |
Alaric Snell-Pym |
Subject: |
Re: [Chicken-hackers] pastiche db drop |
Date: |
Mon, 03 Feb 2014 11:48:29 +0000 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130713 Thunderbird/17.0.7 |
On 03/02/14 09:53, Christian Kellermann wrote:
> Hi there,
>
> I have just dropped pastiche's database accidentally by omitting
> an equal sign during spam deletion.
>
> That is:
>
> delete from pastes where hash "6e4bc38a652603314074d80094b39197fee50ac2";
Bah! Why did the sql engine (sqlite?) not reject that as a syntax error?
I presume it interprted it as "delete from pastes where hash",
implicitly casting "hash" to a boolean-esque value, but what about the
big string literal following it?!?
(I used to sometimes have to reset passwords for users by typing "UPDATE
principals SET password='....', salt='...' WHERE username='bob'" into
the database; once, triumphant after successfully hashing a new password
with a salt and all that and pasting it in, I hit ENTER without
remembering to add the "WHERE username='bob'" bit, with *hilarious*
results. I ignored the "I can't login" phonecalls that started appearing
while I quickly grabbed the most recent backup and restored it, then
when that was done, I started answering the phone and saying "Oh... can
you try again? Oh, that worked now? Excellent!").
ABS
--
Alaric Snell-Pym
http://www.snell-pym.org.uk/alaric/
signature.asc
Description: OpenPGP digital signature