Re: [Chicken-hackers] pastiche db drop

[Alaric Snell-Pym]

On 03/02/14 09:53, Christian Kellermann wrote:
> Hi there,
> 
> I have just dropped pastiche's database accidentally by omitting
> an equal sign during spam deletion.
> 
> That is:
> 
> delete from pastes where hash "6e4bc38a652603314074d80094b39197fee50ac2";

Bah! Why did the sql engine (sqlite?) not reject that as a syntax error?
I presume it interprted it as "delete from pastes where hash",
implicitly casting "hash" to a boolean-esque value, but what about the
big string literal following it?!?

(I used to sometimes have to reset passwords for users by typing "UPDATE
principals SET password='....', salt='...' WHERE username='bob'" into
the database; once, triumphant after successfully hashing a new password
with a salt and all that and pasting it in, I hit ENTER without
remembering to add the "WHERE username='bob'" bit, with *hilarious*
results. I ignored the "I can't login" phonecalls that started appearing
while I quickly grabbed the most recent backup and restored it, then
when that was done, I started answering the phone and saying "Oh... can
you try again? Oh, that worked now? Excellent!").

ABS

-- 
Alaric Snell-Pym
http://www.snell-pym.org.uk/alaric/

signature.asc
Description: OpenPGP digital signature