tyggerjai: (Default)
[personal profile] tyggerjai
One of the fields in the db user table is set to only accept certain values. I need to add an acceptable value, preferably without dropping the entire table and rebuilding it. Any hints? There's probably an alter command....
anarres: (Default)
[personal profile] anarres
In Dreamwidth you can interact with the database using Perl's DBI module, but with a few Dreamwidth-specific methods layered on top. I've been trying to figure out how to write new rows to a database table. After looking at some other Dreamwidth scripts to see how it's done, I wrote the following script (which doesn't work):

# -------------------- ~/dw/bin/dev/test.pl ----------------------------

use lib "$ENV{LJHOME}/cgi-bin";
require 'ljlib.pl';
use strict;
use warnings;

my $cart = {
authcode => 'blahblahblahblah',
userid => 12,
cartid => 33,

my $dbh = LJ::get_db_writer() or return undef;

q{INSERT INTO payments (userid, cartid) VALUES ( ?, ?)},
$cart->{userid}, $cart->{cartid}

die "Database error: " . $dbh->errstr . "\n" if $dbh->err;
# ---------------------------------------------------------------------

The question marks are SQL placeholders, which prevent SQL injection attacks.

When I ran this I got the error: 'DBI::db=HASH(0x426eff0)->do(...): attribute parameter '12' is not a hash ref at test.pl line 22.'

It seemed to be complaining that $cart->{userid} is not a hash ref. I had no idea why it would want a hash ref there, but I bemusedly decided to give it what it wanted, and replaced

$cart->{userid}, $cart->{cartid}


$cart, $cart

Running the script again gave an SQL error instead of a Perl error: 'Database error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 2'.

So it seems like giving it a hash ref is the right thing to do, but I'm giving it the wrong kind of hash ref. I'm completely confused: what's the right syntax for inserting a row into the database?
pauamma: Cartooney crab holding drink (Default)
[personal profile] pauamma
This is a good cover of common programming (or program design) mistakes that can cause security problems: http://www.smashingmagazine.com/2010/01/14/web-security-primer-are-you-part-of-the-problem/ (it uses PHP in its examples, but you should be able to get the gist of it even if you're not familiar with the language)
kareila: "Mom, I'm hungry." "Hush, I'm coding. You ate yesterday." (coding)
[personal profile] kareila
[staff profile] denise sez:

I'd really like to see someone's thought processes while implementing something big/major that relies on working with DB stuff: what's the best practice bits that we just won't think about because we don't know enough? What sort of stuff should we do just because that's the best way to do it? Etc.

I am not a professional database designer, but I've read a few books and learned my way around MySQL, so I'll try to share my thoughts by way of the spec I've implemented for Bug 215: Implement v-gifts. Fair warning: although that spec has benefited from one round of peer review, it hasn't been approved yet, so it might will change again.

Read more... )


Jul. 29th, 2009 12:43 pm
aphenine: Teresa and Claire (Default)
[personal profile] aphenine
Hello everybody!

I got a dreamhack account a few days ago and I'm trying to get my head around the Dreamwidth code base, in the hopes that I can contribute something. I just thought I'd introduce myself. I was also going to ask a question, but someone lovely and unexpectedly answered it on LJ. *grin*

I've never coded in Perl before, so it's a bit of a learning curve for me. However, I have web coded in PHP before and I've used MySQL before and I have also used *Nix environments before, so I'm not starting totally from scratch.

I think the dominant reason I signed up for a dreamhack account was that I kept looking at DW and thinking "if it was simple, I could change that". In the end, my curiosity got the better of me and I just had to find out if it really was simple or not. Since then, I've been far too amused sitting in the MySQL console pulling up a test comment and post directly from the database. SELECT * FROM logtext2; has not lost its power to make me squee for the last few minutes. But, a question. No, two questions. Why log for posts? And why talk for comments?

So far the only thing I've really contributed is an entry in the Dreamhack wiki giving an overview of some of the database tables. It's found here. It was in the wanted list and I thought, hey, what the hell.


dw_dev_training: The stylised 'd', with the word 'dev' above, and the word 'training' at the side, representing the dw_dev_training comm. (Default)
Dreamwidth Development Training

January 2017

151617 18192021


RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Oct. 20th, 2017 10:44 am
Powered by Dreamwidth Studios