| Author |
Re: [PHP-DOC] #28519 [NEW]: TASK: identify orphan user notes and mass assign
|
|
| Jakub Vrana 2004-05-26, 7:32 am |
| First step is attached. I checked the notes distribution system and this
should not harm it.
Second step will be the mass processing - checking for orphans and
mass changing of IDs.
Jakub Vrana
| |
| Jakub Vrana 2004-05-26, 9:35 am |
| Is there a list of existing IDs somewhere or should I extract them from
manual sources?
Jakub Vrana
| |
| Nuno Lopes 2004-05-26, 4:33 pm |
| > Seems like Nuno already completed this part. Would have been better if
> he would have noted he works on this, so duplicate work would not be
> possible (not that there was duplicate work in this case).
Sorry here, but I wasn't planning on working this, but as it was simple to
do...
> Now it would
> be nice if the person who gets on implementing the mass manual ID
> reassigment in manage/user-notes.php would speak out, so no more than
> one guy would be involved with this.
> Goba
What do we need to do here?
Do you want a program to go to the master server, so that you type the old
ID and a new one, and it will automatically copy the notes?
How the notes are stored? Is it in a mysql table??
Nuno
| |
| Jakub Vrana 2004-05-26, 6:32 pm |
| > Jakub probably already has better experience with this, since he
> provided patches for php-master-web before. The code is in=20
> php-master-web/manage/user-notes.php, and that should be extended to
> offer an option to mass modify manual IDs (or sections are they are store=
d).
> UPDATE notes SET section =3D %newsection WHERE section =3D %oldsection
> should be parameterized from the web interface (with appropriate table
> and column names of course :).
I will take care of this.
Nuno, thanks for the script. It can be run locally and there will be
only mass reassignment part on the server. My original idea was to
have both parts on the server but it would be a bit harder as the list
of IDs has to be readable on master.php.net somehow.
Jakub Vrana
| |
| Nuno Lopes 2004-05-28, 12:37 pm |
| > Nuno, thanks for the script. It can be run locally and there will be
> only mass reassignment part on the server. My original idea was to
> have both parts on the server but it would be a bit harder as the list
> of IDs has to be readable on master.php.net somehow.
>
> Jakub Vrana
I think the most simpler ways to get the manual ID are:
* use the first part of my program (need a phpweb/manual/en rsync) (much
faster option)
* use a livedocs DB (need phpdoc checkout)
Then do a select on the notes db and check for non-valid IDs and do a
foreach{} to print a html form to allow us to change the IDs.
Jakub, if you need some help, just mail me!
Nuno
| |
| Jakub Vrana 2004-05-28, 12:37 pm |
| Here is the second step. It is the form to mass change sections of
notes. I think that moving Nuno's script to the server is not necessary.
It can be easily run locally and through the web interface only changes
can be done.
> Then do a select on the notes db and check for non-valid IDs and do a
> foreach{} to print a html form to allow us to change the IDs.
The interface should be more universal to allow changes of notes in e.g.
split sections.
Jakub Vrana
| |
| Nuno Lopes 2004-05-28, 1:34 pm |
| > Here is the second step. It is the form to mass change sections of
> notes. I think that moving Nuno's script to the server is not necessary.
> It can be easily run locally and through the web interface only changes
> can be done.
>
> Jakub Vrana
It seems good to me!
And what about a mail to the notes mailling list? I think that would be good
if the notes ML received a mail saying that the note with id xxx, and with
text "blah blah blah" has been moved to $newid.
Nuno
P.S.: How many time takes the master server to update the php-master-web
checkout? The latest Jakub's changes aren't on-line, are they?
| |
| Jakub Vrana 2004-05-28, 2:34 pm |
| Gabor Hojtsy wrote:
> It should have been updated already, but it has not done so, as it
> seems... I don't know what might be the problem.
There was some DNS change. Cannot be this caused by it?
Jakub Vrana
| |
| Jakub Vrana 2004-06-02, 4:32 am |
| Gabor Hojtsy wrote:
> Then still I am conserned about the vulnerability of this code against
> SQL injection in case magic_quotes is turned off, but AFAIK some other
> code in the master module also relies on that setting. I would like to
> ask the system guys first if we still should rely on it?
Relying on magic_quotes is not the biggest problem. E.g. this line makes
me scared:
> DELETE FROM note WHERE id=3D$id
Jakub Vrana
| |
| Jakub Vrana 2004-06-11, 8:56 am |
| Gabor Hojtsy wrote:
> Well, how should I interpret this? How can we move forward?
I wrote my code in the style of rest of the file. I think you can commit
it and nothing will brake. Then I (or someone else) can fix the file to
not rely on register_globals and good intentions of all users with CVS
account ;-).
Jakub Vrana
| |
| Jakub Vrana 2004-06-25, 6:45 pm |
| Gabor Hojtsy wrote:
> Jakub, I have committed your patch. It would be good if you could review
> your code and fix the same errors you have fixed in the previous
> magic_quotes/register_globals patch - since you submitted this patch
> before the cleanup.
Here it is.
Jakub Vrana
|
|
|
|