From: Joe Presbrey Date: Mon, 9 Apr 2007 23:58:01 +0000 (+0000) Subject: signup: lower minimum UIDs X-Git-Url: http://andersk.mit.edu/gitweb/sql-web.git/commitdiff_plain/70776defb3b3849f7c82e63306483dfb4dbbf7a5 signup: lower minimum UIDs setup: note to change passwords in .my.cnf dbaccess, security, joe: typing bug git-svn-id: svn://presbrey.mit.edu/sql/web/main@125 a142d4bd-2cfb-0310-9673-cb33a7e74f58 --- diff --git a/batch/php.ini b/batch/php.ini new file mode 120000 index 0000000..9fc31db --- /dev/null +++ b/batch/php.ini @@ -0,0 +1 @@ +../php.ini \ No newline at end of file diff --git a/batch/signup.php b/batch/signup.php index edfde59..5004129 100755 --- a/batch/signup.php +++ b/batch/signup.php @@ -19,7 +19,7 @@ if (count($hesinfo)>=4) { $myEmail = $myUsername.'@mit.edu'; $myPassword = substr(md5(uniqid()),0,8); -if ($myUID<1000) exit('bad UID'); +if ($myUID<100) exit('bad UID'); $Login = new Login($myUsername); if (!$Login->exists() && !empty($myUsername)) { diff --git a/bin/php.ini b/bin/php.ini new file mode 120000 index 0000000..1d5ae9c --- /dev/null +++ b/bin/php.ini @@ -0,0 +1 @@ +/afs/athena.mit.edu/contrib/sql/web_scripts/main/php.ini \ No newline at end of file diff --git a/contrib/php.ini b/contrib/php.ini new file mode 120000 index 0000000..1d5ae9c --- /dev/null +++ b/contrib/php.ini @@ -0,0 +1 @@ +/afs/athena.mit.edu/contrib/sql/web_scripts/main/php.ini \ No newline at end of file diff --git a/cron/checkProcesses.php b/cron/checkProcesses.php index a33e969..d927e58 100755 --- a/cron/checkProcesses.php +++ b/cron/checkProcesses.php @@ -5,7 +5,7 @@ require_once('mitsql.cfg.php'); require_once('mitsql.lib.php'); isOffline() && exit; -define('MAX_PROC_TIME', 10); +define('MAX_PROC_TIME', 30); $baddbs = $badusers = $bad = array(); $result = mysql_query('SHOW FULL PROCESSLIST'); @@ -18,12 +18,13 @@ while ($row = mysql_fetch_assoc($result)){ } mysql_free_result($result); +print_r($bad); foreach($bad as $badproc) { $mailtos = $mailnames = array(); $baddb = mysql_escape_string($badproc['db']); + if (empty($baddb)) continue; $badtime = $badproc['Time']; $badquery = $badproc['Info']; - if (empty($baddb)) continue; $sql = "SELECT User.UserId,User.Name,User.Email FROM `User` NATURAL JOIN DBOwner @@ -35,10 +36,13 @@ foreach($bad as $badproc) { $mailtos[] = $addy['Email']; $mailnames[] = $addy['Name']; } - if (empty($mailtos)) continue; + if (empty($mailtos)) { + echo "No email found for $baddb\n"; + continue; + } $mailto = implode(', ',$mailtos); $mailname = implode(', ',$mailnames); - $mailsubj = "[sql] Slow Query on $baddb"; + $mailsubj = "[sql.mit.edu] Slow Query on $baddb"; $mailbody = "Dear $mailname: A slow query was found on your database: $baddb @@ -49,7 +53,9 @@ been appended to this message for your records. Please optimize your queries to avoid having your queries killed in the future. If you have any questions, please contact sql@mit.edu. -This SQL Service is available at sql.mit.edu. +The SQL Service +Email: +Web: http://sql.mit.edu/ --------------------------------------------------------------------------- diff --git a/cron/php.ini b/cron/php.ini new file mode 120000 index 0000000..9fc31db --- /dev/null +++ b/cron/php.ini @@ -0,0 +1 @@ +../php.ini \ No newline at end of file diff --git a/lib/dbaccess.lib.php b/lib/dbaccess.lib.php index 883e138..7fcf65a 100644 --- a/lib/dbaccess.lib.php +++ b/lib/dbaccess.lib.php @@ -12,7 +12,7 @@ function checkQuotas($userId=null) { } else { if (is_array($userId)) { $sql_userId = sprintf("UserId IN ('%s')", implode("','",array_map('mysql_escape_string',$userId))); - } elseif (is_numeric($userId)) { + } elseif ((string)intval($userId)===(string)$userId) { $sql_userId = sprintf("UserId = '%s'", mysql_escape_string($userId)); } else { die('userId parameter error in checkQuotas'); diff --git a/lib/joe/util.lib.php b/lib/joe/util.lib.php index dd7be0a..80321c7 100644 --- a/lib/joe/util.lib.php +++ b/lib/joe/util.lib.php @@ -83,7 +83,7 @@ function fetchRows($rs, $key = null) { while ($r = mysql_fetch_assoc($rs)) { $arr[] = $r; } - } elseif (is_numeric($key)) { + } elseif ((string)intval($key)===(string)$key) { while ($r = mysql_fetch_row($rs)) { $arr[$r[$key]] = $r; } diff --git a/lib/php.ini b/lib/php.ini new file mode 120000 index 0000000..1d5ae9c --- /dev/null +++ b/lib/php.ini @@ -0,0 +1 @@ +/afs/athena.mit.edu/contrib/sql/web_scripts/main/php.ini \ No newline at end of file diff --git a/lib/security.lib.php b/lib/security.lib.php index bb32be6..98fdd51 100644 --- a/lib/security.lib.php +++ b/lib/security.lib.php @@ -12,7 +12,7 @@ class Login { if (empty($u)) return; $this->u = $u; $this->p = $p; - if (is_numeric($u)) { + if ((string)intval($u)===(string)$u) { $this->id = $u; $opt = sprintf(" Username = '%s' OR UserId = '%s'", mysql_escape_string($u), mysql_escape_string($u)); } else { diff --git a/tpl/php.ini b/tpl/php.ini new file mode 120000 index 0000000..1d5ae9c --- /dev/null +++ b/tpl/php.ini @@ -0,0 +1 @@ +/afs/athena.mit.edu/contrib/sql/web_scripts/main/php.ini \ No newline at end of file diff --git a/tpl/setup.php b/tpl/setup.php index 284a69a..f821573 100755 --- a/tpl/setup.php +++ b/tpl/setup.php @@ -9,7 +9,6 @@ Your MySQL password should be different from your Athena account password.
-

+
+
+Note: you need to also update your .my.cnf file on Athena if you want to use SIPB scripts auto-installers or access the MySQL service from the command-line.