More DBI stuff

Bradley Baetz bbaetz at student.usyd.edu.au
Tue Sep 3 01:29:02 UTC 2002 

There are a couple of problems with the DBI stuff.

a) Theres no generic pre/post hook. This means that:
   - modifications cna't be done using placeholders, because we don't then 
have the right data for the shadowlog
   - sqllog won't log placeholders.

The DBI wasn't really meant for doing this at the level we are, and since 
we plan on moving to replication (which I will do RSN) this will cease 
to be a problem.

So I think I will remove our sqllog functionality, in favour of DBI's 
trace stuff.

b) taint checking is probably going to change:

Placeholders also have an advantage wrt taint checking. Currently, we
sqlquote all strings, which detaints them. Using placeholders, we pass the
unquoted version in, and let DBI handle quoting. _However_, this means
that the actual values must be detainted. I consider this to be a good
thing, since we really should be doing length-style checks on stuff before
inserting, and the few places like get_product_id which we have to
validate input can just always trick_taint. If we have the rule that $vars
don't appear in sql statements, ever, then there isn't a risk of inserting
a string which has been trick_tainted, but not sqlquoted.

(For this, we also need my patches to DBI, which will probably be accepted 
when the author gets back from vacation next week)

There is no speed penalty with placeholders which I can measure; trying
10000 times with the Benchmark module showed each one in front a roughly
equal % of the time. I suspect that the overhead of scanning a string for
? characters in C is minimal.

I had converted attachment.cgi over to the new scheme (as an example), 
although myk has rewritten that. Oh well....

Anyway, my plan is now:
  - Make Bugzilla::DBI work
  - Add support for replication
  - Drop shadowdb support
  - Convert existing cgi's over to the DBI syntax

myk: There will be a short transition period, but I'd prefer to kill the 
shadowdb before 2.18. You mentioned that bmo was going to be updated after 
request tracker went in; if I get replication support working by then, 
would you be willing to move to that at some point before the update after 
that (so that I could remove support right after the update)

Bradley

More information about the developers mailing list