[plug] MySQL for PostgreSQL users
Tim Bowden
tim.bowden at westnet.com.au
Sat Sep 20 01:03:54 WST 2008
Finally sorted (bloody typos). Thanks for all the assistance, it's been
appreciated.
The experience hasn't given me any more love for MySQL though. I'll
stick with PostgreSQL wherever possible.
Regards,
Tim
On Fri, 2008-09-19 at 22:38 +1000, Daniel Pittman wrote:
> Tim Bowden <tim.bowden at westnet.com.au> writes:
> > On Fri, 2008-09-19 at 14:52 +1000, Daniel Pittman wrote:
> >> Tim Bowden <tim.bowden at westnet.com.au> writes:
> >> > On Wed, 2008-09-17 at 13:44 +0800, Peter Wright wrote:
>
> [...]
>
> >> Oh, that sort of SNAFU is par for the course with MySQL; keep in mind
> >> that it will silently corrupt ^W modify data, such as truncating string
> >> input or transforming invalid string content into '0', in many cases.
> >
> > Are you serious? The data should *never* be silently changed (or
> > non-silently for that matter). If it can't do what's asked, it should
> > fail. Always.
>
> Absolutely, one hundred percent dead serious:
>
> http://article.gmane.org/gmane.comp.security.bugtraq/37529
>
> The paper is all about the way that MySQL truncates strings allowing the
> application and the database to have a different view of the meanings of
> the values.
>
>
> My classic gripe about it, of course, comes from the in-house timesheet
> application at a former place of work: it submitted the date as entered
> by the user direct in the SQL, no interpretation between.
>
> This means that any sort of typo in the input date resulted in
> '00-00-0000' stored in the database, with no warning or notification.
> That caused annoyance every time I had to go back and correct it.
>
> >> You can set an option, per connection, to ask MySQL to actually be
> >> standards complaint, which I advise. This makes many, but (IIRC) not
> >> all, of these evil, hateful things move from warnings[1] to errors.
> >
> > Correct and sane behaviour is an option? Bloody hell.
>
> Welcome to the world of MySQL. There are /good/ reasons why people talk
> about the PHP/MySQL stack as encouraging disastrously bad applications.
>
> http://dev.mysql.com/doc/refman/5.0/en/server-sql-mode.html
>
> Regards,
> Daniel
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
--
Experience is that marvelous thing that enables you recognize a mistake
when you make it again.
More information about the plug
mailing list