background preloader

MySQL

Facebook Twitter

Database design and CakePHP (Articles) Protecting your MySQL database from SQL injection attacks with GreenSQL. GreenSQL is designed to be used as a proxy for a MySQL database. Instead of connecting directly to your MySQL database, you Web site connects to GreenSQL. GreenSQL forwards legitimate SQL to the MySQL database and returns the results. If GreenSQL detects SQL that is not whitelisted and that includes nasty or suspicious SQL, it will block that SQL and return the empty result set without contacting the MySQL database.

For an idea of the SQL injection attacks that GreenSQL blocks, see the online demo page. GreenSQL is not in the distribution repositories for Fedora, openSUSE, or Ubuntu. Installation does not use autotools, and you have to set up things like configuration files, system users, MySQL configuration, log file setup, and /etc/init.d files manually. . $ tar xzf /... Once I had libevent-devel installed, I found that I needed to modify /usr/include/event.h to include sys/types.h in order to compile event code. vi /usr/include/event.h. . . . $ vi src/Makefile ... Greensql-fw-0.8.4]# cd . MySQL AB :: MySQL 5.0 Reference Manual. YvoSchaap.com - Easy Fuzzy Logic with MySql – T... As a web programmer I ran into the problem when running a complicated (user) search on Mysql that the results are too strict, and thus giving the well known error “no results found”.

While good (although not perfect) results exist! The problem When a traditional search query is initiated, sql queries are being generated in the terms of: User search: where tv_manufacturer=”sony” and tv_description =”%widescreen%” and tv_price < 1000; A user is asking for a Sony television AND that is widescreen AND less then 1000 dollar. This will show very accurate results. But limits the opportunities when (a best matching) TV is $1050. This query can be rewritten by replacing the AND with OR in the query, but by using OR we get inaccurate results because results will show any TV below 1000 dollar OR any Sony OR any widescreen - useless.

The good news is that we can solve this without having to ask a user the factual and nerdy: WIDESCREEN AND (SONY OR 1000 DOLLAR) – way to difficult. The solution: Sources: MySQL and BLOBs. MySQL and BLOBs(Page 1 of 6 ) I would recommend you begin by making sure you have the latest service pack for Visual Basic installed. Installing the service pack will ensure you have the latest version of ADO installed.

In a new (or existing) Visual Basic project, make sure that the most recent version of the Microsoft ActiveX Data Objects Library is checked in the references section of your project (Version 2.8 as of this writing). I will also assume that you have MySQL installed, as well as the latest version of MyODBC (currently 3.51.06). NOTE Version 3.51.03 or higher is required to avoid errors. MySQL Configuration Now that ADO is installed and referenced, we can use it to access a MySQL BLOB column. CREATE TABLE files(file_id SMALLINT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,file_name VARCHAR(64) NOT NULL,file_size MEDIUMINT UNSIGNED NOT NULL,file MEDIUMBLOB NOT NULL); While logged into MySQL, we should modify the max_allowed_packet system variable.

Optimizing MySQL: Queries and Indexes. You know the scene. The database is just too slow. Queries are queuing up, backlogs growing, users being refused connection. Management is ready to spend millions on "upgrading" to some other system, when the problem is really that MySQL is simply not being used properly. Badly defined or non-existent MySQL indexes are one of the primary reasons for poor performance, and fixing these can often lead to phenomenal improvements. Consider an extreme example: CREATE TABLE employee ( employee_number char(10) NOT NULL, firstname varchar(40), surname varchar(40), address text, tel_no varchar(25), salary int(11), overtime_rate int(10) NOT NULL); To find employee Fred Jone's salary(employee number 101832), you run: SELECT salary FROM employee WHERE employee_number = '101832'; MySQL has no clue where to find this record. A MySQL index is a separate file that is sorted, and contains only the field/s you're interested in sorting on.

For example: So what are all these things?