IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New I strongly hope he doesn't do that.
There are people who are UCQ for a reason. Direct SQL access defeats that reason.

Do you want someone to write a query that returns anyone's password? Thought not.

Also it would be easy for a drive-by poster to generate huge queries that would be hard on the system. I wouldn't like that either.

Exposing SQL access is easy, but it is a very, very bad idea.

Cheers,
Ben
a very rich person should leave his kids enough to do anything but not enough to do nothing. -- Warren Buffett
New Can't expose the Password.
All you'd get is encrypted stuff if you did get it. And its (from what I know and see) pretty good encryption.

So good in fact, if the password is changed by some other than the owner... bye bye username.

But I'd agree SOME kind of extensible search, sort of the way ebay does it would be vera nice.
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
Freedom is not FREE.
Yeah, but 10s of Trillions of US Dollars?
SELECT * FROM scog WHERE ethics > 0;

0 rows returned.
New It's just 'crypt'
Pretty easy to crack, actually.
Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."
New Actually, it's such a bad idea...
... that I wasn't even going to respond. But thanks. ;-)

I could, of course, restrict things to the WHERE clause, but even that is dicey given that things like forum ID and so forth require joins to obtain. Additionally, SQL isn't the whole picture: the fulltext index columns are separate from the actual content columns, and have their own query "language" specific to PostgreSQL's tsearch functionality.

If I were to add such a thing, I'd probably name it the "EasyBake SQL Injection Box[tm]".
Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."
New You knew I knew that, right?
I know Ben's sarcasm detector is on the fritz this week. Wanted to make sure my emitter wasn't similarly afflicted.
===

Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats].
[link|http://DocHope.com|http://DocHope.com]
New I was kinda hoping it would stand on its own...
But since Ben came along, well, that somewhat dissected the frog, non?
Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."
New Frog legs at the Bash?
Hmm, could have sworn Andrew posted a recipe before. Can't find it now, though.
===

Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats].
[link|http://DocHope.com|http://DocHope.com]
     Request for enhanced search for next version. - (Another Scott) - (8)
         Oh SQL's easy - (drewk) - (7)
             I strongly hope he doesn't do that. - (ben_tilly) - (6)
                 Can't expose the Password. - (folkert) - (1)
                     It's just 'crypt' - (admin)
                 Actually, it's such a bad idea... - (admin) - (3)
                     You knew I knew that, right? - (drewk) - (2)
                         I was kinda hoping it would stand on its own... - (admin) - (1)
                             Frog legs at the Bash? - (drewk)

You're never too old to say "horses" when you drive past some horses.
82 ms