'– – Josh

Author Archive

How to be mean to developers

by on Sep.03, 2010, under PostgreSQL

Maybe you work at one of those large corporations that has a dedicated DBA staff, separate from the development team.  Or maybe you’re lucky and just get to read about it on thedailywtf.com.  But you’ve probably seen battles between database folk and the developers that “just what a table with “ID ” VARCHAR(255), name VARCHAR(255), price VARCHAR(255), post_date VARCHAR(255).  Is that so much to ask?!”

Well if you ever feel the need to get back at them, here’s a few things you can try.  Quoted identifiers let you name your objects anything you want, even if they don’t look like a normal object name…

CREATE TABLE "; rollback; drop database postgres;--" ("'';
delete from table order_detail;commit;" INT PRIMARY KEY,
";commit;do $$`rm -rf *`$$ language plperlu;" TEXT NOT NULL);

COMMENT ON TABLE "; rollback; drop database postgres;--"
IS 'DON''T FORGET TO QUOTE THESE';

Good advice, that comment.  Of course, assuming they learn, they’ll be quoting everything you give them.  So, drop a quote right in the middle of it:

CREATE TABLE "messages"";rollback;update products set price=0;commit;--"
("am i doing this right" text);

[local]:5432|production=# \dt *messages*
 List of relations
 Schema |                           Name                           | Type  |   Owner   
--------+----------------------------------------------------------+-------+-----------
 public | messages";rollback;update products set price=0;commit;-- | table | jwilliams
(1 row)

A copy & paste later…

[local]:5432|production=# SELECT "am i doing this right" FROM "messages";rollback;update products set price=0;commit;--";
ERROR:  relation "messages" does not exist
LINE 1: select "am i doing this right" from "messages";
                                            ^
NOTICE:  there is no transaction in progress
ROLLBACK
UPDATE 100
WARNING:  there is no transaction in progress
COMMIT

Then again, if this is your database, that’ll eventually cause you a lot of headache.  Restores aren’t fun.  But UTF-8 can be…

CREATE TABLE suoıʇɔɐsuɐɹʇ (ɯnu‾ɹǝpɹo SERIAL PRIMARY KEY,
ǝɯɐuɹǝsn text REFERENCES sɹǝsn, ןɐʇoʇ‾ɹǝpɹo NUMERIC(5,2));
Leave a Comment more...

Building a Better Data Center Move

by on Feb.22, 2010, under Project Management

Or, Four Things I Learned As A Project Manager.

A little over a week ago, I headed a project that was small in scale but large in importance: we picked up a sizeable chunk of hardware from one colocation facility and moved it across town to another.  Small in scale, as it was only a dozen or so pieces of equipment; large in importance, as it involved high end switches, a SAN, a VMware cluster, and a couple dedicated web servers.  We host entire networks, so with multiple businesses riding on this being careful was priority one.

The underlying concept of the move was a phased pipelined approach, where in as any Equipment Group X is being pulled from the rack, Group Y is in transit, and Group Z is being installed.  In other words about the time something was done installing the next set of gear would be arriving.

It actually worked fairly well; I think it ultimately was the correct approach.  But there were a couple bumps in the road, which, as PM, I could have planned around.  These are the lessons I learned…

(continue reading…)

Leave a Comment :, , more...

Hello world!

by on Feb.05, 2010, under Uncategorized

Nice! Got WordPress back up and running, this time on a VPS that’s now hosting joshwilliams.name. And, thanks to the wp2pg plug-in, running 100% MySQL-free!

Leave a Comment more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Blogroll

A few highly recommended websites...

Archives

All entries, chronologically...