Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
7
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
emulab
emulab-devel
Commits
1105ebe7
Commit
1105ebe7
authored
Dec 18, 2003
by
Leigh B. Stoller
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add log entry.
parent
8dbead16
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
99 additions
and
0 deletions
+99
-0
doc/ChangeLog
doc/ChangeLog
+99
-0
No files found.
doc/ChangeLog
View file @
1105ebe7
Modified
files
:
db
libdb
.
pm
.
in
xmlconvert
.
in
www
dbdefs
.
php3
.
in
joinproject
.
php3
moduserinfo
.
php3
newproject
.
php3
Added
files
:
www
dbcheck
.
php3
Log
:
First
try
at
solving
the
problem
of
validating
user
input
for
the
zillions
of
DB
fields
that
we
have
to
set
.
My
solution
was
to
add
a
meta
table
that
describes
what
is
a
legal
value
for
each
table
/
slot
for
which
we
take
from
user
input
.
The
table
looks
like
this
right
now
,
but
is
likely
to
adapt
as
we
get
more
experience
with
this
approach
(
or
it
might
get
tossed
if
it
turns
out
to
be
a
pain
in
the
ass
!).
CREATE
TABLE
table_regex
(
table_name
varchar
(
64
)
NOT
NULL
default
''
,
column_name
varchar
(
64
)
NOT
NULL
default
''
,
column_type
enum
(
'text'
,
'int'
,
'float'
)
default
NULL
,
check_type
enum
(
'regex'
,
'function'
,
'redirect'
)
default
NULL
,
check
tinytext
NOT
NULL
,
min
int
(
11
)
NOT
NULL
default
'0'
,
max
int
(
11
)
NOT
NULL
default
'0'
,
comment
tinytext
,
UNIQUE
KEY
table_name
(
table_name
,
column_name
)
)
TYPE
=
MyISAM
;
Entries
in
this
table
look
like
this
:
(
'virt_nodes'
,
'vname'
,
'text'
,
'regex'
,
'^[-\\w]+$'
,
1
,
32
,
NULL
);
Which
says
that
the
vname
slot
of
the
virt_nodes
table
(
which
we
trust
the
user
to
give
us
in
some
form
)
is
a
text
field
to
be
checked
with
the
given
regex
(
perlre
of
course
),
and
that
the
min
/
max
length
of
the
text
field
is
1
and
32
chars
respectively
.
Now
,
you
wouldn
't want to write the same regex over and over, and since we
use the same fields in many tables (like pid, eid, vname, etc) there is an
option to redirect to another entry (recursively). So, for "PID" I do this:
('
eventlist
','
pid
','
text
','
redirect
','
projects
:
pid
',0,0,NULL);
which redirects to:
('
projects
','
pid
','
text
','
regex
','
^[
a
-
zA
-
Z
][-\\
w
]+$
',2,12,NULL);
And, for many fields you just want to describe generically what could go
into it. For that I have defined some default fields. For example, a user
description:
('
experiment
,
'usr_name'
,
'text'
,
'redirect'
,
'default:tinytext'
,
0
,
0
,
NULL
);
which
redirects
to
:
(
'default'
,
'tinytext'
,
'text'
,
'regex'
,
'^[\\040-\\176]*$'
,
0
,
256
,
NULL
);
and
this
says
that
a
tinytext
(
in
our
little
corner
of
the
database
universe
)
field
can
have
printable
characters
(
but
not
a
newline
),
and
since
its
a
tinytext
field
,
its
maxlen
is
256
chars
.
You
also
have
integer
fields
,
but
these
are
little
more
irksome
in
the
details
.
(
'default'
,
'tinyint,'
int
,
'regex'
,
'^[\\d]+$'
,-
128
,
127
,
NULL
);
and
you
would
use
this
anyplace
you
do
not
care
about
the
min
/
max
values
being
something
specific
in
the
tinyint
range
.
The
range
for
a
float
is
of
course
stated
as
an
integer
,
and
thats
kinda
bogus
,
but
we
do
not
have
many
floats
,
and
they
generally
do
not
take
on
specific
values
anyway
.
A
note
about
the
min
/
max
fields
and
redirecting
.
If
the
initial
entry
has
non
-
zero
min
/
max
fields
,
those
are
the
min
mac
fields
used
.
Otherwise
they
come
from
the
default
.
So
for
example
,
you
can
do
this
:
(
'experiments'
,
'mem_usage'
,
'int'
,
'redirect'
,
'default:tinyint'
,
0
,
5
,
NULL
);
So
,
you
can
redirect
to
the
standard
"tinyint"
regular
expression
,
but
you
still
get
to
define
min
/
max
for
the
specific
field
.
Isn
't this is really neat and really obtuse too? Sure, you can say it.
Anyway, xmlconvert now sends all of its input through these checks (its
all wrapped up in library calls), and if a slot does not have an entry, it
throws an error so that we are forced to define entries for new slots as we
add them.
In the web page, I have changed all of the public pages (login, join
project, new project, and a couple of others) to also use these checks.
As with the perl code, its all wrapped up in a library. Lots more code
needs to be changed of course, but this is a start.
Revision Changes Path
1.143 +151 -1 testbed/db/libdb.pm.in
1.12 +19 -7 testbed/db/xmlconvert.in
1.70 +8 -66 testbed/www/dbdefs.php3.in
1.36 +33 -19 testbed/www/joinproject.php3
1.37 +36 -5 testbed/www/moduserinfo.php3
1.83 +48 -27 testbed/www/newproject.php3
stoller 2003/12/17 11:29:36 MST
Modified files:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
