httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dirk.vanGulik" <Dirk.vanGu...@jrc.it>
Subject Re: Comments on 1.1b3 mod_auth_msql.c file (fwd)
Date Mon, 10 Jun 1996 17:53:17 GMT
> not acked.
> pick off whatever takes your fancy.

Cheers. I'll check this; a good critical report is always very welcome :-)
 
> For example, the code to test if a user is in the database only once tests the
> number of COLUMNS returned by the SQL query, not the number of ROWS.  This is
> obviously wrong, as the number of columns is *always* one.  

hmm, I might have mixed up NumRows and NumFields, would not be the first time :-)

> In any case,
> supporting a db which allows for multiple password entries for the same person
> is just asking for trouble -- it violates good relational table design, too.

I quite agree. It was put in there because of feedback by quite a few people which
managed to get two entries into the database; mainly because mSQL itself is quite
buggy as well; allowing this to happen regardless of the primary key !.
 
> The code that tests for authorization duplicates lots of effort, too.  There
> is no need for the msql_check_auth() function to test for the valid users.

Hmm, that is why it just returns OK I guess :-)

> That's already done for you.  It only needs to test the individual groups.

That is what it does.

> The way it does that requires one SQL query *per group* listed in the access
> control file.  This is quite inefficient if you allow multiple groups to
> access a given directory.  My version of mod_auth_msql.c does all groups in
> one query to the server -- the merged version you are distributing wasn't
> based on the latest version of my code which does groups very efficiently.

Neat idea! Let's do some further merging.

Thanks for the report, the NumRow/NumField one should really be corrected, I'll
check that tomorrow. I like the idea of asking for all the groups in one go,
the disadvantage is that you have to be carefull with your query buffer.

Tha!

Dw.



Dw.

Mime
View raw message