httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk-Willem van Gulik <di...@webweaving.org>
Subject Re: round 2 of mod_authn_mysql
Date Mon, 17 Feb 2003 22:02:39 GMT

On Mon, 17 Feb 2003, Paul Querna wrote:

> - Add end user SQL query as suggested on apache-dev

And or change the apr_pstrcat into things like select "%s" from %s
with an apr_pstrNprintf( with a nice limit; as some of the values are from
potentially doggy sources; such as .htaccess file made by possibly hostile
users and from the network.

> - Test Scalling/Stability

Aye - you want to triple/double check your mysql_free()'s I'd guess. Or
have one exit after the claim you go to with an 'return e' set to
AUTH_USER_X Y or Z. Just to make it a bit more defensive. Or wrap inside a
function or soemthing :-).

You could also move/remove some of your DEBUG_AUTH_MYSQL to a APLOG_DEBUG;
that may make more sense ?

Dw,


Mime
View raw message