Re: [phpslash-users] Nasty "bug"
Brought to you by:
joestewart,
nhruby
Menu
▾
▴
Re: [phpslash-users] Nasty "bug"
|
From: Joe S. <joe...@us...> - 2003-04-24 15:45:06
|
On Thu, Apr 24, 2003 at 05:13:17PM +1000, Lars wrote: > Hey, all! > > I just went through something that seemed particularly nasty to me, and it > caused my site to go down for almost 24 hours. The fault looked like it was > caused by a dead httpd, but when I tried to reconstruct my site on a fresh > install I found the culprit - my rss feed, which I display on my own site > (only for logged in root users) made all pages with blocks on them > inaccessible to *all* users. This, however, was not apparent until I found > the problem. > > The following error in the logs (Error in source file:rdfparser::parse_file > could not open http://www.pda-nytt.no/backend.php3?d=0 ) lead me in the > right direction. For some reason it's all over my logs, so it cannot be a > "new" problem. > > This leads me to the following questions: > 1. How can a problem like this be allowed to crash a whole site ? The error condition was being logged for a period of time before the crash. Did the crash happen because the infolog table was full? The rss blocks have three states for error logging specified by the error option: errors = on - always display errors off - never display errors debug - only display errors in debug mode [default] For all three the infolog is written if you have the Infolog turned on. > 2. Why are blocks rendered even for users who shouldn't see them ? Isn't > this a security breach and/or too resource intensive ? > No security problem as it's all server side before output rendering. It is a balance between ease of site specific changes and db optimization. If there is anywhere you see we could improve the queries or data setup, speak up. Was there no cache time for this block? This would seem a performance bottleneck too. > It was only last night (after the crash) backend.php (I rewrite the url's > so php3 -> php) stopped giving output, and this error seems to have > occurred plenty before then. > what fun. Joe > If one of the developers wants the db dump from my site I'd be more than > happy to give it out (I'll change my pwd's, though;o) > > Cheers, > > Lars > |
