Re: Getting Found Count When Using Limit
On 3/21/02 at 12:51 PM, Allon Bendavid wrote: > Tough thing to do. Fortunately we thought this through for you in jTalk. > Keep your eyes peeled for a formal announcement next week. Actually, easy thing to do through the APIs or most third-party languages that let you access MySQL. I'm looking for a way to do it using raw MySQL statements. I think I found my answer in the list archives. It's not possible without using multiple SQL statements. [fletcher] -- Fletcher Sandbeck [EMAIL PROTECTED] Lasso Product Specialist [EMAIL PROTECTED] Blue World Communications, Inc. http://www.blueworld.com/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Getting Found Count When Using Limit
I am trying to get the full found count from a query while using LIMIT to return just a portion of the found records. I can use two queries in a row to get first the found count, then the found records, but that takes twice as long as performing either query by itself. SELECT COUNT(*) FROM database.table WHERE query SELECT fields FROM database.table WHERE query LIMIT 10 If I use "COUNT(*),fields" in the SQL statement I have to add a GROUP BY clause. If I GROUP BY my auto increment field then COUNT(*) always evaluates to 1. If I GROUP BY a constant in every row then I get one record back with the correct total. Is there any way to get both the number of records found and the first set of results using a single query? Thanks, [fletcher] -- Fletcher Sandbeck [EMAIL PROTECTED] Lasso Product Specialist [EMAIL PROTECTED] Blue World Communications, Inc. http://www.blueworld.com/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Error Code 13 when using ALTER TABLE
On 1/2/02 at 3:32 PM, Robert Alexander wrote: > I'd suggest checking to see if you (or the user MySQL is running as) > have the necessary permissions to alter or rename a file in that > directory. Some additional details. I can usually perform at least one ADD COLUMN successfully before I start getting this error. I also seem to be able to create databases and tables without a problem. This leads me to believe that th permissions are set properly. Once I get the error, I can't perform any more ALTER TABLE commands, but I am still able to search the database without any problems. CHECK TABLE reports that the table is OK until I perform a REPAIR TABLE command, after that CHECK TABLE reports that the last REPAIR TABLE failed. Restarting the MySQL service seems to correct whatever is wrong with the table and I am then able to do ADD COLUMN again (usually one successful call, then errors on subsequent calls). [fletcher] Original Message At 12:16 -0800 2002/01/02, Fletcher Sandbeck wrote: >This is with MySQL 3.23.42-nt on Windows 2000. > >I am issuing the following SQL statement and getting back an error message. > >ALTER TABLE Database.Table ADD COLUMN Field VARCHAR(255) > >error: 7, Error on rename of '.\Database\Table.MYI' to >'.\Database\#sql2-538-1.MYI' (Errcode: 13) > >A CHECK TABLE of the table says that it is OK, but a REPAIR TABLE reports an >error '13 when fixing table' and 'Operation Failed' as the final status. > >Any ideas of what is going wrong? > >[fletcher] -- Fletcher Sandbeck [EMAIL PROTECTED] Lasso Product Specialist [EMAIL PROTECTED] Blue World Communications, Inc. http://www.blueworld.com/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Error Code 13 when using ALTER TABLE
This is with MySQL 3.23.42-nt on Windows 2000. I am issuing the following SQL statement and getting back an error message. ALTER TABLE Database.Table ADD COLUMN Field VARCHAR(255) error: 7, Error on rename of '.\Database\Table.MYI' to '.\Database\#sql2-538-1.MYI' (Errcode: 13) A CHECK TABLE of the table says that it is OK, but a REPAIR TABLE reports an error '13 when fixing table' and 'Operation Failed' as the final status. Any ideas of what is going wrong? [fletcher] -- Fletcher Sandbeck [EMAIL PROTECTED] Lasso Product Specialist [EMAIL PROTECTED] Blue World Communications, Inc. http://www.blueworld.com/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: MySQL and encryption
On 11/20/01 at 6:22 PM, Sergei Golubchik wrote: > Hi! > > On Nov 20, William R. Mussatto wrote: > > On Tue, 20 Nov 2001, Ken Kinder wrote: > > > > > Date: Tue, 20 Nov 2001 08:41:20 -0700 > > > From: Ken Kinder <[EMAIL PROTECTED]> > > > To: Thomas Kotze` <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > > > Subject: Re: MySQL and encryption > > > > > > I would like to know if anyone has some advice on encrypting credit cards > > > myself, as it's something I'm going to be needing to look into for my own > > > purposes. > > I've used the Crypt::CBC > > process in perl. > > One thing to remember, if you expose the kind of credit card (e.g., > > discover) in another column then at least the 1st digit if not the first > > four digits are known so breaking it is not impossible; however, with a > > truely random key and a cypher system like twofish or blowfish you should > > be relatively safe. Of course if they completely hack the box its a lost > > cause since they can find both the code which specifies the method and > > the key. > > And if they don't, you need not this compression at all. > > It means that if you want to have _some_ data in the database encrypted, > most probably, you have made wrong design decision. > (If you want to encrypt _all_ the data - use cryptfs for files and > ssl for the traffic). I think it is worth encrypting some data in a database since it reduces the possibility that an accidental exposure is going to compromise your customers. If no data in the database is encrypted the someone who gets hold of a backup or manages to get into the database through a network connection can see the sensitive data. If the data is encrypted then they also have to find the key, determine the algorithm, etc. If the key and algorithm are not stored in the database, for example if they are stored in the server-side code of your Web pages, then they need to gain access not just to the database, but also to the code of your Web pages in order to compromise the security of the sensitive data in the database. This is the reason why backups might be placed in safe within a locked server room within a secure building. Maybe the combination to the safe is written down in the manager's desk, but it requires several steps and several keys to get to the sensitive data. The compromise of one key is not sufficient. In any case, it is never sufficient to assume that simply encrypting some data makes it secure. You need to think about the security of the network between machines on your LAN, the security of your backups, the security of your administration tools, etc. Also, you need to think about how you'll get to the secured data in the future if you need to. What happens if you lose the key that was used to encrypted the data? [fletcher] -- Fletcher Sandbeck [EMAIL PROTECTED] Lasso Product Specialist [EMAIL PROTECTED] Blue World Communications, Inc. http://www.blueworld.com/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: mysql and credit cards
On 7/25/01 at 7:12 PM, Alexander Skwar wrote: > However, if you need to reconstruct it, nothing is safe. And that's > quite simple: > a) You need to get access to the MySQL server. Impossible to do from > the outside if '--skip-networking' is used. > b) So, only possible from the localhost. This means, there must have > been a break in to the MySQL server. Once he's on the server, he can do > anything he likes. He can also read the source code of your PHP/PERL > pages. There the password will be stored, somewhere. Once the password > has been found (which is nothing but a matter of time), your encryption > is broken. I respectfully disagree with this assessment. Encrypting data in a database can be useful, even if the key is relatively easy to find. The situation you describe is one of a determined individual trying to gain access to credit card data. This is indeed the most difficult type of person to prevent gaining access to your data. If they are able to compromise your system then they will be able to decrypt the data in the database and get the credit card numbers. However, encryption prevents casual viewing of credit card data and prevents the discovery of credit card data if a secondary system is compromised. For casual viewing, you may have employees who have access to the database for the purpose of fulfilling orders or contacting customers. If credit card numbers are encrypted then the employees will have to take a positive step to steal credit card numbers. They won't be able to simply jot down numbers out of the data they have available. For example, if an individual gains the ability to execute SQL statements on your server, but doesn't have file access. If the credit card numbers are stored plain then they can gain access to them. If they are stored encrypted then the data is of no use without the key. > So, overall, I'd say: Don't hassle with encryption: It's not worth it. I would counter that symmetric encryption is reasonably easy to implement and provides a modicum of security, so why not go ahead and do it. Just don't be fooled that a determined individual won't be able to defeat your encryption. It's rather like HTTPS encryption. It's a first step that prevents casual peeking at the data which is being transmitted between a client and the server. However, it does not prevent a determined individual from seeing the traffic. [fletcher] -- Fletcher Sandbeck [EMAIL PROTECTED] Lasso Product Specialist [EMAIL PROTECTED] Blue World Communications, Inc. http://www.blueworld.com/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Error Codes
On 7/3/01 at 12:48 PM, Gerald Clark wrote: > Check the source for mysqld_error.h Thanks. I have seen these, but I was hoping for a list with more explicit descriptions. My current plan is to go through this list and take descriptions from the manual/books for each error that I can locate, but this process will take some time. I hate to duplicate work. [fletcher] -- Fletcher Sandbeck [EMAIL PROTECTED] Lasso Product Specialist [EMAIL PROTECTED] Blue World Communications, Inc. http://www.blueworld.com/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Error Codes
I am looking for a concise listing of all the error codes that MySQL might return after issuing a SQL statement. The manual and other books I've checked have descriptions of the errors, but don't seem to collect them all into one reference. Thanks, [fletcher] -- Fletcher Sandbeck [EMAIL PROTECTED] Lasso Product Specialist [EMAIL PROTECTED] Blue World Communications, Inc. http://www.blueworld.com/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
