Re: Site Attack/Failure Recovery
Is there anyway of doing what is described below with version 5 or will I l have to wait for MySQL 6.0 PlanetMySQL Blog: MySQL 6.0 Feature #2: Online Backup Alexander Nozdrin, Chuck Bell, Lars Thalmann, Peter Gulutzan, Rafal Somla BACKUP DATABASE copies all data and metadata in one or more MySQL databases, into an "image file". RESTORE reads an image file and rewrites all the data and metadata in one or more MySQL databases. So if you lose a database, you can recover all of it as of the time of the last BACKUP DATABASE statement.And then you can re-run the statements in MySQL's binary log to recover "from the time of the last BACKUP DATABASE statement", "to the time that the database loss occurred". In other words ... Careful Use of Online Backup will protect from database loss. Rob Wultsch wrote: On Wed, May 14, 2008 at 10:25 PM, John Comerford <[EMAIL PROTECTED]> wrote: 2) Incremental Backups - say one every half hour, then a script to transfer that to an off site machine that way I can get the DB back to within the last good half hour... http://dev.mysql.com/doc/refman/5.0/en/mysqldump.html Being compromised is not inevitable, but hardware failure is. Having trusted (an therefore tested) backups is the only way to operate. Is there some practice in particular you are concerned about? Blanket suggestion: Don't escape things manually, have the db (or emulation) do it for you using prepared statements. It is easier to code this way, and much more secure in the long run. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Site Attack/Failure Recovery
I have worked as a DBA for a long time, just not with MySQL and I have spent a lot of time making sure the application is secure. I suppose my question was really what is the best way to do incremental backups? The DB I have most experience with has thing like after imaging etc. which allows you to easily roll A DB forward to a particular point in time, making disaster recover pretty straight forward. I am wondering if there is such a thing in MySQL or is there a product/scripts that are considered the "standard" for doing this sort of thing? Rob Wultsch wrote: On Wed, May 14, 2008 at 11:13 PM, John Comerford <[EMAIL PROTECTED]> wrote: Quickly scanning this page, it doesn't seem to give syntax for an incremental backup. I am hoping to be able to run something that dumps only data changed since the last backup. You could use diff and the previous dump to generate a incremental dump. I very much suggest against this. If you don't spend the time to really understand what is going on then you are going to end up hosed without a good backup to revert to. I suggest that if don't know how to sanitize input then you are over your head. People get paid a lot of money to to be DBA's, and good chunk of that is understanding disaster mitigation/recovery. K.I.S.S.: words to live by. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Site Attack/Failure Recovery
Quickly scanning this page, it doesn't seem to give syntax for an incremental backup. I am hoping to be able to run something that dumps only data changed since the last backup. Rob Wultsch wrote: On Wed, May 14, 2008 at 10:25 PM, John Comerford <[EMAIL PROTECTED]> wrote: 2) Incremental Backups - say one every half hour, then a script to transfer that to an off site machine that way I can get the DB back to within the last good half hour... http://dev.mysql.com/doc/refman/5.0/en/mysqldump.html Being compromised is not inevitable, but hardware failure is. Having trusted (an therefore tested) backups is the only way to operate. Is there some practice in particular you are concerned about? Blanket suggestion: Don't escape things manually, have the db (or emulation) do it for you using prepared statements. It is easier to code this way, and much more secure in the long run. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Site Attack/Failure Recovery
Hi Folks, I am fairly new to MySQL and I am going to be setting up a web site on a third party hosting machine. I continuously hear horror stories about machines/sites being hacked and databases being destroyed. Despite my best efforts I am sure I have some security flaws in my site. What I am looking to do is provide myself with a mechanism to roll back my database to a clean state if I happen to suffer one of these attacks (or a failure). I was wondering what is the best way to do this. From my limited knowledge of MySQL I think maybe I could use one of the following: 1) Binary Logs - Not really sure how these work but I was thinking of maybe coping them to an off site machine every half hour and apply them in sequence if I need to go back to a point in time ? 2) Incremental Backups - say one every half hour, then a script to transfer that to an off site machine that way I can get the DB back to within the last good half hour... I don't really know much about either so if someone could give me some pointers as to which is best it would be much appreciated... Thanks, JC -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Is there any workbench or development studio available for Linux?
http://dev.mysql.com/downloads/gui-tools/5.0.html http://dev.mysql.com/workbench/ legolas wrote: Hi thank you for reading my post Is there a development workbench or development/ administration studio available for linux? Whether from MySQL AB itself or other 3rd party companies? Thanks -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
DB Schema Comparison Utility ?
Hi Folks, I am new to MySQL. We have a development environment where we have three systems 1) Developement Database on Machine A 2) Test Databasae on Machine B 3) Live Database on Machine C So we make changes to the Developement Database, then move them to test then to live. My question is, is there a way of automatically migrating the changes from Dev to Test, Test to Live ? I have worked with a DB which had an admin function wherein you could connect two databases and it would run a comparison between the two databases and produce a file of schema differences which you could import to make the two DB schema's the same. Is there something like this for MySQL ? TIA, John -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Lock is Always Free
Hi Folks,
I am having problems trying to use the GET_LOCK and IS_FREE_LOCK
commands. I am trying to put together a queue manager. The theory is
that is would scan for queues, check for a lock and if the lock if free
then start the queue. When the queue process starts it should use
GET_LOCK to acquire a lock so that when the queue manager does another
pass IS_FREE_LOCK would return false and the manager would know the
queue is running. Also if the queue dies, the lock would be released
and the manager could restart it.
My problem is that the IS_FREE_LOCK always returns true.
I have done some testing with two instances of the Query Browser
running. In one I execute:
SELECT GET_LOCK('testing',10)
> 1
In the second I execute :
SELECT IS_FREE_LOCK('testing');
> 1
Maybe I have misinterpreted the scope of the lock functions, my
understanding was that the GET_LOCK should create a lock and the lock
should remain until a RELEASE_LOCK command is issued or the process that
created it terminates, is this correct ? If this is true anybody got
any ideas why the IS_FREE_LOCK is always true ?
TIA,
JC
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Unique Rowid
Hi Folks, I am in the process of putting together a web application. I have decided to add a 'RowId' field to all my tables and assign it a unique number so that I use it to retrieve data. In concept this number might be passed back to the server as part of an ajax request etc. My question is what is the best way to assign this number. My strongest feeling is to use an MD5 string: Advantages: 1) It is not 'guessable', a sequence number might open up some security issues by allowing a user to replace the RowId if it is held in hidden field or something like that. 2) It is 'sort' of unique, with the changes of it being duplicate fairly slim (I really only need it to be unique by table). Dis-advantages: 1) At 32 characters long it's pretty difficult to work with from an admin point of view 2) Performance, I am still fairly green with MySQL but I would have to assume that having an extra 32 char field in a table is going to have a performance impact. Do you guys reckon the performance hit will be significant (I know this is a bit of a 'how long is a piece of string' question). Does anybody know of a better way to do this ? I was also considering doing something along the lines of ProcessID + Year + Month + Day + Hour + Second + MilliSecond + 4 digit random, would this be a better idea ? TIA, JC -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Newbie Question connecting with windows named pipes (resolved)
Hi Sebastian,
That was it alright. I commented out the socket lines from mysql.ini
(restarted it) and changed my php command to:
$mysqli = new mysqli(".", $username,$password, $database);
and all seems to be working fine now.
Thanks again for your help, much appreciated.
Regards,
John
Sebastian Mendel wrote:
John Comerford schrieb:
Hi Sebastian,
I did read somewhere that sockets was not valid for windows, and
'/tmp/mysql.sock' doesn't resolve to anything on my machine. But I have
tried the following commands:
$mysqli = new mysqli(".", $username,$password, $database);
or
$mysqli = new mysqli(".", $username,$password, $database,null);
and I get the following error:
Can't open named pipe to host: . pipe: MySQL (2)
yes, 'MySQL' is default name of the pipe, used by the libaray
but when I include the "/tmp/mysql.sock" parameter it works fine. I was
thinking that maybe I have things configured in such a way that MySQL is
using "/tmp/mysql.sock" as the pipe name. I am going to do some testing
this evening to see if my suspicion is correct.
yes:
Note: you can specify a pipe name on the advanced network page, if required.
possible this is et with the soccket paramter in my.cnf
[mysqld]
#port= 3306
socket= /tmp/mysql.sock
--
1^st Floor, 184 -186 Glenferrie Road, Malvern VIC 3144
PH:*(03) 9500 1466*
FX :*(03) 9500 1469*
Email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Web: www.styleman.com.au <http://www.styleman.com.au>
The information in this e-mail is confidential and is intended solely
for the addressee. Any views or opinions presented are solely those of
the author and do not necessarily represent those of Option Systems Pty
Ltd. If you are not the intended recipient, please delete this message
and contact the sender.
Re: Newbie Question connecting with windows named pipes (resolved)
Hi Sebastian,
I did read somewhere that sockets was not valid for windows, and
'/tmp/mysql.sock' doesn't resolve to anything on my machine. But I have
tried the following commands:
$mysqli = new mysqli(".", $username,$password, $database);
or
$mysqli = new mysqli(".", $username,$password, $database,null);
and I get the following error:
Can't open named pipe to host: . pipe: MySQL (2)
but when I include the "/tmp/mysql.sock" parameter it works fine. I was
thinking that maybe I have things configured in such a way that MySQL is
using "/tmp/mysql.sock" as the pipe name. I am going to do some testing
this evening to see if my suspicion is correct.
Thanks again,
John
Sebastian Mendel wrote:
John Comerford schrieb:
Thanks Sebastian, that did the trick.
The full command I use is:
$mysqli = new mysqli(".", $username,$password,
$database,null,"/tmp/mysql.sock");
there is no need for the socket, their are no sockets on windows
$mysqli = new mysqli('.', $username, $password, $database);
Re: Newbie Question connecting with windows named pipes (resolved)
Thanks Sebastian, that did the trick.
The full command I use is:
$mysqli = new mysqli(".", $username,$password,
$database,null,"/tmp/mysql.sock");
Regards,
JC
Sebastian Mendel wrote:
John Comerford schrieb:
Hi Folks,
I have a database running on Window XP, that I want to disable network
connections to and enable 'named pipes'. I am running MySQL 5.0.27
and my.ini looks like...
[...]
I can connect to the DB using the GUI tools if I set my pipe name to
'/tmp/mysql.sock' using the login dialog box.
[...]
mysql_connect('.', ...);
you have to a dot as host: '.'
Newbie Question connecting with windows named pipes
Hi Folks,
I have a database running on Window XP, that I want to disable network
connections to and enable 'named pipes'. I am running MySQL 5.0.27
and my.ini looks like...
[client]
#password= your_password
port= 3306
socket= /tmp/mysql.sock
[mysqld]
#port= 3306
socket= /tmp/mysql.sock
#Allow connections via named pipes (Windows NT+ only). Note: you can
specify a pipe name on the advanced network page, if required.
enable-named-pipe
#Don't allow connections via TCP/IP.
skip-networking
I can connect to the DB using the GUI tools if I set my pipe name to
'/tmp/mysql.sock' using the login dialog box.
However when I try and connect using PHP I get an error. I have tried
several variants of the connect command and I get various errors but all
are along the lines of:
Unknown MySQL server host '/tmp/mysql.sock' (11004) or
Can't connect to MySQL server on 'localhost' (10061)
I have tried
$mysqli = new mysqli(null, $username,$password, $database);
$mysqli = new mysqli("localhost:/tmp/mysql.sock", $username,$password,
$database);
$mysqli = new mysqli("localhost", $username,$password,
$database,3306,"/tmp/mysql.sock");
$mysqli = new mysqli("localhost", $username,$password,
$database,"/tmp/mysql.sock");
$mysqli = new mysqli("/tmp/mysql.sock", $username,$password, $database);
I have also tried the above commands using mysqli_connect ? I have done
a few searches of the web but seem to always come up with something like
the above? Anybody have any ideas why it won't connect in PHP ?
I know this is not a PHP forum, but I am wondering if I have something
wrong in my MySQL setup ?
TIA,
JC
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Millisecond time stamp
I am writing a type of message stack that is built while a task is
processing and presented to the user at the end of processing. I do it
using a function like
Logit("Blah, blah, blah");
Which records the SessionID, Sequence and Message, which is presented to
the user in sequence at the end of processing.
I was thinking of indexing on Timestamp which lead to my first post.
But as Tim pointed out I am better off using an auto-increment (hence
the banging my head against the wall for not thinking of that myself).
So as far as I am concerned, problem solved
John Meyer wrote:
John Comerford wrote:
Thanks for the replies guys, banging my head against the wall for not
thinking of using an auto increment integer to handle the sequence,
I've got to cut back on those Friday night beers
Okay, color me confused, but what exactly are you wanting to do anyway?
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Millisecond time stamp
Thanks for the replies guys, banging my head against the wall for not thinking of using an auto increment integer to handle the sequence, I've got to cut back on those Friday night beers On 4/17/07, John Comerford <[EMAIL PROTECTED]> wrote: Hi Folks, A) One character string contain a string I build with the date and milliseconds tagged onto the end b) Two separate fields Field1 TimeStamp Field2 Milliseconds I am leaning towards approach B, but saying that it's more gut instinct than anything else. My questions are: 1) Is there some a better way to achieve what I want ? 2) Which of the two methods above would/do you use ? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Millisecond time stamp
Hi Folks, I am putting together a table to hold log entries. I was going to index it on a field with a type of TimeStamp. Unfortunately this will not suit my needs because I could have more than one log entry per second. As far as my (limited) knowledge goes I have two options to get around this: A) One character string contain a string I build with the date and milliseconds tagged onto the end b) Two separate fields Field1 TimeStamp Field2 Milliseconds I am leaning towards approach B, but saying that it's more gut instinct than anything else. My questions are: 1) Is there some a better way to achieve what I want ? 2) Which of the two methods above would/do you use ? I am using PHP to access the database and I am fairly new to both PHP and MySQL. TIA, JC -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
