I'm practicing creating a table of password hashes in MySQL using phpMyAdmin. The SQL code I try to enter is:
Edit: using the new code I am using:
INSERT INTO `user` (`username`, `salt`, `passwordhash`)
VALUES ('username', 'a1b2c3d4e5f6g', SHA2(CONCAT('password', 'a1b2c3d4e5f6g'), 256)));
After SHA2, everything is an error, with the first one saying "Unrecognized Keyword. (near CONCAT)." The rest all say "Unrecognized Token" and then whatever string, so it appears all these problems are just caused by CONCAT. Is there another way to concatenate strings?
You should have got
Error in query (1582): Incorrect parameter count in the call to native
function 'SHA2'
This way it is working for me
CREATE TABLE `user` (
`username` varchar(255) NOT NULL,
`salt` varchar(255) NOT NULL,
`passwordhash` varchar(255) NOT NULL
) ENGINE='InnoDB' COLLATE 'utf16_bin';
INSERT INTO `user` (`username`, `salt`, `passwordhash`)
VALUES ('username', 'a1b2c3d4e5f6g', SHA2('test',CONCAT('password', 'a1b2c3d4e5f6g')));
SELECT * FROM user;
username salt passwordhash
username a1b2c3d4e5f6g 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
username a1b2c3d4e5f6g 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
As per your new code: you have an extra bracket, again in , 256)));.
Here:
INSERT INTO `user` (`username`, `salt`, `passwordhash`)
VALUES ('username', 'a1b2c3d4e5f6g', SHA2(CONCAT('password', 'a1b2c3d4e5f6g'), 256));
This and with all the comments I left up there.
Edit: The following, as per going through the MySQL manual on SHA2() could be a related issue.
As per https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_sha2
This function works only if MySQL has been configured with SSL support. See Section 6.4, “Using Secure Connections”.
SHA2() can be considered cryptographically more secure than MD5() or SHA1().
SHA2() was added in MySQL 5.5.5.
So, make sure that the MySQL version you are using matches it or is higher than that. If it is lower than 5.5.5, then SHA2() isn't available for you to use. That, or it could be an sysadmin / security issue on the server.
Contact the sysadmin at your school if that is where you are running this off from, as it seems from what you said in comments - "I'm following a school tutorial that said to use SHA2". Either way, the MySQL version is important here.
To check the version of MySQL installed, use the following syntax in phpmyadmin:
SHOW VARIABLES LIKE "%version%";
Instead of what you used being SELECT VERSION();.
according to MySQL documentation:
SHA2(str, hash_length)
Calculates the SHA-2 family of hash functions (SHA-224, SHA-256, SHA-384, and SHA-512). The first argument is the cleartext string to be hashed. The second argument indicates the desired bit length of the result, which must have a value of 224, 256, 384, 512, or 0 (which is equivalent to 256). If either argument is NULL or the hash length is not one of the permitted values, the return value is NULL. Otherwise, the function result is a hash value containing the desired number of bits. See the notes at the beginning of this section about storing hash values efficiently
You need to provide a second parameter to the SHA2() function (the hash length) and this argument must be one of the values 224, 256, 384, 512, or 0.
INSERT INTO `user` (`username`, `salt`, `passwordhash`) VALUES ('username', 'a1b2c3d4e5f6g', SHA2(CONCAT('password', 'a1b2c3d4e5f6g'),256));
Related
I have this statement that is generated by Geoserver
SELECT
shape AS shape
FROM
(
SELECT
c.chantier_id id,
sdo_geom.sdo_buffer(c.shape, m.diminfo, 1) shape,
c.datedebut datedebut,
c.datefin datefin,
o.nom operation,
c.brouillon brouillon,
e.code etat,
u.utilisateur_id utilisateur,
u.groupe_id groupe
FROM
user_sdo_geom_metadata m, lyv_chantier c
JOIN lyv_utilisateur u ON c.createur_id = u.utilisateur_id
JOIN lyv_etat e ON c.etat_id = e.etat_id
JOIN lyv_operation o ON c.operation = o.id
WHERE
m.table_name = 'LYV_CHANTIER'
AND m.column_name = 'SHAPE'
) vtable
WHERE
( brouillon = 0
AND ( etat != 'archive'
OR etat IS NULL )
AND sdo_filter(shape, mdsys.sdo_geometry(2003, 4326, NULL, mdsys.sdo_elem_info_array(1, 1003, 1), mdsys.sdo_ordinate_array(
2.23365783691406, 48.665657043457, 2.23365783691406, 48.9341354370117, 2.76649475097656, 48.9341354370117, 2.76649475097656, 48.665657043457, 2.23365783691406, 48.665657043457)), 'mask=anyinteract querytype=WINDOW') = 'TRUE' );
On my local instance (dockerized if that can explain anything) it works fine, but on another instance I get an error :
ORA-13226: interface not supported without a spatial index
I guess that the SDO_FILTER is applied to the result of SDO_BUFFER which is therefore not indexed.
But why is it working on my local instance ?!
Is there some kind of weird configuration shenanigan that could explain the different behavior maybe ?
EDIT : The idea behind this is to get around a bug in Geoserver with Oracle databases where it renders only the first point of MultiPoint geometries, but works fine with MutltiPolygon.
I am using a SQL view as layer in Geoserver (hence the subselect I guess).
First, you need to do some debugging here.
Connect to each instance, on the same user as your Geoserver's datasource, and run the sql. From the same connections (in each instance) you must also verify that the user's metadata view (user_sdo_geom_metadata) have an entry for the table and the table has a spatial index - whose owner is the same user as the one you connect.
Also, your query ( select ... from 'vtable') has a column 'shape' which is a buffer of the column lyv_chantier.shape. The sdo_filter, in this sql, expects a spatial index on the vtable.shape - which cannot exist. You should try to use a different alias (e.g. buf_shape) and sdo_filter(buf_shape,...) - to see if the sql fails in both instances, as it should.
I'm in a bit of a hurry right now, so my instructions are summarized. If you want, do this debugging and post the results. We then can go into details.
EDIT: Judging from your efforts, I'd say that the simplest approach is: 1) add a second geometry column to lyv_chantier (e.g. buf_shp). 2) update lyv_chantier set buf_shp = sdo_geom.sdo_buffer(shape,...). 3) insert into user_sdo_geom_metadata the values (lyv_chantier, buf_shp, ...). 4) create a spatial index on column buf_shp. You may need to consider a trigger to update buf_shp whenever shape changes...
This is a very practical approach but you don't provide any info about your case (what is the oracle version, how many rows does the table have, how is it used, why do you want to use sdo_buffer, etc), so that's my recommendation for now.
Also, since you are, most likely, using an sql view as layer in Geoserver (you don't say anything about that, either), you could also consider using pure GS functionality to achieve your goal.
At the end, without describing your goal, it's difficult to provide anything more tailor-made.
I just bought a Kobo eReader which forces me to register at their website before the eReader functions. Seeing that I'm quite a privacy fundamentalist I refuse to register to read a couple books, so I went searching for an alternative. This brought me to this blogpost, which suggests to open the SQLite DB on the eReader and manually inserting a user with the following insert (formatted for readability):
INSERT INTO user (
UserID
,UserKey
,UserDisplayName
,UserEmail
,___DeviceID
,HasMadePurchase
)
VALUES (
‘5b8b0d65-b50f-4460-b6df-aca5e64f4882’
,’626d73ed-8382-4c1d-9750-cfe741c6e773’
,’a_name’
,’an_email_address’
,’01:23:45:67:89:ab’
,’TRUE’
);
So I found the sqlite database and I ran the query, but I get the following error message
SQLiteManager: Likely SQL syntax error: INSERT INTO user(UserID,UserKey,UserDisplayName,UserEmail,___DeviceID,HasMadePurchase) VALUES(‘5b8b0d65-b50f-4460-b6df-aca5e64f4882’,’626d73ed-8382-4c1d-9750-cfe741c6e773’,’a_name’,’an_email_address’,’01:23:45:67:89:ab’,’TRUE’);
[ unrecognized token: "4c1d" ]
Exception Name: NS_ERROR_FAILURE
Exception Message: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [mozIStorageConnection.createStatement]
I looked at the structure of the user table, which is (as you can see below), slightly different from the the query.
CREATE TABLE user (
UserID TEXT NOT NULL
,UserKey TEXT NOT NULL
,UserDisplayName TEXT
,UserEmail TEXT
,___DeviceID TEXT
,FacebookAuthToken TEXT <= missing from query
,HasMadePurchase BIT DEFAULT FALSE
,IsOneStoreAccount BIT DEFAULT FALSE <= missing from query
,IsChildAccount BIT DEFAULT FALSE <= missing from query
,PRIMARY KEY (UserID)
)
As you can see there are three columns in the db which are not in the query. I don't think that this is the source of the error though.
Does anybody know what the error means and how I can solve the error? All tips are welcome!
Change the single quotes on the VALUES section to double quotes - the error references the middle portion of your string.
In addition to that, surround the column values in backticks and then everything works.
I am using twilio to provide audio conference functionality in my rails app. When I call my conference number, twilio passes on a couple of values - including 'From' which contains the caller's phone number in international format.
I have a profile for every user in my system and in my controller I am querying the profile to provide a personalised welcome message. Every profile contains between 0 and 3 numbers (primary, secondary and cellphone) and I need to check the caller's ID against those three fields in all profiles.
When I use the console on my dev machine, the following code finds the correct profile:
Profile.find_by('+44000000000')
When I upload to heroku, I use following code instead:
name = Profile.find_by(params['From']) || 'there'
Which causes an error in my app:
2014-04-03T19:20:22.801284+00:00 app[web.1]: PG::DatatypeMismatch: ERROR: argument of WHERE must be type boolean, not type bigint
2014-04-03T19:20:22.801284+00:00 app[web.1]: LINE 1: SELECT "profiles".* FROM "profiles" WHERE (+4400000000) ...
Any suggestion how that could be solved?
Thanks!
Additional information:
I think my problem is that I don't know how to query either the whole profile or three columns at once. Right now the code:
name = Profile.find_by(params['From'])
is not correct (params['From'] contains a phone number) because I am not telling rails to query the columns primary phone number, secondary phone number and cellphone. Neither am I querying the whole profile which would also be an option.
So the question basically is:
How can I change this code:
Profile.find_by(params['From'])
so that it queries either all fields in all profiles or just the three columns with phone numbers which each profile contains?
Is there something like Profile.where(:primary_number).or.where(:secondary_number)or.where(:cellphone) => params['From']
?
I am not familiar with twilio and not sure if this helps but find and find_by_attribute_name accepts array of values as options:
name = Profile.find_by([params['From'], 'there'] )
suppose params['From'] was here , This should generate:
SELECT `profiles`.* FROM `profiles` WHERE `profiles`.`attribute` IN ('here', 'there')
Or:
If you are trying to build dynamic matcher at run time , which is called Meta-programming , you can try this code:
name = eval("Profile.find_by_#{params['From']) || 'there'}(#rest of query params here) ")
Update
First of all, i think you are not using find_by correctly!! the correct syntax is:
Model.find_by(attribute_name: value)
#e.g
Profile.find_by(phone_number: '0123456')
Which will call where and retrive one record, but passing a value will generate a condition that always passes, for example:
Model.find_by('wrong_condition')
#will generate SQL like:
SELECT `models`.* FROM `models` WHERE ('wrong_condition') LIMIT 1
#which will return the first record in the model since there is no valid condition here
Why don't you try:
Profile.where('primary_number = ? OR secondary_number = ? OR cellphone = ?', params['From'], params['From'], params['From'])
You can write your query like:
Profile.where("primary_number = ? or secondary_number = ? or cellphone = ?", params['From'])
Just double check the syntax, but that should do it.
I am getting this error:
String was not recognized as a valid Boolean.Couldn't store <No> in meetsstd Column. Expected type is Boolean
When I am running this query:
SELECT * FROM work_nylustis_2013_q3.nylustis_details WHERE siteid = 'NYLUSTIS-155718' LIMIT 50
From this code:
Adapter.SelectCommand = New NpgsqlCommand(SQL, MLConnect)
Adapter.Fill(subDT) ' This line throws error
The meetsstd field is a varchar(3) and it does store either a 'Yes' or a 'No' value. How is this getting this confused with a boolean - a varchar should not care whether is holds 'Yes', or 'Si', or 'Oui'? And it only happens on 27 records out of the 28,000 in the table.
I usually blame npgsql for this kind of strangeness, but the last entry in the stack trace is: System.Data.DataColumn.set_Item(Int32 record, Object value)
Any clues?
Thanks!
Brad
To check if it is problem with database or with driver you can reduce problem to one row and column using your current environment:
SELECT meetsstd FROM work_nylustis_2013_q3.nylustis_details WHERE sitenum=1
(of course you must change sitenum into primary key)
Then try such query using psql, pgAdmin or some JDBC/ODBC based general editor.
If psql shows such record which raises error with your Npgsql based application then problem is with Npgsql driver or problem is with displaying query results.
If other tools shows such strange errors then problem is with your data.
Have you changed type of meetsstd field? Mayby you try to show it on some grid and this grid used Boolean field which was converted to Yes/No for displaying?
Forgive me if I could have any sort of fundamental error here. I'd imagine there's something simple I'm missing. I'm looking to store Twitter updates in a database with only a few fields: an auto-increment index, the time posted, the actual status update & the user id the update is in reply to.
I'm simply storing this last field so I can provide a method of filtering out replies.
But it appears that my SQL code is throwing an error. As of this writing, the SQL properly inserts the two most recent updates, which are both replies to another user and, therefore, have data in the in_reply_to_user_id field. But on the third update, which is not in reply to anyone, I get the following error:
Error Number: 1064
You have an error in your SQL syntax;
check the manual that corresponds to
your MySQL server version for the
right syntax to use near ')' at line 1
INSERT IGNORE INTO updates (time,
status, postid, reply) VALUES
(1260070319, 'I guess Johnny Cash knew
what he was talking about in that \"A
Boy Named Suh\" song. That guy is both
fast and mean.', '6389320556', )
Twitter's API states no default value for this parameter. I tried the same query with the "favorited" parameter, and it correctly labeled each row with "false" in my database. So I'm assuming my problem is with inserting an empty string.
For what it's worth, here is my CodeIgniter method:
function insert_tweet($tweet){
foreach($tweet as $t) {
$when = strtotime($t->created_at);
$status = $t->text;
$postid = $t->id;
$reply = $t->in_reply_to_user_id;
$sql = 'INSERT IGNORE INTO updates (time, status, postid, reply) VALUES (?, ?, ?, ?)';
$this->db->query($sql, array($when, $status, $postid, $reply));
}
}
Any help you could give would be great! I hope I've provided enough information!
More info: I should also note that CodeIgniter is throwing the following error:
A PHP Error was encountered
Severity: 4096
Message: Object of class stdClass
could not be converted to string
Filename: database/DB_driver.php
Line Number: 598
In the off chance that this proves some sort of CI idiosyncrasy to be at fault.
I don't know php but in asp.net style pseudo code i would do this...
$this->db->query($sql, array($when, $status, $postid, string.IsNullOrEmpty($reply) ? null : $reply));
Hopefully you can adapt, just need to deal with the empty parameter.
I don't speak codeigniter, but I can tell you how to fix your problem.
You have two options
Check is the string empty, if so, instead of having a blank value, put in the null keyword.
Check is the value empty, if so, leave that column out of the insert statement's cloumns and values.
Hope this helps
I'm not sure about codeigniter (never used it) but I know that you will need to get the null value to appear as NULL
function insert_tweet($tweet){
foreach($tweet as $t) {
$when = strtotime($t->created_at);
$status = $t->text;
$postid = $t->id;
$reply = (is_null($t->in_reply_to_user_id) ? 'NULL' : $t->in_reply_to_user_id);
$sql = 'INSERT IGNORE INTO updates (time, status, postid, reply) VALUES (?, ?, ?, ?)';
$this->db->query($sql, array($when, $status, $postid, $reply));
}
}
I'm not sure if that will produce the desired SQL:
INSERT IGNORE INTO updates (time, status, postid, reply) VALUES (1260070319, 'I guess Johnny Cash knew what he was talking about in that \"A Boy Named Suh\" song. That guy is both fast and mean.', '6389320556', NULL)
edit Also make sure that the field in the database can be null.
Hope this helps..
Why not alter the last column and make it default to NULL?
When you want to insert some record without this field you just ignore it in the 'INSERT' statement.
And be sure not to put a pending comma between the last column value and the right parenthisis.
:)
You're coming from the CodeIgniter forums right? I think the issue is coming from your Twitter library. Can you post that code? For somereason, it's returning a NULL status as an Object, which it shouldn't do.
Hey guys, the answers here seemed to be close, but no cigar. I got some help from the great folks on the CodeIgniter forums, and here's what I came up with:
$reply = (is_null($t->in_reply_to_user_id) || is_object($t->in_reply_to_user_id) ? ‘NULL’ : $t->in_reply_to_user_id);
Essentially, like Zack said, it is returning the empty field from the Twitter API as an empty object instead of null. So I needed to check if this is either null or an object, then return NULL. And if not, return the user_id string.
Thanks a ton for your help!