Archive for the ‘Database’ Category

MySQL comparison catch: ‘abc’ = 00

Monday, May 25th, 2009

I was shocked to find a weakness in my authentication library today. It was possible to get around the password check if you knew the username. All you had to do was to enter 00 as the password. Or you just entered 00 as the username too and you got authenticated as the first user.

How to deal with IMMUTABLE error in indexes that work with timestamps

Wednesday, March 19th, 2008

Say that in an older version of PostgreSQL you had an index like this:

  1. CREATE INDEX logTypeDay ON myLog (eventType, date_trunc(‘day’, creationTime));

and now after upgrading to 8.1+ you’re getting:
ERROR: functions in index expression must be marked IMMUTABLE