>> Would it be safe to limit use to "select" statements for
>> non-is_developer folks, so the curious could still explore the
>> database?
> My thoughts exactly. I'd even consider making sql-selecting
> available to any registered user (not just is_sysop or is_developer).
Or to anybody, with an SQL server that's open to the internet for
reading.
Because of load reasons, we probably shouldn't do that with the live
SQL server though. I would expect that, once we have regularly updated
database dumps for download (hint!), somebody will set up such a
server somewhere (and lots of other interesting things will happen).
Axel
In the interests of security, I removed special_asksqp.php from the
live server. I didn't change anything else, so the link still appears
for is_sysop, but is an error page now.
I think we should bring this function back, but...
1. Passwords should be encrypted in the database. In this way no
one, not even me, can see them.
2. This function should be an is_developer function, so that we can
freely hand out sysops even to people who might not know SQL at all --
or, like me, know just enough to be dangerous. :-)
In general, under the moral codes of wikipedia social culture, we want
to avoid against the creation of hierarchies of power *over the
content*. This doesn't imply, though, that developers shouldn't have
some tools for researching problems, tools that aren't made generally
available. The main thing is that we don't want there to ever be a
method for some people to "pull rank" over a content debate _within
the confines of the NPOV_.
(What I mean by that disclaimer: if a large group of people showed up
one day insisting the the true purpose of Wikipedia is as a humor
site, or as an exposition of the truth of their particular religion,
etc., then I'd be very much in favor of "pulling rank" to stop them.
But so long as the debater is even loosely attempting to comply with
NPOV, all of us should be equal -- it's that power which keeps us all
honest, I think.)
(As I've said on wikipedia-l and elsewhere, there's nothing wrong with a
humor wiki or a Christian wiki or whatever. It's just that none of those
things are wikipedia.)
--Jimbo
If we're going to be giving "sysop" status fairly liberally
(and I don't disagree with that as a policy), you might consider
still making at least one concession to database security:
currently, anyone with sysop access can query the database and see
users' passwords in plaintext. People tend to use the same
password for several things--so it wouldn't surprize me at all if
I were able to log onto Magnus's email account or something.
It shouldn't be too much work to use some minimal encryption there.
--
Lee Daniel Crocker <lee(a)piclab.com> <http://www.piclab.com/lee/>
"All inventions or works of authorship original to me, herein and past,
are placed irrevocably in the public domain, and may be used or modified
for any purpose, without permission, attribution, or notification."--LDC
I left rebuildLinks.php running from the command line last night. It looked good when
I left. This morning, I found this:
26476 of 45991: New_Zealand/People
26477 of 45991: New_Zealand/Transnational_issues
26478 of 45991: New_Zealand/Transportation
26479 of 45991: New_Zealand_English
26480 of 45991: New_directions_and_movements
26481 of 45991: New_liberalism
26482 of 45991: New_materials_(painting)
26483 of 45991: New_moon
26484 of 45991: New_moon/details
26485 of 45991: New_testament
26486 of 45991: New_topics
<br>
<b>Warning</b>: Wrong datatype for second argument in call to in_array() in <b>./wikiPage.php</b> on line <b>31</b><br>
<br>
<b>Fatal error</b>: Call to a member function on a non-object in <b>./special_newpages.php</b> on line <b>15</b><br>
[root@ross work-http]#
I suppose this means that there's some bad data in there somewhere?
Brion wrote (over on wikipedia-l):
> * Ability to run SQL queries on the database. Not useful unless you
> really know what you're doing.
Gee, this sounds dangerous.
Perhaps we should have is_developer, and restrict this command to developers?
--Jimbo
Hi all,
I just liked the layout suggestion from Marian
(http://www.wikipedia.com/wiki/user:Marian) so much that I couldn't resist
to check in a variant as a skin to the CVS archive.
It has the (preliminary) name "Cologne Blue", as both Marian and I are
living in Cologne, and the layout uses some blue ;)
Please check it out and help me. There are some things I didn't finish: Some
links (marked with a "!"), part of the links are not using the language
files, and of course, the colors are not nearly as good as those Marain
uses...
Magnus
Hi,
I took the old database test dump
http://wikipedia.sourceforge.net/fpw/newiki.sql.gz and applied the
database scheme changes from updSchema.sql and updLinks.php to create
a new dump which conforms with our current database scheme, so that
new hackers have something to play with. Where can I upload it?
Axel
Conversion script adds link to parent page from subpage:
Foo/Bar:
<text of subpage>
See also: Foo
Where is this q{See also} text ?
It should be q{Zobacz też}
That's the only problem I could find.
Btw, Jimbo or whoever else has access to wikipedia.com:
when will you setup test site for Polish PHP wikipedia ?
Hello, all.
I just began looking into using the Wikipedia software for my thinktank
website, Theoretic Solutions [ www.theoretic.com ]. I had been staying
away from Wikis despite their clear benefit to managing lots of
information from different people because of the awkward CamelCase-ing.
However, When I stumbled upon Wikipedia's new PHP script, I realized it
was perfect. Unfortunately, it requires MySQL, whereas I have Postgre
installed. Is there any way to add Postgre support easily enough, or
should I continue my search elsewhere? I'm afriad I do not know PHP,
although often employ Perl programmers, so hopefully I could return the
favor somehow. Thanks, all.
--
/\ Adam Theo, Age 22, Tallahassee FL USA
//\\ Email & Jabber: theo(a)theoretic.com
// \\ MSN: theo(a)theoretic.com YIM: adamtheo2
=//====\\= (Boycotting AOL, therefore no AIM or ICQ)
// || \\ Theoretic Solutions: http://www.theoretic.com
|| "Bringing Ideas Together"
|| Jabber Protocol: http://www.jabber.org
|| "The Coolest IM on the Planet"
|| "A Free-Market Socialist Patriotic American Buddhist"