[Mediawiki-l] Stopping MySQL with a BIG query

Tim Starling tstarling at wikimedia.org
Wed May 9 16:05:32 UTC 2007


John Bidder wrote:
> Update to this issue. The full query was in fact:
> 
> The query was:-
>                  14874 Query       SELECT page_id, page_namespace,
> page_title FROM `mw_page`,`mw_searchindex` WHERE page_id=si_page AND (
> (MATCH (si_title) AGAINST ('href')) AND (MATCH (si_title) AGAINST ('http'))
> AND (MATCH (si_title) AGAINST ('adult')) AND (MATCH (si_title) AGAINST
> ('myddns')) AND (MATCH (si_title) AGAINST ('free-teen-porn')) AND (MATCH
> (si_title) AGAINST ('Free')) AND (MATCH (si_title) AGAINST ('teen')) AND

[...]

Looks like someone is trying to post spam via your search box. Contact
them and ask them to kindly post it via the edit box instead.

A quick hack like this should also fix the problem:

Index: SpecialSearch.php
===================================================================
--- SpecialSearch.php	(revision 21993)
+++ SpecialSearch.php	(working copy)
@@ -31,6 +31,9 @@
 	global $wgRequest, $wgUser;

 	$search = $wgRequest->getText( 'search', $par );
+	if ( strlen( $search ) > 200 ) {
+		throw new MWException( "Search query too big" );
+	}
 	$searchPage = new SpecialSearch( $wgRequest, $wgUser );
 	if( $wgRequest->getVal( 'fulltext' ) ||
 		!is_null( $wgRequest->getVal( 'offset' ) ) ||




More information about the MediaWiki-l mailing list