[Toolserver-l] Please respect the rev_deleted-field

[Ilmari Karonen]

On 09/27/2010 05:45 PM, DaB. wrote:
>
> Our rules forbids displaying of data which is not visible on the Wikimedia-
> wikis any more. I know that the usage of the rev_delete-field by mediaiwiki is
> quite new (the mediawiki-devs didn't update their documentation until now
> AFAIS), so please look at your tools. If you use the revision-table and do
> showing single edits, then add a "AND rev_delete=0" to the where-clause where
> needed (it's of corse ok to ignore the field if you just display abstract data
> like "How many edits have a wiki").

Why do we even include those rows in the default views?  I don't think 
most people expect to get deleted rows on a simple query on the revision 
table, given that this was never the case under the old system (when 
they were moved to the archive table instead).

If someone really needs those rows, I guess we could always set up 
alternative views that include then.  But I'd think that would be rather 
uncommon use case.  (How many TS users are actually doing something with 
the archive table, anyway?)

> Please always remember: Just because you can see the data in the database,
> that is no allowance to show it to the world (if in doubt: ask a root).

True, but there's also no need to make it too easy to accidentally 
expose sensitive data.

(Compare with e.g. the absence of the user_password field from the 
views.  Technically, there shouldn't be much risk in exposing it, since 
it's salted and hashed, but there's little if any valid need for it either.)

-- 
Ilmari Karonen