Page MenuHomePhabricator

SecurePoll should comply with strict mode
Open, Needs TriagePublic

Description

A lot of the queries that SecurePoll runs only work if the database engine is not using strict mode. On many occasions, no value is passed for fields that don't have a default value defined for them in the table schema. All INSERT and UPDATE operations should be reviewed to ensure that they comply with strict mode and specify every field that does not have a default value.

Event Timeline

Huji created this task.Oct 11 2016, 6:15 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 11 2016, 6:15 PM

@Anomie: do you have an idea of how difficult it would be to complete this? I'm not asking you to do it, just wanting to understand how large the maintenance task might be.

@Deskana: do you know who took over product ownership for SecurePoll after you?

Huji added a comment.EditedOct 11 2016, 7:06 PM

@RobLa-WMF I have been contributing a lot to SecurePoll recently (see patches made for SecurePoll in the last 52 weeks) and intend to continue to do so. My plan is to complete this task myself. As for ownership, I'm not sure what the requirements are but I am happy to do that too.

@Huji - excellent! My apologies for making assumptions about @Anomie being the last active contributor. As for ownership, the requirements are very loosely defined, but demonstrating that you're responsive and motivated helps make the case that we should treat you as an owner.

This task blocks T108255, which means there might be a disconnect of priorities (e.g. you set this to low priority, but T108255 is normal priority). Ownership entails a willingness to resolve dependencies like that.

Huji raised the priority of this task from Low to Medium.Oct 11 2016, 7:58 PM

@RobLa-WMF No worries. Dependencies are fixed. I have subscribed to the project already and have been closely monitoring the changes. I will continue to do so.

@Anomie: do you have an idea of how difficult it would be to complete this? I'm not asking you to do it, just wanting to understand how large the maintenance task might be.

Not really, although chances are the hardest part is just finding which queries are problematic. After that it's just a matter of setting the fields (or changing the schema to have a default, but schema changes are more of a pain).

Huji added a comment.Oct 11 2016, 8:15 PM

@Anomie @RobLa-WMF I am not in favor of changing the schema either. I think a better solution is things like T147824 where we make sure the fields that are already there are correctly and explicitly populated. My estimate is that there are about 10 to 20 queries that need to be fixed. I will just do a complete sweep (with the help of grep) of the code and test each function in strict mode. It'll take time, but it'll let me find all of the culprit queries.

Huji claimed this task.Oct 26 2016, 11:09 PM
Huji removed Huji as the assignee of this task.May 20 2020, 7:53 PM
Huji raised the priority of this task from Medium to Needs Triage.
Restricted Application added a project: Platform Engineering. · View Herald TranscriptMay 20 2020, 7:53 PM