<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div><font face="Courier New">Hi Andrew,</font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New">(1) - MY MISTAKE</font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New">I completely understand your reason for disabling the deletion of the password column and the alert note is clearly visible.</font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New">I tried to replicate the 'password into email column' behaviour on a clean virtual machine and it didn't happen again. This must have been a misconfiguration in my original 3.0.16 database (i.e. password stored in password AND email column - probably an auto-form-fill slip in phpmyadmin). I'll try to verify this later with an archived sql-dump, as I have reset the system to an earlier state in the meantime. </font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New">My apologies, I really should have double-checked before filing this one.</font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New">(2) - BUG STILL PRESENT</font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New">@rev 515: </font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New">upgrade-database.php terminates without any warnings or errors, </font><span style="font-family:'Courier New';font-size:12pt;">but password is still not hashed -> the value is NULL (see column 8 of upgraded database below)</span></div><div><font face="Courier New"><br></font></div><div><div>mysql> select * from cqpwdebug.user_info;</div><div>+----+----------+----------+----------------+----------------------+-------------+---------+----------+-------------+------------+-------------+----------------------+---------------------+---------------------+---------------+-------------------+------------+-------------------+--------------+---------------------------+----------------+-------------------+----------------+-----------+---------+------------+----------+</div><div>| id | username | password | realname | email | affiliation | country | passhash | acct_status | verify_key | expiry_time | password_expiry_time | last_seen_time | acct_create_time | conc_kwicview | conc_corpus_order | cqp_syntax | context_with_tags | use_tooltips | thin_default_reproducible | coll_statistic | coll_freqtogether | coll_freqalone | coll_from | coll_to | max_dbsize | linefeed |</div><div>+----+----------+----------+----------------+----------------------+-------------+---------+----------+-------------+------------+-------------+----------------------+---------------------+---------------------+---------------+-------------------+------------+-------------------+--------------+---------------------------+----------------+-------------------+----------------+-----------+---------+------------+----------+</div><div>| 1 | mkiller | debugpass | unknown person | markus.killer@uzh.ch | NULL | 00 | NULL | 1 | NULL | 0 | 0 | 0000-00-00 00:00:00 | 0000-00-00 00:00:00 | 1 | 1 | 0 | 0 | 1 | 1 | 6 | 5 | 5 | -3 | 3 | 1000000 | au |</div><div>+----+----------+----------+----------------+----------------------+-------------+---------+----------+-------------+------------+-------------+----------------------+---------------------+---------------------+---------------+-------------------+------------+-------------------+--------------+---------------------------+----------------+-------------------+----------------+-----------+---------+------------+----------+</div><div>1 row in set (0.00 sec)</div></div><div><br></div><div>When trying to login to the upgraded system, I get this message:</div><div><br></div><div><table class="ecxconcordtable" width="100%" style="font-family:'Times New Roman';"><tbody><tr><th class="ecxconcordtable">Your login was not successful.</th></tr><tr><td class="ecxconcorderror"> <br><p class="ecxerrormessage">The credentials you entered are not valid.</p> <br></td></tr><tr><td class="ecxconcorderror"> <br><p class="ecxerrormessage">Please go back to the log on page and try again.</p></td></tr></tbody></table></div><div><br></div><div>Best wishes,</div><div>Markus</div><div><br></div><br><div>> From: a.hardie@lancaster.ac.uk<br>> To: cwb@sslmit.unibo.it<br>> Date: Wed, 22 Jan 2014 12:04:36 +0000<br>> Subject: Re: [CWB] CQPweb: upgrade-database.php v3.0.16 > v3.1.0<br>> <br>> Hi Markus,<br>> <br>> I have been puzzling over this at great length and have got nowhere. <br>> <br>> (1) The old password column exists because I disabled its deletion to make rollback easier if needed. (There is an alert note in the printed output telling people to drop the password column manually after the fact).<br>> <br>> But the old password going into the email column is something I just can't figure out. It's not happened on the system I upgraded (albeit that wasn't with 512 but an earlier version) and I can't find anything in the code of upgrade-database that ought to alter the contents of the email column in that way.<br>> <br>> (2) Likewise this puzzles me, there WAS a bug that did this, but I thought I had fixed it in commit 502.<br>> <br>> So, if you can add any further details related to this bug that might help me track it down, that would be very much appreciated....<br>> <br>> best<br>> <br>> Andrew.<br>> <br>> -----Original Message-----<br>> From: cwb-bounces@sslmit.unibo.it [mailto:cwb-bounces@sslmit.unibo.it] On Behalf Of Markus Killer<br>> Sent: 21 January 2014 13:10<br>> To: Open source development of the Corpus WorkBench<br>> Subject: Re: [CWB] CQPweb: upgrade-database.php v3.0.16 > v3.1.0<br>> <br>> upgrade-database.php rev512 runs smoothly now, but there seem to be two more issues:<br>> <br>> (1) - the old password is mapped into table:user_info column:password and accidentally, I think, into column:email as well<br>> <br>> (2) - the password is not hashed (passhash: NULL) and, consequently, authentication fails.<br>> <br>> --> not possible to login as superuser after running upgrade-database.php (unless you manually add passhash)<br>> <br>> <br>> ----------------------------------------<br>> > From: a.hardie@lancaster.ac.uk<br>> > To: m.killer@outlook.com; cwb@sslmit.unibo.it<br>> > Date: Tue, 21 Jan 2014 12:50:34 +0000<br>> > Subject: Re: [CWB] CQPweb: upgrade-database.php v3.0.16> v3.1.0<br>> ><br>> > Think I've squished that one in 512.<br>> ><br>> > Andrew.<br>> ><br>> > -----Original Message-----<br>> > From: cwb-bounces@sslmit.unibo.it [mailto:cwb-bounces@sslmit.unibo.it] On Behalf Of Markus Killer<br>> > Sent: 21 January 2014 10:48<br>> > To: Open source development of the Corpus WorkBench<br>> > Subject: [CWB] CQPweb: upgrade-database.php v3.0.16> v3.1.0<br>> ><br>> > upgrade-database on exact copy of working v3.0.16 db:<br>> ><br>> > Revision 510.<br>> > mki@ubuntu:/var/www/cqp-web-beta/bin$ sudo php upgrade-database.php Database version is now at < 3.1.0. Database will now be upgraded to 3.1.0...<br>> > A mySQL query did not run successfully!<br>> ><br>> > Original query:<br>> ><br>> > alter table system_messages alter column fromto set default NULL<br>> ><br>> > Error # 1067: Invalid default value for 'fromto'<br>> ><br>> > **************<br>> > DESCRIBE - BEFORE SCRIPT:<br>> ><br>> > mysql> describe cqpwbeta.system_messages;<br>> > +------------+--------------+------+-----+-------------------+-----------------------------+<br>> > | Field | Type | Null | Key | Default | Extra |<br>> > +------------+--------------+------+-----+-------------------+-----------------------------+<br>> > | message_id | varchar(150) | NO | PRI | NULL | | timestamp | timestamp<br>> > | | NO | | CURRENT_TIMESTAMP | on update CURRENT_TIMESTAMP | header |<br>> > | varchar(150) | NO | | | | content | text | NO | | NULL | | fromto |<br>> > | varchar(150) | NO | | | |<br>> > +------------+--------------+------+-----+-------------------+-----------------------------+<br>> > 5 rows in set (0.00 sec)<br>> ><br>> ><br>> ><br>> > ----------------------------------------<br>> >> From: a.hardie@lancaster.ac.uk<br>> >> To: cwb@sslmit.unibo.it; m.killer@outlook.com<br>> >> Date: Tue, 21 Jan 2014 10:17:22 +0000<br>> >> Subject: Re: [CWB] CQPweb: v 3.1.0 now usable, I think<br>> >><br>> >> (For the benfit of the peanut gallery: Markus sent me the "describe.... off list, and it had this line:<br>> >><br>> >> | dbname | varchar(200) | NO | PRI | NULL | |<br>> >><br>> >> )<br>> >><br>> >> So again, it's a case of rollback being needed so the script can run again.<br>> >><br>> >> The next bug is a phasing issue, it looks as if some of the DB changes which I put in there for 3.0.16 are not in the right place, they should have been assigned to 3.0.15. Commit 510 has all of those that I can find fixed.<br>> >><br>> >> best<br>> >><br>> >> Andrew.<br>> > _______________________________________________<br>> > CWB mailing list<br>> > CWB@sslmit.unibo.it<br>> > http://devel.sslmit.unibo.it/mailman/listinfo/cwb<br>> > _______________________________________________<br>> > CWB mailing list<br>> > CWB@sslmit.unibo.it<br>> > http://devel.sslmit.unibo.it/mailman/listinfo/cwb                                            <br>> _______________________________________________<br>> CWB mailing list<br>> CWB@sslmit.unibo.it<br>> http://devel.sslmit.unibo.it/mailman/listinfo/cwb<br>> _______________________________________________<br>> CWB mailing list<br>> CWB@sslmit.unibo.it<br>> http://devel.sslmit.unibo.it/mailman/listinfo/cwb<br></div></div>
</div>
                                           </div></div><style><!--
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:Calibri;
}
--></style>                                            </div></body>
</html>