[Owncloud] Commiting Oracle support tomorrow, beware of SQL without escaped identifiers

Thomas Müller thomas.mueller at tmit.eu
Mon Aug 27 10:27:17 UTC 2012



Am Sonntag, dem 26.08.2012 um 15:27 schrieb Jörn Friedrich Dreyer:
> First of all I would like to apologize for pushing in code that touches
> every SQL query. That was not very professional development. I should
> have added the code in smaller chunks. First putting in place the
> libraries needed for oracle and then introduce the limit parameter. Up
> to this point nothing should have broken. Then I could have gradually
> escaped the identifiers in SQL queries app by app resulting in a much
> more understandable process. With the CI in place I would even have been
> notified via email when I broke a test.
> 

Currently the build status is reported on #owncloud-dev. I think for the community 
this is enough.
Another issue is that the build is broken for weeks because the coding style checker
still produced too much errors/warnings.
Let's try to find some time in Berlin in Oct to finalize the coding style guide and it's implementation.

> so +1 for more tests (working on it)
> 
> Furthermore, I'm really sorry I broke the new sharing SQL (fix just
> committed, all tests pass) and will look into mysql and psql tomorrow.
>
> That being said, I am eager to get a lot of users for owncloud by
> providing our customers with oracle support. Timing is an important
> thing here, and I wanted to test the implementation thoroughly, thats
> why I committed the code. My main activities will now go into creating
> automated tests for owncloud.
>

>From a business point of view: I agree (I'd say the same in your position ;-) )
But I put the community/FOSS had on: I don't need Oracle!
 
Take care,

Tom

> so long
> 
> Jörn
> 
> 
> On 26.08.2012 02:02, Thomas Müller wrote:
> > Hi,
> > 
> > due to the big impact Oracle has on the ownCloud code and the pretty high risk
> > to screw up the system (which is actually the case - git master is unusable).
> > 
> > I'd like to vote for a revert of the change in the current state of the release cycle.
> > Last week MTGap and members of the community started to test 4.5 especially
> > with the focus on the new sharing features. Putting another big change set on top
> > will actually kill all the testing effort.
> > 
> > I simply think the risk is to high to introduce bug which will give us headaches.
> > 
> > In addition to that I'd like to ask the community's opinion on ownCloud supporting 
> > Oracle database. My point of view is pretty clear - which is a non-business point of view:
> >     I don't need it - I don't want it - I don't want to maintain it!
> > 
> > As soon as some more elaborate database layer is in place (e.g. doctrine) and 
> > the impact of the database management systems on the code are minimal I don't 
> > care which databases are supported, but until that point let us stick with our 3 
> > databases for now - it's already a hell of testing!
> > 
> > 
> > Take care,
> > 
> > Tom aka DeepDiver
> > 
> > 
> > Am Freitag, dem 24.08.2012 um 19:31 schrieb Jörn Friedrich Dreyer:
> >> I am currently merging master into my personal stable4-oracle branch and
> >> will commit oracle support tomorrow. This will allow us to give the
> >> implementation a lot of testing before owncloud customers will be using
> >> it in production.
> >>
> >> On the bad side I had to make changes to ALL SQL statements.
> >> On the good side the changes are consistent and leave no room for
> >> exceptions:
> >> 1. Escape every identifier with backticks ('SELECT user' ... becomes
> >> 'SELECT `user`)
> >> 2. Move LIMIT & OFFSET SQL to a parameter for OC_DB::prepare()
> >> 3. Disable using PDO for oracle.
> >>
> >> Why:
> >> 1. In contrast to mysql, postgrasql and sqlite oracle uppercases
> >> unescaped identifiers. This leads to a ton of nameclashes with 'user',
> >> 'uid', 'gid' and others, so escaping them is the right way.
> >> 2. oracle does not know limit and offset, which is why mdb2 also
> >> provides limit and offset parameters to add the necessary SQL or a
> >> workaround for oracle.
> >> 3. PDO for oracle is unstable and in general a PITA to set up.
> >>
> >> If you want to help testing with oracle suport, there is an express
> >> version free of charge limited to 18GB of data and one CPU:
> >> http://www.oracle.com/technetwork/products/express-edition/downloads/index.html
> >>
> >> +1 for introducing doctrine
> >>
> >> so long
> >>
> >> Jörn
> >>
> >> -- 
> >> Jörn Friedrich Dreyer (jfd at owncloud.com)
> >> Software Developer
> >> ownCloud GmbH
> >>
> >> Your Data, Your Cloud, Your Way!
> >>
> >> ownCloud GmbH, GF: Markus Rex, Holger Dyroff
> >> Schloßäckerstrasse 26a, 90443 Nürnberg, HRB 28050 (AG Nürnberg)
> >> _______________________________________________
> >> Owncloud mailing list
> >> Owncloud at kde.org
> >> https://mail.kde.org/mailman/listinfo/owncloud
> 
> 
> -- 
> Jörn Friedrich Dreyer (jfd at owncloud.com)
> Software Developer
> ownCloud GmbH
> 
> Your Data, Your Cloud, Your Way!
> 
> ownCloud GmbH, GF: Markus Rex, Holger Dyroff
> Schloßäckerstrasse 26a, 90443 Nürnberg, HRB 28050 (AG Nürnberg)



More information about the Owncloud mailing list