As many of you know already, I’ve decided to leave Yahoo!. Today was my last day. I’ve had a great time at Yahoo! and worked with a bunch of brilliant people. I will miss you all!

Where am I headed? That’s actually a complicated question. I’ll be working part time at Pivot3, a mature startup that’s doing great things in the storage industry. Contact me if you’re interesting in cutting storage costs, getting some amazing management tools, and some awesome performance. I would love to tell you more! MySQL will absolutely rock on this platform.

Yes, I said part time. I have a startup of my own, Proven Scaling, providing advanced MySQL …

I have been knowing that Roland Bouman is about to join 
Carsten Pedersen's MySQL Certification team for quite a while, 
but now - as of 1st July - it's official and time to wish him all the best 
and much fun in his new job!

Also Frank Mash has recently moved to New York and started
a new job as MySQL DBA (I hope, I remember everything
correctly). Also my best wishes for him!

MySQL not only rocks as a database server, but also for great job
opportunities! And the best thing is - MySQL is …

A few weeks ago, I blogged about an adaptive firewall on my NetSec blog.

While casually checking through the access logs, I noticed that someone had tried to get admin passwords of my wiki site using SQL injection.

Here is the actual hacking attempt:

41.250.10.3 - - [28/Jun/2006:04:42:14 -0700] "GET /tiki-usermenu.php?find=&offset=[SELECT%20uid%20FROM%20admins%20WHERE%20login=''%20OR%20'a'='a'%20AND%20password=''%20OR%20'a'='a'] HTTP/1.1" 200 123 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4"

Someone from Africa (looking at the IP number), trying to get the list of admin accounts without passwords.

So, it occurred to me, that you could easily add a few more regexp triggers to an adaptive firewall, to catch SQL injection attacks, and thus either block …

A few weeks ago, I blogged about an adaptive firewall on my NetSec blog.

While casually checking through the access logs, I noticed that someone had tried to get admin passwords of my wiki site using SQL injection.

Here is the actual hacking attempt:

41.250.10.3 - - [28/Jun/2006:04:42:14 -0700] "GET /tiki-usermenu.php?find=&offset=[SELECT%20uid%20FROM%20admins%20WHERE%20login=''%20OR%20'a'='a'%20AND%20password=''%20OR%20'a'='a'] HTTP/1.1" 200 123 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4"

Someone from Africa (looking at the IP number), trying to get the list of admin accounts without passwords.

So, it occurred to me, that you could easily add a few more regexp triggers to an adaptive firewall, to catch SQL injection attacks, and thus either block …

A few weeks ago, I blogged about an adaptive firewall on my NetSec blog.

While casually checking through the access logs, I noticed that someone had tried to get admin passwords of my wiki site using SQL injection.

Here is the actual hacking attempt:

41.250.10.3 - - [28/Jun/2006:04:42:14 -0700] "GET /tiki-usermenu.php?find=&offset=[SELECT%20uid%20FROM%20admins%20WHERE%20login=''%20OR%20'a'='a'%20AND%20password=''%20OR%20'a'='a'] HTTP/1.1" 200 123 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4"

Someone from Africa (looking at the IP number), trying to get the list of admin accounts without passwords.

So, it occurred to me, that you could easily add a few more regexp triggers to an adaptive firewall, to catch SQL injection attacks, and thus either block …

A few weeks ago, I blogged about an adaptive firewall on my NetSec blog.

While casually checking through the access logs, I noticed that someone had tried to get admin passwords of my wiki site using SQL injection.

Here is the actual hacking attempt:

41.250.10.3 - - [28/Jun/2006:04:42:14 -0700] "GET /tiki-usermenu.php?find=&offset=[SELECT%20uid%20FROM%20admins%20WHERE%20login=''%20OR%20'a'='a'%20AND%20password=''%20OR%20'a'='a'] HTTP/1.1" 200 123 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4"

Someone from Africa (looking at the IP number), trying to get the list of admin accounts without passwords.

So, it occurred to me, that you could easily add a few more regexp triggers to an adaptive firewall, to catch SQL injection attacks, and thus either block …

In this first little lesson we will learn how to connect an NDBAPI program to connect to MySQL Cluster. Start a X node cluster with atleast two or three [API] or [MYSQLD] slots so that you can connect a mysql server and the example program.

Before running these examples, please read the documentation on the NDBAPI classes and methods that are used!

The first example program (listed below), ndbapi_connect.cpp illustrates how to connect to MySQL Cluster.

> cat ndbapi_connect.cpp

#include
#include

#include

using namespace std;

int main()
{
ndb_init();
/**
* define a connect string to the management server
*/
char * connectstring = "localhost";

/**
* Create a Ndb_cluster_connection object using the connectstring
*/
Ndb_cluster_connection * conn = new …

The first thing we have to do, before starting with any examples, is to setup our environment.

The linux kernel I am using is ( I am using Ubunto 6.06):
Linux stingray 2.6.15-25-386 #1 PREEMPT Wed Jun 14 11:25:49 UTC 2006 i686 GNU/Linux

The compiler I am using is ( g++ -v):
...
gcc version 4.0.3 (Ubuntu 4.0.3-1ubuntu5)

Another good thing to have is e.g. the NDBAPI documentation.
For this I will use MySQL 5.0.22, but the steps are the same for 5.1.X

1. Download the source distribution of MySQL 5.0.22
2. tar xvfz mysql-5.0.22.tar.gz
3. cd mysql-5.0.22
4. ./configure --with-ndbcluster --with-ndb-docs
5. cd ndb/docs (in 5.1.X it is 'storage/ndb/docs')
   
6. make

Now you have html documentation of the ndbapi, if you have got all the necessary things (like doxygen) installed to generate the …

One of our clients is working on a cool astrophysics project and wants to import large quantities of observations. Fortunately, the data is in a simple percent delimited format:

SEE%5%8
XYZ%6%8
ZZZ%7

The fields represent the time, the instrument, the type of observation (solar flare, brightness measurement), the co-ordinates and the result. There are two types of problem with this format. Firstly, data is not normalized - its just a flatfile. Secondly, many of the fields have a context which depends on other fields. Formats with these properties are quite common in the wild but how to handle them?

The following proof of concept code allows percent delimited data to be read directly by MySQL Server and splits one type of data to a separate table. This is achieved with a case statement in a MySQL Server 5.0 stored procedure, called from a trigger:

DELIMITER //

CREATE TABLE observation (
  id INT PRIMARY KEY …

It is often the case that web applications display a paginated resultset. The most familiar example is search engine results. However, the usefulness of the results is in providing both detail and distinctness. SELECT DISTINCT isn't sufficient in this case because collapsed rows cannot be distinguished. Furthermore, it would be advantageous to have a summarizing threshold.

For this reason, I've created an example query which summarizes strictly more than 30 rows. This query uses the world database to display continents and countries. The query summarizes continents with more than 30 countries. A flag is provided so that an application can identify and display the summarized rows differently:

(SELECT continent, NULL AS country, 1 AS more FROM country GROUP BY continent HAVING COUNT(continent)>30) UNION (SELECT c0.continent, c0.name, 0 AS more FROM country AS c0, (SELECT continent FROM country GROUP BY continent HAVING …