Frank talks about Storing Passwords in MySQL. He does, however, miss something that’s really, really important. I’m talking about the salting of passwords.

If I want to find out what  5d41402abc4b2a76b9719d911017c592 or 015f28b9df1bdd36427dd976fb73b29d MD5s mean, the first thing I’m going to try is a dictionary attack (especially if i’ve seen a table with only user and password columns). Guess what? A list of words and their MD5SUMS can be used to very quickly find what these hashes represent.

I’ll probably have this dictionary in a MySQL database with an index as well. Try it yourself - you’ll probably find a dictionary with the words “hello” and “fire” in it to help. In fact, do this:

mysql> create table words (word varchar(100));
Query OK, 0 rows …

I recently discovered that I’d made a huge blunder in the Partitioning Limitations section of the MySQL 5.1 Manual. I’d had the idea that unique keys don’t effect your choice of partitioning columns unless there’s no primary key.

My latest revision of the documentation for this limitation isn’t much better.

Then, as I was sitting here just now trying to persuade my daughter that she really ought to have something for lunch besides marshmallows, it came to me.

It’s very simple, really.

For any user-partitioned table in MySQL 5.1:

1. If a table has any unique keys, then all columns used in the partitioning expression must also be part of any and all of these keys.
2. By definition, a primary key is a unique key.
3. If the table has no unique keys, then you don’t have to worry …

conference, database, foss, free conference, mysql, mysqlcamp open source

On Wednesday night, I did some consulting, and it ended up taking twice as long as I thought it would. So I am rewarding myself by going to MySQLCamp!

Speaking of which, I updated the home page, adding explicitly that registration is free, and a section on …

So, a while back, I did some tests with the mysql, mysqli and PDO extensions. In those tests, I found PDO to be much slower for selects than mysql and mysqli. Half as slow in fact. Santos mentioned these tests in a post about SDO. Wez has pointed out that the mysql API does not use the query cache when using prepared statements. Apparently, under the covers, PDO uses prepared statements for all queries. At least that is what I am taking from this. My tests showed the same speed whether I used the PDO prepared syntax or not.

So, I decided to try Wez’s trick of emulating prepared statements to see how PDO did. The results were interesting. Not sure if these are the “fair comparisons” that Wez wants to see, but I …

I had need to goto the Wikipedia this morning to review the terminology of something, and on the front page in Today’s featured article is Mercury. Being a tad curious given I’d heard only on the radio a few hours ago that Pluto was no longer a planet in our Solar System, I drilled down to the bottom to check references to other planets (quicker then searching). So at the bottom I found the following graphic and details of The Solar System Summary.

Well blow me down, they didn’t waste any time there. Pluto is no longer a planet in our Solar System. It is now categorised as a …

Helvécio Borges, EAC Software CEO, was awarded by Assespro Brazil as "Personalidade Assespro 30 Anos" in recognition of his efforts to explain and disseminate open source software in Brazil.

Oh, yes. Now, I'm not a huge Slashdot fan in general. Not because there aren't quality news items, reviews, and other geek stuff on there. In fact, there is. I just grew tired a long time ago of having to scroll through page after page of troll comments in order to find any comments of value. In other words, frustrating=5 (if you've never used Slashdot, you won't understand that joke...)

However, today, I had reason to be pleased with Slashdot (a MySQL-run site BTW!), because a review of Mike Kruckenberg and my book, Pro MySQL hit the book review list. Now, granted, it is over a full year since we published the book, but hey, who's paying …

Guy Kawasaki interviews Marten Mickos, CEO of MySQL

Had a lovely conversation this afternoon with Leslie Hawthorn, the Googler who has been instrumental in helping with the ongoing sponsorship and logistics of the upcoming MySQL unconference. We went over the details of the Google location to be used as the venue for the event. It just so happens that I am already familiar with the exact area involved, as the team of six or so MySQLers that went to Google in April to give some sessions actually toured through the same location and ate at the same cafeteria that MySQL camp will be housed next to.

I will be adding all of this information to the camp wiki later tonight or tomorrow, but I wanted to blog about the event details here to cast a bit of a wider net. There are currently 13 participants signed up to attend the event, but that does not include a number of MySQLers that I believe will be coming down for the event. It also does not include …

I spend some time on this last night to figure it out with MySQL Cluster NDB API.. Actually, I had to ask my dear colleagues for help. Pekka gave a tip, I added some weird logic: bingo!

Actually, nothing special, but here is the silly code inserting a record into a table with a BLOB field. The oper->equal("id",4) line and the order of things are important. Note: it is missing lots of stuff, like checking for errors!

Enjoy! I might blog more of those silly things later on. Hopefully it makes the manual. Jon, this one is or you!

void blob_insert(Ndb *ndb)
{
         const NdbDictionary::Dictionary* dict = ndb->getDictionary();
         const NdbDictionary::Table *table = dict->getTable("blobby");

         NdbTransaction *trans = ndb->startTransaction();
         NdbOperation *oper = trans->getNdbOperation(table);

         // The data we inserting in the blob field
         char …