More tags »
Not logged in
Error On devzone.zend.com
on Wednesday, 14 February 2007, 13:20
Views: 6064, comments: 3
While surfing around Zend's Devzone, a database error popped up...
Zend's Devzone (devzone.zend.com) became unoperational as of Feb 14, 2007, 13:15 GMT. The cause of the error was MySQL server issue, and this is something I should not have discovered. The page(s) are looking now like:
Warning: mysqli::mysqli() [function.mysqli-mysqli]: (00000/1040): Too many connections in /home/www/devzone.zend.com-2007-01-31-SearchImprovements/dzlib/Zend/Db/Adapter/Mysqli.php on line 237
Warning: mysqli::query() [function.mysqli-query]: Couldn't fetch mysqli in /home/www/devzone.zend.com-2007-01-31-SearchImprovements/dzlib/Zend/Db/Adapter/Mysqli.php on line 122
Warning: Zend_Db_Adapter_Mysqli::query() [function.Zend-Db-Adapter-Mysqli-query]: Couldn't fetch mysqli in /home/www/devzone.zend.com-2007-01-31-SearchImprovements/dzlib/Zend/Db/Adapter/Mysqli.php on line 123
Fatal error: Call to a member function fetch_assoc() on a non-object in /home/www/devzone.zend.com-2007-01-31-SearchImprovements/dzlib/Zend/Db/Adapter/Mysqli.php on line 130
This in particular raises following questions:
1. Why does Zend use Zend_Db_Adapter_Mysqli which has 8 unresolved issues?
2. Why don't they use exceptions?
3. How come such critical errors are not handled by the site code and displayed to users?
Of course, this should not be worth mentioning, but... This didn't happen somewhere, but on the Zend's site. Which questions the reliability of their code in general and PHP5/Zend Framework in particular. The slow acceptance of PHP5 surely will not benefit from such situations.
Anyone to email Zend about this? Don't think I am able to find any contact email on www.zend.com...
PHP5 More Secure than PHP4
Clickable, Obfuscated Email Addresses
on Wednesday, 14 February 2007, 13:59
As of Feb 14, 2007, 13:55 GMT the site is working again after a more than 40 minute break
on Friday, 23 February 2007, 16:29
Haha. Funny one. Looks like they didn't even read the most basic PHP security introductions like e.g. Shiflett's and are completely unfamiliar with error handling :D
Note: Comments to this article are premoderated. They won't be immediately published.
on Friday, 02 March 2007, 21:30
To answer your three questions as best as I can:
1: We use a customized version of the Zend_Db_Adapter_Mysqli to meet our specific needs.As soon as PDO can meet our needs, I'll gladly switch back.
2: That's a better question than your first one. DevZone was originally written against Zend Framework pre-0.1.0. There are a lot of things that need to be cleaned up and as we make improvements to the site we clean them up. In many places DevZone does use exceptions but in this particular area we don't yet. We will get that updated as soon as possible.
3: This one is closely related to the second one. Much of the code in DevZone was written against an old version of ZF. (even though we currently run on ZF 0.7) Again, as we move through the code modifying it and adding features we are addressing these issues. As we pointed out today in our Security Tip of the day, display_errors should always be set to off in production environments. I'm not sure how ours got changed but I've made sure it's turned back off. :)
I'm glad I could brighten your day a bit with a laugh. :) I do of course disagree with your assessment that this in some way brings into the question the reliability of the Zend Framework. It's obvious from the errors displayed that the problems are with DevZone's code and not with the framework. (and I will take full responsibility for the DevZone code) It's really not a fair conclusion to draw.
Nobody needed to email us about these issues. As with any production system, we have monitors in place and as things go awry, we start working on it. (This one was a particularly nasty hardware related issue) However, don't ever hesitate to contact me at cal at zend dot com should you need something. Consider me your contact at Zend if you can't find anyone else. :)
Have a great weekend.
Only comments that are related to this article will be published.