onPHP5.com

PHP5: Articles, News, Tutorials, Interviews, Software and more
  
Featured Article:
Learning PHP Data Objects
 
 
Mon, 17 Dec 2018
 Home   About   Contribute   Contact Us   Polls 
Top Tags
ajax article codeigniter conference dom namespace news onphp5 oop php5 poll prado security solar sqlite symfony unicode zend core zend framework zend platform
More tags »

Not logged in
Login | Register

den_hotmail@fbzz

Error On devzone.zend.com

« Symfony 1.0 Released Zend Platform 3.0 Released »

By dennisp on Wednesday, 14 February 2007, 13:20
Published under: mysqli   security   zend
Views: 5634, comments: 3

While surfing around Zend's Devzone, a database error popped up...


Zend's Devzone (devzone.zend.com) became unoperational as of Feb 14, 2007, 13:15 GMT. The cause of the error was MySQL server issue, and this is something I should not have discovered. The page(s) are looking now like:

Warning: mysqli::mysqli() [function.mysqli-mysqli]: (00000/1040): Too many connections in /home/www/devzone.zend.com-2007-01-31-SearchImprovements/dzlib/Zend/Db/Adapter/Mysqli.php on line 237

Warning: mysqli::query() [function.mysqli-query]: Couldn't fetch mysqli in /home/www/devzone.zend.com-2007-01-31-SearchImprovements/dzlib/Zend/Db/Adapter/Mysqli.php on line 122

Warning: Zend_Db_Adapter_Mysqli::query() [function.Zend-Db-Adapter-Mysqli-query]: Couldn't fetch mysqli in /home/www/devzone.zend.com-2007-01-31-SearchImprovements/dzlib/Zend/Db/Adapter/Mysqli.php on line 123

Fatal error: Call to a member function fetch_assoc() on a non-object in /home/www/devzone.zend.com-2007-01-31-SearchImprovements/dzlib/Zend/Db/Adapter/Mysqli.php on line 130

This in particular raises following questions:
1. Why does Zend use Zend_Db_Adapter_Mysqli which has 8 unresolved issues?
2. Why don't they use exceptions?
3. How come such critical errors are not handled by the site code and displayed to users?

Of course, this should not be worth mentioning, but... This didn't happen somewhere, but on the Zend's site. Which questions the reliability of their code in general and PHP5/Zend Framework in particular. The slow acceptance of PHP5 surely will not benefit from such situations.

Anyone to email Zend about this? Don't think I am able to find any contact email on www.zend.com...

Related articles

PHP5 More Secure than PHP4
Clickable, Obfuscated Email Addresses

Comments

#1  By dennisp (editor) on Wednesday, 14 February 2007, 13:59
As of Feb 14, 2007, 13:55 GMT the site is working again after a more than 40 minute break


#2  By Anonymous on Friday, 23 February 2007, 16:29
Haha. Funny one. Looks like they didn't even read the most basic PHP security introductions like e.g. Shiflett's and are completely unfamiliar with error handling :D


#3  By Cal Evans on Friday, 02 March 2007, 21:30
Hi,

To answer your three questions as best as I can:

1: We use a customized version of the Zend_Db_Adapter_Mysqli to meet our specific needs.As soon as PDO can meet our needs, I'll gladly switch back.

2: That's a better question than your first one. DevZone was originally written against Zend Framework pre-0.1.0. There are a lot of things that need to be cleaned up and as we make improvements to the site we clean them up. In many places DevZone does use exceptions but in this particular area we don't yet. We will get that updated as soon as possible.

3: This one is closely related to the second one. Much of the code in DevZone was written against an old version of ZF. (even though we currently run on ZF 0.7) Again, as we move through the code modifying it and adding features we are addressing these issues. As we pointed out today in our Security Tip of the day, display_errors should always be set to off in production environments. I'm not sure how ours got changed but I've made sure it's turned back off. :)

I'm glad I could brighten your day a bit with a laugh. :) I do of course disagree with your assessment that this in some way brings into the question the reliability of the Zend Framework. It's obvious from the errors displayed that the problems are with DevZone's code and not with the framework. (and I will take full responsibility for the DevZone code) It's really not a fair conclusion to draw.

Nobody needed to email us about these issues. As with any production system, we have monitors in place and as things go awry, we start working on it. (This one was a particularly nasty hardware related issue) However, don't ever hesitate to contact me at cal at zend dot com should you need something. Consider me your contact at Zend if you can't find anyone else. :)

Have a great weekend.

=C=

Post your comment

Your name:

Comment:

Protection code:
 

Note: Comments to this article are premoderated. They won't be immediately published.
Only comments that are related to this article will be published.


© 2018 onPHP5.com