Author names replaced by 123123

[Thundercloud]

It seems that all author names has been replaced by 123123 in the database so you can’t longer search for author names or tell what author who wrote a particular story.

Sounds like a database update that went horribly wrong...do you have backup you can read back to restore the missing information?

[Wilde_Guess]

Hi, Thundercloud.

I sent a on-form PM to @DemonGoddess when this started happening just before Noon Eastern Time.  No reply yet, but I’m sure they’re working on it.

Thanks.

Edited March 16, 2022 by Wilde_Guess
fix type/name-tag

[Wilde_Guess]

Hi, all.

And now I’ve also tagged @BronxWench too, in case she needed to be told.  I’m sure they’re working on it, keeping in mind that none of the staff are paid full-time employees.

Thanks.

[BronxWench]

Dear gods. I was able to go to my own control panel, and update my pen name back to the correct one. The correction seems to be holding even after a page refresh. Unfortunately, that’s not going to work for inactive members if they’re not around to correct their pen names. Hopefully @DemonGoddess and @manta2g can fix this in the database.

[Wilde_Guess]

25 minutes ago, BronxWench said:

Hi, @BronxWench.

Thanks for the quick reply.  It looked like it would do that when I first logged in to the account this morning, but I didn’t try it myself since I know just enough about the DBA trade to not ‘idly’ plug values into a database I know nothing about.

If that ends up being ‘the fix,’ than I’m good, and only a few keystrokes away from contentment.  I’ll wait for instructions anyway though.  It’s not like my reader(hopefully s) won’t be able to find my work.  And since @Desiderius Price’s readers enjoy reading about how Jeffery gets tormented and orgasm’ed even more than he enjoys writing about poor Jeffery’s torments, all is still ‘more or less’ right in the world.

Thanks again for the quick response.

 

Dear gods. I was able to go to my own control panel, and update my pen name back to the correct one. The correction seems to be holding even after a page refresh. Unfortunately, that’s not going to work for inactive members if they’re not around to correct their pen names. Hopefully @DemonGoddess and @manta2g can fix this in the database.

 

[Desiderius Price]

33 minutes ago, BronxWench said:

Dear gods. I was able to go to my own control panel, and update my pen name back to the correct one. The correction seems to be holding even after a page refresh. Unfortunately, that’s not going to work for inactive members if they’re not around to correct their pen names. Hopefully @DemonGoddess and @manta2g can fix this in the database.

Fixed mine, but yeah, if you log out, log back in, then it’ll hold (barring it happening again).

[Wilde_Guess]

Hi, All.

@Desiderius Price’s ‘temporary fix’ is double-confirmed by me.  I refreshed the Original Writing page, and his name came up instead of the numbers.  I logged in, changed my user name back to what it is from the numbers, and logged back out.  When I logged in again, it was as it should be, and when I refreshed the Original Writing page, both Price’s user name and mine were correctly displayed.  Since the value was the same for every user, I’m guessing that it is a benign placeholder for an invalid field rather than an opening for ‘major mischief’ for the database itself.  But it is a problem just the same. so good luck in figuring it out

Thanks again for all the thankless work in keeping the site running.

[Desiderius Price]

It would’ve happened some time between 2:36PM EDT and when Thundercloud first reported it.  I can speculate, but that’s not helpful here.  Hopefully it’s a simple script with a database backup that can fix it, otherwise it’ll be tedious.

[BronxWench]

My concern is that this might be a benign placeholder, but database access is supposed to be strictly limited. I certainly can’t access the database to run any sort of global changes myself, although I suspect I could change pen names on a case by case basis, IF I knew the correct pen name and user ID number. But as @Desiderius Price  points out, that would be tedious indeed.

[Wilde_Guess]

1 minute ago, Desiderius Price said:

It would’ve happened some time between 2:36PM EDT and when Thundercloud first reported it.  I can speculate, but that’s not helpful here.  Hopefully it’s a simple script with a database backup that can fix it, otherwise it’ll be tedious.

Hi, all.

It started happening around or shortly before 11:45 EDT today.  When I caught it, some pen names were still right, while others had the ‘123123” value instead.  Or, it happened earlier, and there were just that many people who had already ‘fixed’ their accounts.  But it didn’t look like that.

And, @BronxWench, I’ll leave it up to the people who it’s actually up to, to diagnose and fix it.  I know that whoever is suppose to actually do stuff like that, that it isn’t me.

Thanks again, all.

[Desiderius Price]

1 hour ago, Wilde_Guess said:

Hi, all.

It started happening around or shortly before 11:45 EDT today.  When I caught it, some pen names were still right, while others had the ‘123123” value instead.  Or, it happened earlier, and there were just that many people who had already ‘fixed’ their accounts.  But it didn’t look like that.

And, @BronxWench, I’ll leave it up to the people who it’s actually up to, to diagnose and fix it.  I know that whoever is suppose to actually do stuff like that, that it isn’t me.

Thanks again, all.

I habitually record my dragon prints, at least daily, so that’s where my 2:36PM EDT estimate came from (& the fact I had to hit refresh after thundercloud’s post to see the issue)… maybe it took time to sweep through the databases?  (IIRC, there’s multiple databases.)

[BronxWench]

The author profiles are in one database. It’s the archival subdomains that are split into multiple databases.

[JamesRyderErotica]

Can confirm that this fix has worked for me as well even after a log out and dumping my browser history.

[DemonGoddess]

Yes, i can restore pen names from a back up.  However, I am working a series of splits, so don’t have a whole lot of time at the moment.

[Thundercloud]

3 hours ago, DemonGoddess said:

Yes, i can restore pen names from a back up.  However, I am working a series of splits, so don’t have a whole lot of time at the moment.

Great you have back up you can use to fix the problem.

As a fellow systemdeveloper...unless some of crew know they made the wrong SQL and are responsible for the problem I suggest this might be a good time to verify that you have a full set of backups that is independent from normal backups and preferably off line. If somebody tried to hack AFF, and caused the problem to happen through an exploit, there might we worse data loss that could happen.

Additionally, no matter if this really was an failed attack I would suggest that using a supported version of PHP is really important. I don’t know what PHP version is used here, but  many sites uses outdated PHP with many security holes. Checking OWASP Cheat sheet for PHP is also a really good idea because there are lots of things in PHP that available by default but not always needed. Getting rid things that are not needed increases the security a lot.

[DemonGoddess]

I’m aware of that, as is our coder.  i do believe it was a failed exploit, but, not sure yet.  Still digging into this.

[DemonGoddess]

manta is working on fixing the user names as we speak...

[manta2g]

Pen names restored, took a few hours since there are a ton of members. if they aren’t current feel free to edit them.
The attack didn’t get far, only managing to change pen names, user sensitive data is all encrypted so don’t have to worry about it..

[BronxWench]

Thank you, @manta2g!  

[DemonGoddess]

It’s actually as everyone was thinking, a benign place holder and easily fixed.  Kind of a carryover from the very old stuff.