Jump to content

Click Here!

Author names replaced by 123123


Thundercloud

Recommended Posts

It seems that all author names has been replaced by 123123 in the database so you can’t longer search for author names or tell what author who wrote a particular story.

Sounds like a database update that went horribly wrong...do you have backup you can read back to restore the missing information?

Link to comment
Share on other sites

Dear gods. I was able to go to my own control panel, and update my pen name back to the correct one. The correction seems to be holding even after a page refresh. Unfortunately, that’s not going to work for inactive members if they’re not around to correct their pen names. Hopefully @DemonGoddess and @manta2g can fix this in the database.

Link to comment
Share on other sites

25 minutes ago, BronxWench said:

Hi, @BronxWench.

Thanks for the quick reply.  It looked like it would do that when I first logged in to the account this morning, but I didn’t try it myself since I know just enough about the DBA trade to not ‘idly’ plug values into a database I know nothing about.

If that ends up being ‘the fix,’ than I’m good, and only a few keystrokes away from contentment.  I’ll wait for instructions anyway though.  It’s not like my reader(hopefully s) won’t be able to find my work.  And since @Desiderius Price’s readers enjoy reading about how Jeffery gets tormented and orgasm’ed even more than he enjoys writing about poor Jeffery’s torments, all is still ‘more or less’ right in the world.

Thanks again for the quick response.

 

Dear gods. I was able to go to my own control panel, and update my pen name back to the correct one. The correction seems to be holding even after a page refresh. Unfortunately, that’s not going to work for inactive members if they’re not around to correct their pen names. Hopefully @DemonGoddess and @manta2g can fix this in the database.

 

Link to comment
Share on other sites

33 minutes ago, BronxWench said:

Dear gods. I was able to go to my own control panel, and update my pen name back to the correct one. The correction seems to be holding even after a page refresh. Unfortunately, that’s not going to work for inactive members if they’re not around to correct their pen names. Hopefully @DemonGoddess and @manta2g can fix this in the database.

Fixed mine, but yeah, if you log out, log back in, then it’ll hold (barring it happening again).

Link to comment
Share on other sites

Hi, All.

@Desiderius Price’s ‘temporary fix’ is double-confirmed by me.  I refreshed the Original Writing page, and his name came up instead of the numbers.  I logged in, changed my user name back to what it is from the numbers, and logged back out.  When I logged in again, it was as it should be, and when I refreshed the Original Writing page, both Price’s user name and mine were correctly displayed.  Since the value was the same for every user, I’m guessing that it is a benign placeholder for an invalid field rather than an opening for ‘major mischief’ for the database itself.  But it is a problem just the same. so good luck in figuring it out

Thanks again for all the thankless work in keeping the site running.

Link to comment
Share on other sites

My concern is that this might be a benign placeholder, but database access is supposed to be strictly limited. I certainly can’t access the database to run any sort of global changes myself, although I suspect I could change pen names on a case by case basis, IF I knew the correct pen name and user ID number. But as @Desiderius Price  points out, that would be tedious indeed.

Link to comment
Share on other sites

1 minute ago, Desiderius Price said:

It would’ve happened some time between 2:36PM EDT and when Thundercloud first reported it.  I can speculate, but that’s not helpful here.  Hopefully it’s a simple script with a database backup that can fix it, otherwise it’ll be tedious.

Hi, all.

It started happening around or shortly before 11:45 EDT today.  When I caught it, some pen names were still right, while others had the ‘123123” value instead.  Or, it happened earlier, and there were just that many people who had already ‘fixed’ their accounts.  But it didn’t look like that.

And, @BronxWench, I’ll leave it up to the people who it’s actually up to, to diagnose and fix it.  I know that whoever is suppose to actually do stuff like that, that it isn’t me.

Thanks again, all.

Link to comment
Share on other sites

1 hour ago, Wilde_Guess said:

Hi, all.

It started happening around or shortly before 11:45 EDT today.  When I caught it, some pen names were still right, while others had the ‘123123” value instead.  Or, it happened earlier, and there were just that many people who had already ‘fixed’ their accounts.  But it didn’t look like that.

And, @BronxWench, I’ll leave it up to the people who it’s actually up to, to diagnose and fix it.  I know that whoever is suppose to actually do stuff like that, that it isn’t me.

Thanks again, all.

I habitually record my dragon prints, at least daily, so that’s where my 2:36PM EDT estimate came from (& the fact I had to hit refresh after thundercloud’s post to see the issue)… maybe it took time to sweep through the databases?  (IIRC, there’s multiple databases.)

Link to comment
Share on other sites

3 hours ago, DemonGoddess said:

Yes, i can restore pen names from a back up.  However, I am working a series of splits, so don’t have a whole lot of time at the moment.

Great you have back up you can use to fix the problem.

As a fellow systemdeveloper...unless some of crew know they made the wrong SQL and are responsible for the problem I suggest this might be a good time to verify that you have a full set of backups that is independent from normal backups and preferably off line. If somebody tried to hack AFF, and caused the problem to happen through an exploit, there might we worse data loss that could happen.

Additionally, no matter if this really was an failed attack I would suggest that using a supported version of PHP is really important. I don’t know what PHP version is used here, but  many sites uses outdated PHP with many security holes. Checking OWASP Cheat sheet for PHP is also a really good idea because there are lots of things in PHP that available by default but not always needed. Getting rid things that are not needed increases the security a lot.

Link to comment
Share on other sites

Pen names restored, took a few hours since there are a ton of members. if they aren’t current feel free to edit them.
The attack didn’t get far, only managing to change pen names, user sensitive data is all encrypted so don’t have to worry about it..

Link to comment
Share on other sites

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...