geeking in .php

I was awake until gone 4 this morning, trying to crack an apparent permissions problem on a MySQL database.

The database runs a content management system (indexing/categorising/tracking metadata/grouping and, of course, reporting.

It was brought to my attention at about 7pm last night that the content management system wasn’t letting registered users (or administrators) add new content/update metadata.

This is something of a problem, for a content management system.

Obv.

I logged on to the database as senior user and experienced the problem first hand.

My first thought was that the permissions had somehow become unstuck, and the user hierarchy had assumed a permission value of ‘null’.

I checked the user permissions in the admin panel and they were all as they should have been.

I flipped in to the database and looked at things from there, and saw nowt wrong there either.

Hmm. Puzzling.

I then spent several hours running through logical, systematic checks (eg: creating a new user, assigning standard permissions to a section, validating those permissions with the database, writing to the database from the backend with those permissions – etc, etc, etc – up and down the structural, content and permissions-based hierarchies.

I spent several hours achieving some things and not others.

By 4.15am I was too tired to think straight, but switching off the light didn’t help; I couldn’t sleep for ages.

I woke at 9am and had an idea.

What if the .php front-end was somehow fudging the permissions? Concealing functionality? Somehow?

Unlikely, but I was running out of places to look.

I checked the read/write permissions on all of the trigger .php files.

Nope, nothing off-key to be found.

And then I had another thought.

What if it was the design template?

Supposing that there was a not-permissions problem, a something else kind of a problem with the design?

Something missing? Something garbled/corrupted? Something somewhere, that was occluding (word?) a fundamental line (or block) of executable code?

I am not a design expert.

I don’t do flashy front ends and high quality UX audits. I understand function point analysis, yes. I understand integration/interfaces, yes. To a (limited) degree I understand databases of various flavours.

But I’m not a front end developer.

And the person who did the front end development on this application has long since vanished back to Sydney.

I surrounded myself with the few debugging tools I have, gave myself two hours to unpick the front end code, looking for a bug, or a garble, or a thing that didn’t make any sense.

At just under an hour I thought I was on the track of it.

At an hour and ten minutes I knew I had the problem in my sights.

I changed some syntax in a section of triggers, got out of bed, showered, brushed my teeth, got dressed and took the bike out for a ride.

When I got back, a couple of hours later, I had lungfuls a plenty of fresh air, and a clear head.

I went straight back to the area I had been working, completed the tidying up, applied the new code and blow me down, it only went and worked.

Registered users now have read/write access to the appropriate areas of the system (as designated by their admin settings).

And I tidied up a very minor presentational thing that has been annoying me ever since I started looking after the product.

What caused it?

What was the terrible event that triggered this near-apocalyptic devastation?

In a nutshell, I upgraded the database.

It was a legacy product which I had just dragged up to MySQL 5.x (MySQL 5.6.15) from an unstable MySQL 4.1 – and what’s that, something like nine years old?

The front end developer had hard-coded certain (but unnecessary) database calls in to the front end .php.

Upgrading the database (a thing I did on Boxing Day), disconnected the hard-coding and the system had a paddy.

It was that simple.

Yes, very easy to believe that the problem was permission-based. But actually it was a disconnect in the front end that was producing symptoms of a permission-based failure.

I got there.

A more highly-skilled front end wiz would probably have got there much quicker than I did.

But I’m not a front end specialist.

I’m just a geek who does stuff here and there.

Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *