I'm currently writing my Main Assignment on my last semester at my study (IT-Engineering with Networking) and currently working with MySQL.
My question is: Is it possible to execute a Shell script/Command from within a MySQL Trigger/Procedure? Or can it be done from a CASE statement?
I've been searching around the internet and read that it's inadvisable to do it.
But I need a script to check a table in a database for alerts and then warn people if there is any.
If there is anyway else this could be done, then I'm open for ideas.
Any input will be appreciated :)
You can read this blog for triggering a shell script from MySQL:
https://patternbuffer.wordpress.com/2012/09/14/triggering-shell-script-from-mysql/. To summarize, two options are presented:
Polling. To improve performance, a trigger could record the change in another table which you poll instead.
MySQL UDF. Write your own plugin, and beware of security implications!
I think for your requirement just write a python/php/perl script which will connect your MySQL DB and query the alert table for any alert and accordingly show warning message on the screen or send email/sms warning.
Related
I'm learning SQL / MySQL using WAMPSERVER and the MySql extension for vsCode, so that I can write, comment and keep the code in the vsCode editor, instead of sending volatile queries with the command line.
This morning I created a database by right-clicking a database / New Query:
After creating it this way, I was able to create code that I run without having to write USE DBaseName before the selected lines, as in the selected three lines you can see below:
Yet, after restarting my laptop at home, the same code will not run. It returns the usual
undefined
Error: ER_NO_DB_ERROR: No database selected
unless I write the USE statement, as in the last group (4 lines) of code. So I have to write that every time I want to try a query...
Why did it work this morning and not now? How can one run queries without having to constantly write USE DBaseName?
(links to explanations to further understand the underlying mechanism are also very welcome...)
EDIT: posting image of server in vsCode to answer comment:
I'm using a local server (pic below) which hasn't changed since this morning...
I'm currently writing my Main Assignment on my last semester at my study (IT-Engineering with Networking) and currently working with MySQL.
My question is: Is it possible to execute a Shell script/Command from within a MySQL Trigger/Procedure? Or can it be done from a CASE statement?
I've been searching around the internet and read that it's inadvisable to do it.
But I need a script to check a table in a database for alerts and then warn people if there is any.
If there is anyway else this could be done, then I'm open for ideas.
Any input will be appreciated :)
You can read this blog for triggering a shell script from MySQL:
https://patternbuffer.wordpress.com/2012/09/14/triggering-shell-script-from-mysql/. To summarize, two options are presented:
Polling. To improve performance, a trigger could record the change in another table which you poll instead.
MySQL UDF. Write your own plugin, and beware of security implications!
I think for your requirement just write a python/php/perl script which will connect your MySQL DB and query the alert table for any alert and accordingly show warning message on the screen or send email/sms warning.
I am quite new to NodeJS but I've written a few apps (like a chat, real time page updater etc) And I've used mysql to read from my database and emit() information to my webpage, but how can I have nodeJS watch a database table and emit() whenever a row is added?
I have no idea where to start and google didn't produce much results. However there must be an include I can require() that will watch the database in someway.
The answer really isn't a nodejs question, but a mysql question. If mysql itself can tell you ( via an event or log ) that a row was added, nodejs could read and consume that data. Unfortunately, that doesn't seem to be possible, based on this answer. The answer suggests that the only thing you can do with mysql is to poll for new rows.
IF you're in control of inserting the data rows from nodejs itself, there shouldn't be any problem emitting those events after you get the confirmation it wrote, but I do not have enough information on your project to know what constraints you have.
UPDATE: Nice little npm package https://www.npmjs.com/package/live-sql seems to solve your problem I hope
I've just readl the Database Code Completion while working in PHP on your web support. So I've configured the database, I can complete the queries with ctrl+enter but I can't run query on console. I send you some pictures to explain the problem.
I've the database configured, so I can check the tables and all the dates, and run queries directly at the console, but can't send from php the query.
Thanks for all, Manu.
You need to connect to the DB before you run any queries on it (example in MySQL here: http://www.w3schools.com/php/php_mysql_connect.asp, don't forget to close it when you don't need it anymore. )
The result is not plain text, you need to go through it in a loop (example including the connection here: http://www.w3schools.com/php/php_mysql_select.asp ).
I know what I'm looking for is probably a security hole, but since I managed to do it in Oracle and SQL Server, I'll give it a shot:
I'm looking for a way to execute a shell command from a SQL script on MySQL. It is possible to create and use a new stored procedure if necessary.
Notice: I'm not looking for the SYSTEM command which the mysql command line tool offers. Instead I'm looking for something like this:
BEGIN IF
COND1...
EXEC_OS cmd1; ELSE
EXEC_OS cmd2; END;
where EXEC_OS is the method to invocate my code.
This isn't so much an answer to the question as it is justification for this sort of functionality - hence negating those who would say "you should do something else" or "why would you want to".
I have a database which I am trying to keep strict rules on - I don't want orphans anywhere. Referential integrity checks help me with this on the table level, but I have to keep some of the data as files within the filesystem (this is a result from a direct order from my boss to not store any binary data in the database itself).
The obvious solution here is to have a trigger which fires on deletion of a record, which then automatically deletes the associated external file.
Now, I do realise that UDF's may provide a solution, but that seems like a lot of C/C++ work to simply delete a file. Surely the database permissions themselves would provide at least some security from would-be assailants.
Now, I do realise that I could write a shell script or some such which could delete the table record and then go and delete the related file, but again, that's outside the domain of the database itself. As an old instructor once told me "the rules of the business should be reflected in the rules of the database". As one can clearly see, I cannot enforce this using MySQL.
You might want to consider writing your scripts in a more featureful scripting language, like Perl, Python, PHP, or Ruby. All of these languages have libraries to run SQL queries.
There is no built-in method in the stored procedure language for running shell commands. This is considered a bad idea, not only because it's a security hole, but because any effects of shell commands do not obey transaction isolation or rollback, as do the effects of any SQL operations you do in the stored procedure:
START TRANSACTION;
CALL MyProcedure();
ROLLBACK;
If MyProcedure did anything like create or edit a file, or send an email, etc., those operations would not roll back.
I would recommend doing your SQL work in the stored procedure, and do other work in the application that calls the stored procedure.
see do_system() in http://www.databasesecurity.com/mysql/HackproofingMySQL.pdf
According to this post at the forums.mysql.com, the solution is to use the MySQL_Proxy.