Fixed out-of-range column lognum in the table api_user
#3480
Conversation
app/code/core/Mage/Api/sql/api_setup/mysql4-upgrade-1.6.0.2-1.6.0.3.php
Outdated
Show resolved
Hide resolved
…6.0.3.php Co-authored-by: Fabrizio Balliano <fabrizio.balliano@gmail.com>
|
wow, more than 65.000 logins? |
Yes, not making this up, and probably has been out of range for ages. |
|
1 login/hour x 24h/day x 30d/month x 12m/year = 8640. In 10 years, if he does this, he can exceed a smallint. I reported to one hour because that's how long a session could last in general. If he logs out after 10 minutes and comes back in, then the number can increase. The observation is good because there can be several users on a single account. |
|
dunno, I think it's a bit overkill, I think that the original idea is to check if a user does too many logins in order to take actions, in that case a smallint is fine. anyway, not a big deal in any cases. |
|
I hoped to get some other opinion but ok, let's merge |
Changing the type of a column does not have major effects, maybe only on restoring the table indexes (I have not checked if this table has such a thing). I don't think more could be done in this PR. In order to take some actions against a user who logs too many times, you have to decide if it is a normal attempt or a fake one. If it fake the you can skip increasing to the number, but there were still chances to cross the maximum threshold of the value of the initial type. The probability of it happening is at least 1 in 10,000 stores. |
|
our api users (for Klaviyo and WMS) has maxed out after only a year or so. |
In this case the PR will be useful for them and others in this situation. |
Description (*)
The column
lognumwas typesmallint, which has a limit of 65,535.magento-lts/app/code/core/Mage/Api/sql/api_setup/install-1.6.0.0.php
Line 160 in 2a2a2fb
Production:
Questions or comments
I'm not sure what's the use of lognum, especially when it hits the limit, it's useless. Nonetheless, it needs fixing.