FUDforum: FUDforum 3.0+ » Handling of Private messages.

Home » FUDforum Development » FUDforum 3.0+ » Handling of Private messages.

Show: Today's Messages :: Polls :: Message Navigator

Handling of Private messages. [message #28712]

Sun, 06 November 2005 15:42

defa

Messages: 14
Registered: July 2005

Karma: 0

Junior Member

Hi!

I looked a little closer at the handling of private messages and I was really stunned when I found out, that the message bodies are stored in _one single_ file.

I don't know why it is done this way, but I can't see any advantages of that solution.

In my eyes the disadvantages are huge:

- Performance: Using single files is slow - there are good reasons why modern mailserver use Maildirs instead of Mailboxes.

- Data: storing the messages heads in the DB and the body in one single file is absolutely nonsens from the data-theoretical point of view. Because (as happend to me) if you desynchronize the DB from the file by accident really dumb things start to happen, like people getting PM's they weren't supposed to get. etc. - in my eyes the header and the body have an 1:1 relation - so why not store the body in the DB?

- Security: When users delete their PM's (which also can contain confidential information) the body remains in the private file until a lazy admin tries to compress the data, if the lazy admin uses safemode the private file will be destroyed trying this. - But there is an other draw back - if someone gets webserver rights in some way (which is not unlikely if you use PHP and some vhosts) he'll find a neat little archive of all personal messages (even deleted ones). From the users point of view this is really a mess - because the user has no posibility to remove the PM-Body from the server.

Well, I'd suggest to store the PM's in the DB in upcomming versions - it's easy to implement and (in my opinion) has only advantages compared with the actual solution.

bye
defa

[Updated on: Sun, 06 November 2005 22:32]

Report message to a moderator

Re: Handling of Private messages. [message #28803 is a reply to message #28712]

Fri, 11 November 2005 15:11

Ilia

Messages: 13241
Registered: January 2002

Karma: 0

Senior Member
Administrator
Core Developer

Storing messages in the database is actually slower and far more in effecient this has been benchmarked many times. It also restricts maximum message length to no more then 65k.

This issue has been covered many times, search the archives for answers and reasons.

P.S.

Fudforum is safemode safe, this option won't cause a problem.

FUDforum Core Developer

Report message to a moderator

Re: Handling of Private messages. [message #28850 is a reply to message #28803]

Sun, 13 November 2005 11:21

defa

Messages: 14
Registered: July 2005

Karma: 0

Junior Member

O.K. Sorry for that safemode thing - really seems to work in the current stable.

Well, my main critic wasn't the storing of private messages in files. My critic is, that they are stored in one single file.

As I allready told the behaviour of fudForum if a user deletes a message absolutely dissatisfying. In my eyes a delete operation should cause the vanish of the whole message from the server.

This operation is actually very difficult, because the header and the body of the message are stored in two different locations. Well, that would be no problem if the body-files would be in an atomic form - i.e. private/<message_id>.msg

But at the moment the are stored in that one file an is not transparent as it should be how fudForum finds out at which line the message starts and where it stops.

Even worse, it causes fudForum to display messages to users who aren't the real reciepients, if the private file is corrupted in some way.

I don't want to troll arround here or blame you Ilja, but I see a lot of problems in the current implementation of private message handling regarding security of the forum and privacy of the users. This could be easily avoided by storing the messages in a clean way and implementing a clean 1 to 1 corealtion. Ask anyone who has to do with databases an handling of large data amounts an he will tell you that this is the only way for a clean implementation.

regards
defa

Report message to a moderator

Re: Handling of Private messages. [message #28853 is a reply to message #28850]

Sun, 13 November 2005 16:38

Ilia

Messages: 13241
Registered: January 2002

Karma: 0

Senior Member
Administrator
Core Developer

One file is very effecient, had 1 file per message been used access to the data would've been much slower, especially when there is a large number of private messages around.

Message file corruption is virtually impossible under normal operation, claims to the contrary are just that, similar to your safe_mode claim.

FUDforum Core Developer

Report message to a moderator

Re: Handling of Private messages. [message #28896 is a reply to message #28853]

Wed, 16 November 2005 16:16

defa

Messages: 14
Registered: July 2005

Karma: 0

Junior Member

Ilia wrote on Sun, 13 November 2005 11:38

Message file corruption is virtually impossible under normal operation, claims to the contrary are just that, similar to your safe_mode claim.

Wrong - if two users try to write a huge messages (like the 65k you mentioned) the slower user gets an error message and the file will be corrupted.

bye
defa

Report message to a moderator

Re: Handling of Private messages. [message #28897 is a reply to message #28896]

Wed, 16 November 2005 19:31

Ilia

Messages: 13241
Registered: January 2002

Karma: 0

Senior Member
Administrator
Core Developer

Wrong, because locks are used to prevent two simultaneous writes...

FUDforum Core Developer

Report message to a moderator

Previous Topic:	New links to topics in 2.7.3?
Next Topic:	What distinguishes FUDforum from other php forums?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Thu Nov 21 23:44:04 GMT 2024

Total time taken to generate the page: 0.01954 seconds