November 25, 2015 at 12:45 pm
Steve Jones - SSC Editor (11/25/2015)
The spam problem is tough. Believe me, no matter what we do, people will find ways around it. Much of the spam isn't a user clicking and posting like you. There are automated scripts that post, and avoid these forms. The least performance impact-ive way is to have a process that removes posts after they appear. Often posts are removed by the time you've reported a few.I am trying to get other changes, but I don't have the ability to force this.
I know what you mean on both sides of the coin. I hope you didn't take my comment as a jab because that is by no means the case. It is hard to buy in to a problem that others don't see as big of a challenge. Even more challenging when it requires several resources to fix.
I don't know how much control you have over the code since it is at least mostly a third party base which also adds some serious levels of complexity to the problem. One thing I have done in the past is set a session value and a hidden form value. Then when posting those values must match or the post is deemed invalid. Forcing this value to change at every login makes spoofing it pretty difficult to use external automation.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
November 25, 2015 at 1:20 pm
Steve Jones - SSC Editor (11/25/2015)
The spam problem is tough. Believe me, no matter what we do, people will find ways around it. Much of the spam isn't a user clicking and posting like you. There are automated scripts that post, and avoid these forms. The least performance impact-ive way is to have a process that removes posts after they appear. Often posts are removed by the time you've reported a few.I am trying to get other changes, but I don't have the ability to force this.
You could avoid a lot of spam if you blocked the spammers account when you remove the spam post(s).
For best practices on asking questions, please read the following article: Forum Etiquette: How to post data/code on a forum to get the best help[/url]
November 25, 2015 at 2:59 pm
Alvin Ramard (11/25/2015)
Steve Jones - SSC Editor (11/25/2015)
The spam problem is tough. Believe me, no matter what we do, people will find ways around it. Much of the spam isn't a user clicking and posting like you. There are automated scripts that post, and avoid these forms. The least performance impact-ive way is to have a process that removes posts after they appear. Often posts are removed by the time you've reported a few.I am trying to get other changes, but I don't have the ability to force this.
You could avoid a lot of spam if you blocked the spammers account when you remove the spam post(s).
we do this. However this doesn't always work. As I have noted in the past, there is probably some security hole that allows post to continue to be posted.
November 25, 2015 at 8:01 pm
Steve Jones - SSC Editor (11/25/2015)
Alvin Ramard (11/25/2015)
Steve Jones - SSC Editor (11/25/2015)
The spam problem is tough. Believe me, no matter what we do, people will find ways around it. Much of the spam isn't a user clicking and posting like you. There are automated scripts that post, and avoid these forms. The least performance impact-ive way is to have a process that removes posts after they appear. Often posts are removed by the time you've reported a few.I am trying to get other changes, but I don't have the ability to force this.
You could avoid a lot of spam if you blocked the spammers account when you remove the spam post(s).
we do this. However this doesn't always work. As I have noted in the past, there is probably some security hole that allows post to continue to be posted.
But you manage to block Celko effectively - although he can post, when he does the post doesn't actually appear anywhere because it doesn't exist (although if it was to a thread I'm subscribed to, I get the "new post" message). So why are you (not you individually, but the company) hammering JC harder than you hammer the spammer? I know JC's sometimes an offensive pain. but he's nowhere near as offensive or as painful as the typical spammer.
Tom
November 25, 2015 at 11:42 pm
Lynn Pettis (11/25/2015)
Help, I can't read and don't know how to attach a file... Sorry, some people are finding it easier to push my buttons today.
And if it's the thread I;m thinking about, the other two there are not making it any better.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
November 26, 2015 at 12:41 am
TomThomson (11/25/2015)
Steve Jones - SSC Editor (11/25/2015)
Alvin Ramard (11/25/2015)
Steve Jones - SSC Editor (11/25/2015)
The spam problem is tough. Believe me, no matter what we do, people will find ways around it. Much of the spam isn't a user clicking and posting like you. There are automated scripts that post, and avoid these forms. The least performance impact-ive way is to have a process that removes posts after they appear. Often posts are removed by the time you've reported a few.I am trying to get other changes, but I don't have the ability to force this.
You could avoid a lot of spam if you blocked the spammers account when you remove the spam post(s).
we do this. However this doesn't always work. As I have noted in the past, there is probably some security hole that allows post to continue to be posted.
But you manage to block Celko effectively - although he can post, when he does the post doesn't actually appear anywhere because it doesn't exist (although if it was to a thread I'm subscribed to, I get the "new post" message). So why are you (not you individually, but the company) hammering JC harder than you hammer the spammer? I know JC's sometimes an offensive pain. but he's nowhere near as offensive or as painful as the typical spammer.
I agree with this. But from Steve's message, the implication is that there is a 'back-door' somewhere, which allows spammers to post while avoiding validation checks. If true, this is a massive security hole and I'd assume that resources are being thrown at this.
The absence of evidence is not evidence of absence
- Martin Rees
The absence of consumable DDL, sample data and desired results is, however, evidence of the absence of my response
- Phil Parkin
November 26, 2015 at 5:28 am
Phil Parkin (11/26/2015)
TomThomson (11/25/2015)
Steve Jones - SSC Editor (11/25/2015)
Alvin Ramard (11/25/2015)
Steve Jones - SSC Editor (11/25/2015)
The spam problem is tough. Believe me, no matter what we do, people will find ways around it. Much of the spam isn't a user clicking and posting like you. There are automated scripts that post, and avoid these forms. The least performance impact-ive way is to have a process that removes posts after they appear. Often posts are removed by the time you've reported a few.I am trying to get other changes, but I don't have the ability to force this.
You could avoid a lot of spam if you blocked the spammers account when you remove the spam post(s).
we do this. However this doesn't always work. As I have noted in the past, there is probably some security hole that allows post to continue to be posted.
But you manage to block Celko effectively - although he can post, when he does the post doesn't actually appear anywhere because it doesn't exist (although if it was to a thread I'm subscribed to, I get the "new post" message). So why are you (not you individually, but the company) hammering JC harder than you hammer the spammer? I know JC's sometimes an offensive pain. but he's nowhere near as offensive or as painful as the typical spammer.
I agree with this. But from Steve's message, the implication is that there is a 'back-door' somewhere, which allows spammers to post while avoiding validation checks. If true, this is a massive security hole and I'd assume that resources are being thrown at this.
Possibly as simple as the sessions not being terminated when the user accounts are?
😎
November 27, 2015 at 3:47 am
A simple issue, but I'm not having much success.
Could somebody have a look at http://www.sqlservercentral.com/Forums/Topic1740538-391-1.aspx#bm1740579 please?
Either the driver they're using doesn't allow some the solution I'm suggesting, or they're doing something strange.
Or I'm just wrong.
Thanks.
November 27, 2015 at 4:09 am
BrainDonor (11/27/2015)
A simple issue, but I'm not having much success.Could somebody have a look at http://www.sqlservercentral.com/Forums/Topic1740538-391-1.aspx#bm1740579 please?
Either the driver they're using doesn't allow some the solution I'm suggesting, or they're doing something strange.
Or I'm just wrong.
Thanks.
They're using Informix.
The absence of evidence is not evidence of absence
- Martin Rees
The absence of consumable DDL, sample data and desired results is, however, evidence of the absence of my response
- Phil Parkin
November 27, 2015 at 5:04 am
BrainDonor (11/27/2015)
Phil Parkin (11/27/2015)
They're using Informix.
Hence the word 'Informix' in the error message. Obvious now, thanks.
If my message sounded sarcastic, I apologise. That was not my intention.
The absence of evidence is not evidence of absence
- Martin Rees
The absence of consumable DDL, sample data and desired results is, however, evidence of the absence of my response
- Phil Parkin
November 27, 2015 at 11:46 am
Phil Parkin (11/27/2015)
BrainDonor (11/27/2015)
Phil Parkin (11/27/2015)
They're using Informix.
Hence the word 'Informix' in the error message. Obvious now, thanks.
If my message sounded sarcastic, I apologise. That was not my intention.
I come across it and gave it a shot. It appears that the OP isn't listening. They just posted an attempt using TO_CHAR, which is an Oracle function. Like I said, I gave it a shot, but I don't know if the OP really understands that different databases are different.
November 27, 2015 at 12:06 pm
My SO just informed me that he's learned how to write a LEFT INNER JOIN in Oracle.
And now my head is just spinning with the notion that an INNER JOIN can be left or right in another SQL language. Should I be scared now?
November 27, 2015 at 12:08 pm
Brandie Tarvin (11/27/2015)
My SO just informed me that he's learned how to write a LEFT INNER JOIN in Oracle.And now my head is just spinning with the notion that an INNER JOIN can be left or right in another SQL language. Should I be scared now?
Hint: it's Black Friday and so is the humour:-D
😎
Viewing 15 posts - 51,616 through 51,630 (of 66,712 total)
You must be logged in to reply to this topic. Login to reply