Writing

Feed Software, technology, sysadmin war stories, and more.

Tuesday, May 15, 2018

How the feedback mechanism works (spoiler: boring)

The other day I received a question about how the feedback form works, since it's obviously not just flat text like the rest of this stuff. It's true that there are some dynamic aspects to it, and for the sake of future reference, I might as well document it here. People ask about it every so often and so in the future they can be directed to this post.

First off, there's the page itself. It's just enough to get the job done. It has a form in it, and just enough magic to POST it back to the backend. I grab a copy of the referrer when doing this so that I can see which post (or other page, for that matter) you're commenting on without digging through the access logs. This also means the commenting stuff doesn't need to be crammed into every single post to stay "associated".

What happens next is some really dumb code that chews on the POST body and splits it into a bunch of var/val things internally. Then I go through, make sure it's usable, and then build a SQL INSERT statement with it. I'll tell you right now that it's using a prepared statement, so there are no string-building shenanigans going on. The statement is one thing, and the args are provided separately -- no escaping, no injection, no funny stuff.

All of this happens as a unique database user that has permissions to INSERT into exactly one table in exactly one database, nothing more. It can't even SELECT back out, never mind all of the other badness that can happen (paging Bobby Tables).

That's it. You get a 200 back and the web page changes slightly to say "thanks", and it's done.

I read it later straight out of the table as plain text. It never ends up in a web page anywhere, so there are no HTML shenanigans to worry about, either.

All of this is just fine for me, but it's a complete usability disaster for anyone else expecting a nice put-together "CRM" type situation.

Oh, and finally, the save-to-the-db thing happens to be C++, but who cares? It implements a certain API and it works, and that's all your browser wants to see.

That's it. Sorry it's not more exciting, but it works!