I had an interesting issue arise yesterday that I thought you all would like, enjoy, learn from, or get a kick out of. I run a intranet (only inside our local network, no outside access) for our company. I build internal web apps and run them off of a DB server (MySQL 4) and a web server (Apache2). Both are dual-processor Xeon 2.4 with a gig of RAM each. They handle a heavy load but always do well. Well, someone got the idea to use a site downloader on my site. I should also mention that I use phpMyAdmin as a front end (not protected... bad mistake, I know) because the people who use the site also develop for it. Well, The downloader ran through all the URLs and even it the phpMyAdmin stuff. I noticed it when some of the DB queries I was working on came up with empty result sets. Thinking this was impossible, I checked to make sure the data was all there. It was all missing. Every table. Of every database. All of them also a little corrupted. I had a backup, so I ran it and brought everything back. Well, for good measure, I rebooted the server. When it came back up, guess what was missing: mysql.sock. It somehow (through the downloader hitting phpMyAdmin or me trying to fix it) just about corrupted my entire install of MySQL. I guess the moral of the story is three-fold:
-Don't use phpMyAdmin
-Don't use phpMyAdmin in an unprotected directory
-Don't use site downloaders on phpMyAdmin
