Subeta -

March 13, 2009 8:05 pm

Hello, Subeta! As you may have noticed, some recent security changes we've pushed out to the site have been accompanied by seemingly random blank pages. I've actually heard people calling these "white screens of death," so I thought you all might appreciate an explanation of what causes them, what you should do about them, and how on earth they relate to security.

Blank pages are caused by errors on the page. Ordinarily servers will show the actual error, but it's considered a good practice to hide error messages to avoid giving away sensitive information (what if a password were included in the error?), so errors on Subeta show blank pages.

So what's causing the errors? There are 2 main causes, both of which are related to the recent security fixes we've pushed out. One is a typo in the security fixes. I'm not a perfect typist, and the changes spanned tens of thousands of lines of code, so of course, there were a few mistakes I made ;)

The second cause of errors is apostrophes... they are annoying little things. You probably won't believe me, but apostrophes are rather dangerous to unprotected websites! That's because they have special meaning in the Structured Query Language (SQL) used to communicate with databases. Unless apostrophes are properly escaped (with the backslash... making sense now?), they can cause SQL errors. Just such an error kept the shop buying page from working completely.

Incidentally, Subeta sometimes gets overzealous with escaping apostrophes, and you end up with multiple backslashes... sound familiar?

So what to do about blank pages? If you see a blank page, first check to make sure nobody has reported it in problems and bugs. Then go report it there yourself. If it's urgent (like it's keeping you from doing something important), also send me an email about it at [email protected]. In the email, tell me the exact link to the page you saw it on, as well as what you were doing at the time. Be as detailed as possible.

Anyway, just thought you might appreciate an explanation.

-Alex

December 31, 1969, 7:00 pm by

Why would an error contain your password? And why don't you replace the 'blank' page with a 'sorry we messed up page' which explains the error?

December 31, 1969, 7:00 pm by

When I commented I had a backslash in my comment, and when it posted the backslash wasn't there. Still wondering if and how we should use the buggers with apostrophes. I must know, for I am a grammar Nazi, you see.

December 31, 1969, 7:00 pm by

Thanks SO much for that explanation, especially the bit about apostrophes! c:

December 31, 1969, 7:00 pm by

Alx supports bad grammar.

December 31, 1969, 7:00 pm by

I'm a little confused about the apostrophe thing. Does this mean every time I type one I'm in danger of creating a blank screen? Is it safe to use them? Should we use this ` instead or accompany it with a somewhere?

December 31, 1969, 7:00 pm by

Thank you for explaining things. I really appreciate that on this site you keep us informed.

December 31, 1969, 7:00 pm by

thanks for letting us now what the blank pages were all about. You put a lot of time into this website and we appreciate that.

December 31, 1969, 7:00 pm by

Thanks for the explanation and all the work and time you put into Subeta we appreciate it .

December 31, 1969, 7:00 pm by

Thanks for the explanation!

December 31, 1969, 7:00 pm by

thank you for that a must know as i have in the past had white pages but havent thought too much about it sorry.

December 31, 1969, 7:00 pm by

Thanks! I was like OMG! Ahhh! But thanks for the explanation

December 31, 1969, 7:00 pm by

Your shirt says it all, Alex... ;P

December 31, 1969, 7:00 pm by

Thanks for the explanation Everyone one of you always works hard for us, you're awesome!

December 31, 1969, 7:00 pm by

Thanks for the explanation, Alex

December 31, 1969, 7:00 pm by

now thats what i like about alex you get a good understandable explanation

thank you

December 31, 1969, 7:00 pm by

We going to eventually switch back to the Sql'd image, sans the php errors?

Apostrophe workaround: `. The thing next to the 1 key on a standard US keyboard. Learned that back when AFF was having issues with it. =P Thanks for letting us know what's going on!

December 31, 1969, 7:00 pm by

Thanks for the explanation, Alex. (: Stupid apostrophes.

December 31, 1969, 7:00 pm by

well web developing is not easy which i know from working towards my bachelor's degree...and those HTML, XHTML, SQL, CSS, and so forth are not as simple as people think they are...they take alot of work to master in order to get the coding to work right to make a site function with all the pages working in perfect sync...keep up the excellent work...and thanks for fixing the apostrophe thing 'cause i hated those backslashes when i used apostrophes in typing lol...Subeta rocks!!

December 31, 1969, 7:00 pm by

Eventually I'll have to learn more than C++ so I can understand this more than in a general sense.

December 31, 1969, 7:00 pm by

You rawk, Alx

December 31, 1969, 7:00 pm by

I noticed apostrophes did weird things around the site... but thanks very much for the detailed explanation... it makes a lot more sense now!

December 31, 1969, 7:00 pm by

Thanks for the explination, Alex. I'm glad you take time to type allllll that on here just for us Subetans. We truly appreciate it.

December 31, 1969, 7:00 pm by

Thanks so much for the explanation. It's nice to be on a site where the higher ups care enough to actually let us know what is going on.

December 31, 1969, 7:00 pm by

I always appreciate THAT you take the time to explain things - Thanks Alex!

December 31, 1969, 7:00 pm by

Alex... thank you so much. You are the best at putting things that we muggles wouldn't normally understand into lay terms that make sense. It's no wonder you are a good programmer... you are a great communicator. Period!

December 31, 1969, 7:00 pm by

(falls to sleep and then wakes up) WHAT! Oh... Well Thank You Alex.

December 31, 1969, 7:00 pm by

thank you for the wonderful explaination

December 31, 1969, 7:00 pm by

Alex, you are just amazing.

As is everyone involved in the switching over/fixing/patching up process.

Good to know what causes blank pages, and good to know why I cannot say can't without causing a punctuation disaster. Thank you so much for the updates!

December 31, 1969, 7:00 pm by

This has obviously been said before, but thank you for letting us in on what is going on. I do find it strange with the apostrophe thing, but I will not doubt you, since you know more about this than I ever would.

So thankies again, dood! =3

December 31, 1969, 7:00 pm by

Just another friendly reminder of why I dropped my programming class. Bleh. I appreciate what you guys do.

December 31, 1969, 7:00 pm by

Thanks Alex! I love your posts and I appreciate all your hard work!
So glad we have you here!

December 31, 1969, 7:00 pm by

Thank you for the explanation Its always great to know how things are going!

December 31, 1969, 7:00 pm by

Thank you for giving us an update! Your the best, alx.

December 31, 1969, 7:00 pm by

Does this mean things are safe on subeta again. (Besides outside links of course) Or is this a totally different thing? I never got a blank page so I haven't a clue on what you're talking about. Thanks I guess? ^^;

December 31, 1969, 7:00 pm by

I definitely appreciate it. <3 It's great to know what's going on, even if I can't understand every bit of it (though it was pretty understandable, I thought. ^^) Thanks so much for keeping us up to date!

December 31, 1969, 7:00 pm by

thank you

December 31, 1969, 7:00 pm by

thanks, i can't wait to start battling again

December 31, 1969, 7:00 pm by

Thank you for the explanation. I really do not envy you typing thousands of lines of code . I think, knowing that, we can forgive a few typos. You are awesome for trying to keep our beloved site safe and for keeping us updated with what is happening and what you guys are doing to fix it. I don't know any other site that keeps users as informed as this one does. Keep up the good work

December 31, 1969, 7:00 pm by

Thank you for keeping everyone informed. ♥

December 31, 1969, 7:00 pm by

Thanks I was quite curious about those blank pages.

December 31, 1969, 7:00 pm by

Thanks for the update, any idea when the Battle Coliseum will stop white screen of deathing? I just want to try out my new scroll

December 31, 1969, 7:00 pm by

Thanks for keeping us so informed, and for all your hard work!!

December 31, 1969, 7:00 pm by

BoneCollector: Subeta.net is our official name. .ws exists mainly because we didn't have .net when we moved away from .org.

December 31, 1969, 7:00 pm by

thanks for the explanation!

December 31, 1969, 7:00 pm by

Ah well now that makes perfect sense. Thanks for letting us know ^^

December 31, 1969, 7:00 pm by

thanks for the simple explanation even I did understood everything

what realy annoys me is that in the news posts if they put a link or at peoples profiles you click on a whislist its always wrong because it redirects you to subeta.net and we have to change net into ws all the time in the adress,, will that be solved in the future too if i may ask ??? thanks in advance -for all the hard work to make the site better every time

December 31, 1969, 7:00 pm by