Database.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

## Table `page` [`InnoDB`]
In this table are all created page objects stored and will be removed if the admin deletes them.

* Column `id`: Contains the unique primary ID to identify a page
* Column `time_insert`: Contains the time stamp (Format: `YYYY-MM-DD HH:II:SS`) when the page was created
* Column `time_update`: Contains the time stamp (Format: `YYYY-MM-DD HH:II:SS`) when the page was updated
* Column `user`: Contains the user ID of the user who created this page (`user.id`)
* Column `slug`: Contains the slug part of the pages absolute URL
* Column `name`: Contains the name of the page
* Column `body`: Contains the body of the page in the markdown format
* Column `argv`: Contains the optional argument string or is `NULL`

## Table `post` [`InnoDB`]
In this table are all created post objects stored and will be removed if the admin deletes them.

* Column `id`: Contains the unique primary ID to identify a post
* Column `time_insert`: Contains the time stamp (Format: `YYYY-MM-DD HH:II:SS`) when the post was created
* Column `time_update`: Contains the time stamp (Format: `YYYY-MM-DD HH:II:SS`) when the post was updated
* Column `user`: Contains the user ID of the user who created this post (`user.id`)
* Column `slug`: Contains the slug part of the posts absolute URL
* Column `name`: Contains the name of the post
* Column `body`: Contains the body of the post in the markdown format
* Column `argv`: Contains the optional argument string or is `NULL`

## Table `user` [`InnoDB`]
In this table are all created user objects stored and will be removed if the admin deletes them.

* Column `id`: Contains the unique primary ID to identify a user
* Column `time_insert`: Contains the time stamp (Format: `YYYY-MM-DD HH:II:SS`) when the user was created
* Column `time_update`: Contains the time stamp (Format: `YYYY-MM-DD HH:II:SS`) when the user was updated
* Column `slug`: Contains the slug part of the users absolute URL
* Column `username`: Contains the username of the user
* Column `password`: Contains the `bcrypt` hashed password of the user
* Column `fullname`: Contains the full name of the user
* Column `mailaddr`: Contains the contact email address of the user
* Column `body`: Contains the body of the user in the markdown format
* Column `argv`: Contains the optional argument string or is `NULL`

## Why database table prefixes are not supported
The blogging application does not support the definition of a prefix for the database tables. This is because one database should only contain the data from one application (and if this is the case, prefixes are unnecessary). If multiple applications are sharing the same database and a security vulnerability is discovered in one of those applications, an attacker may be able to manipulate the data from the second application through the security vulnerability in the first application.