Author: Yun Shu
What is MySQL Proxy?
MySQL Proxy is-a simple program-sits between your client and MySQL server (s) that can monitor, analyze or transform t Heir communication. Its flexibility allows for unlimited uses; Common ones include:load balancing; Failover Query analysis; query filtering and modification; and many more. As you can see, the main role of MySQL Proxy is to do load balancing, database read and write separation. But note that MySQL Proxy has a powerful extension to support the Lua language--Warcraft is also using LUA to develop the game, and as far as I know NetEase is also--you can see Yunfeng's blog. Such an extension gives me the idea of getting him to do something else-to prevent injection attacks.
When you start MySQL proxy, load a LUA script, perform a security check on every statement entered in query or insert, and even replace some of the contents in the query, so that the last line of defense is available when the programmer forgets to filter the parameters in the program. And because it's a dynamic scripting language like Lua, there's a lot of flexibility in development, revision, and deployment. Of course, you may be worried about performance problems, then add memcached to the front, or simply use C to write such extensions, after all, MySQL proxy is open source, and has a clear interface.
The interface provided to LUA by MySQL Proxy has several main functions:
Connect_server ()-This function is invoked every time a client connects, you can use this function to handle load balancing, to determine the current request to the server in the background, and if this function is not specified, then a simple polling mechanism is used.
Read_handshake ()-This function is invoked when the server returns the initial handshake information, which can be called to perform additional checks before the authentication information is sent to the server.
This function is called when Read_auth ()-client sends authentication information to the server.
Read_auth_result ()-This function is called after the server verifies that the information is returned.
Read_query ()-Every time the client sends a query request function, it is called, you can use this function to preprocess the query, filter out the unexpected query, and so on, this is the most commonly used function.
Read_query_result ()-query result return is called function, you can do result set processing.
As you can see, there are a lot of other things that you can do after you play free. I don't know if there are any companies doing this or trying to do that. I just write a small idea, feasible can not be done, and then to test it later. Recent severe toothache, alas, as a child did not pay attention, now treatment and protection is too late. After having their own baby, I will learn from, hehe, and June encourage.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
