recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Limit the damage that degenerate project name typeahead queries can cause

Summary:
See PHI47. When users copy/paste a wall of text into a project tokenizer, we can end up performing a very large number of JOINs.

These JOINs seem okay locally and on `secure`, but the install in PHI47 reports hitting issues.

Since these queries are almost certainly illegitimate (I think no one uses 5+ words to find a project), just limit the search to the 5 longest tokens.

Note that typing 6 tokens will still almost always work, since the UI does additional filtering. However, if you have 100+ projects named "a b c d e ..." and search for "a b c d e z", you may not hit it. This is so degenerate that it's hard to imagine any users encountering it.

This is a stopgap fix, I'll file something longer-term as a followup.

Test Plan: Used `/typeahead/class/PhabricatorProjectDatasource/` to run queries. Saw the same results with shorter query plans for all reasonable queries.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D18506

epriestley 72cb3d3c 11046d49

+20 -1
+20 -1
src/applications/project/query/PhabricatorProjectQuery.php
··· 609 609 } 610 610 611 611 if ($this->nameTokens !== null) { 612 - foreach ($this->nameTokens as $key => $token) { 612 + $name_tokens = $this->getNameTokensForQuery($this->nameTokens); 613 + foreach ($name_tokens as $key => $token) { 613 614 $token_table = 'token_'.$key; 614 615 $joins[] = qsprintf( 615 616 $conn, ··· 795 796 $project->attachSlugs($project_slugs); 796 797 } 797 798 } 799 + } 800 + 801 + private function getNameTokensForQuery(array $tokens) { 802 + // When querying for projects by name, only actually search for the five 803 + // longest tokens. MySQL can get grumpy with a large number of JOINs 804 + // with LIKEs and queries for more than 5 tokens are essentially never 805 + // legitimate searches for projects, but users copy/pasting nonsense. 806 + // See also PHI47. 807 + 808 + $length_map = array(); 809 + foreach ($tokens as $token) { 810 + $length_map[$token] = strlen($token); 811 + } 812 + arsort($length_map); 813 + 814 + $length_map = array_slice($length_map, 0, 5, true); 815 + 816 + return array_keys($length_map); 798 817 } 799 818 800 819 }