Hello, Subeta! As you may have noticed, some recent security changes we've pushed out to the site have been accompanied by seemingly random blank pages. I've actually heard people calling these "white screens of death," so I thought you all might appreciate an explanation of what causes them, what you should do about them, and how on earth they relate to security.
Blank pages are caused by errors on the page. Ordinarily servers will show the actual error, but it's considered a good practice to hide error messages to avoid giving away sensitive information (what if a password were included in the error?), so errors on Subeta show blank pages.
So what's causing the errors? There are 2 main causes, both of which are related to the recent security fixes we've pushed out. One is a typo in the security fixes. I'm not a perfect typist, and the changes spanned tens of thousands of lines of code, so of course, there were a few mistakes I made ;)
The second cause of errors is apostrophes... they are annoying little things. You probably won't believe me, but apostrophes are rather dangerous to unprotected websites! That's because they have special meaning in the Structured Query Language (SQL) used to communicate with databases. Unless apostrophes are properly escaped (with the backslash... making sense now?), they can cause SQL errors. Just such an error kept the shop buying page from working completely.
Incidentally, Subeta sometimes gets overzealous with escaping apostrophes, and you end up with multiple backslashes... sound familiar?
So what to do about blank pages? If you see a blank page, first check to make sure nobody has reported it in problems and bugs. Then go report it there yourself. If it's urgent (like it's keeping you from doing something important), also send me an email about it at alx@subeta.net. In the email, tell me the exact link to the page you saw it on, as well as what you were doing at the time. Be as detailed as possible.
Anyway, just thought you might appreciate an explanation.
-Alex
Blank pages are caused by errors on the page. Ordinarily servers will show the actual error, but it's considered a good practice to hide error messages to avoid giving away sensitive information (what if a password were included in the error?), so errors on Subeta show blank pages.
So what's causing the errors? There are 2 main causes, both of which are related to the recent security fixes we've pushed out. One is a typo in the security fixes. I'm not a perfect typist, and the changes spanned tens of thousands of lines of code, so of course, there were a few mistakes I made ;)
The second cause of errors is apostrophes... they are annoying little things. You probably won't believe me, but apostrophes are rather dangerous to unprotected websites! That's because they have special meaning in the Structured Query Language (SQL) used to communicate with databases. Unless apostrophes are properly escaped (with the backslash... making sense now?), they can cause SQL errors. Just such an error kept the shop buying page from working completely.
Incidentally, Subeta sometimes gets overzealous with escaping apostrophes, and you end up with multiple backslashes... sound familiar?
So what to do about blank pages? If you see a blank page, first check to make sure nobody has reported it in problems and bugs. Then go report it there yourself. If it's urgent (like it's keeping you from doing something important), also send me an email about it at alx@subeta.net. In the email, tell me the exact link to the page you saw it on, as well as what you were doing at the time. Be as detailed as possible.
Anyway, just thought you might appreciate an explanation.
-Alex
Posted by alx
User not found:
Why would an error contain your password? And why don't you replace the 'blank' page with a 'sorry we messed up page' which explains the error?
0
User not found:
When I commented I had a backslash in my comment, and when it posted the backslash wasn't there. Still wondering if and how we should use the buggers with apostrophes. I must know, for I am a grammar Nazi, you see.
0
ROXY
Alx supports bad grammar. <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />
0
User not found:
I'm a little confused about the apostrophe thing. Does this mean every time I type one I'm in danger of creating a blank screen? Is it safe to use them? Should we use this ` instead or accompany it with a somewhere?
0
Disfan
Thank you for explaining things. I really appreciate that on this site you keep us informed.
0
kellycfan
thanks for letting us now what the blank pages were all about. You put a lot of time into this website and we appreciate that.
0
ZombieDoggie
Thanks for the explanation and all the work and time you put into Subeta we appreciate it <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />.
0
Sirenia
thank you for that a must know as i have in the past had white pages but havent thought too much about it sorry.
0
WIRES
Thanks! I was like OMG! Ahhh! But thanks for the explanation <img src="http://images.subeta.net/smilies/6398_emoticon_happy.gif" border="0" />
0
Taviljia
Thanks for the explanation <img src="http://images.subeta.net/smilies/6398_emoticon_heart.gif" border="0" />
Everyone one of you always works hard for us, you're awesome!
Everyone one of you always works hard for us, you're awesome!
0
Susy
Thanks for the explanation, Alex <img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" />
0
User not found:
now thats what i like about alex
you get a good understandable explanation
thank you
you get a good understandable explanation
thank you
0
SkyWolfAlpha
We going to eventually switch back to the Sql'd image, sans the php errors?
Apostrophe workaround: `. The thing next to the 1 key on a standard US keyboard. Learned that back when AFF was having issues with it. =P
Thanks for letting us know what's going on!
Apostrophe workaround: `. The thing next to the 1 key on a standard US keyboard. Learned that back when AFF was having issues with it. =P
Thanks for letting us know what's going on!
0
User not found:
well web developing is not easy which i know from working towards my bachelor's degree...and those HTML, XHTML, SQL, CSS, and so forth are not as simple as people think they are...they take alot of work to master in order to get the coding to work right to make a site function with all the pages working in perfect sync...keep up the excellent work...and thanks for fixing the apostrophe thing 'cause i hated those backslashes when i used apostrophes in typing lol...Subeta rocks!! <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />
0
Ninael
Eventually I'll have to learn more than C++ so I can understand this more than in a general sense.
0
Fraggle
You rawk, Alx <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />
0
draithypie
I noticed apostrophes did weird things around the site... but thanks very much for the detailed explanation... it makes a lot more sense now!
0
CYNIC
Thanks for the explination, Alex. I'm glad you take time to type allllll that on here just for us Subetans. We truly appreciate it.
0
FCoD
Thanks so much for the explanation. It's nice to be on a site where the higher ups care enough to actually let us know what is going on.
0
LadyJan
Alex... thank you so much. You are the best at putting things that we muggles wouldn't normally understand into lay terms that make sense. It's no wonder you are a good programmer... you are a great communicator. Period!
0
User not found:
thank you for the wonderful explaination
0
Faun_171
Alex, you are just amazing.
As is everyone involved in the switching over/fixing/patching up process.
Good to know what causes blank pages, and good to know why I cannot say can't without causing a punctuation disaster. Thank you so much for the updates!
As is everyone involved in the switching over/fixing/patching up process.
Good to know what causes blank pages, and good to know why I cannot say can't without causing a punctuation disaster. Thank you so much for the updates!
0
User not found:
This has obviously been said before, but thank you for letting us in on what is going on. I do find it strange with the apostrophe thing, but I will not doubt you, since you know more about this than I ever would.
So thankies again, dood! =3
So thankies again, dood! =3
0
Serena922003
Just another friendly reminder of why I dropped my programming class. Bleh. I appreciate what you guys do. <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
Magicstar
Thanks Alex! I love your posts and I appreciate all your hard work! <br />So glad we have you here! <img src="http://images.subeta.net/smilies/6398_emoticon_heart.gif" border="0" />
0
Rarre
Thank you for the explanation <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
Its always great to know how things are going!
Its always great to know how things are going!
0
dreamcatpaws
Does this mean things are safe on subeta again. (Besides outside links of course) Or is this a totally different thing?
I never got a blank page so I haven't a clue on what you're talking about. Thanks I guess? ^^;
I never got a blank page so I haven't a clue on what you're talking about. Thanks I guess? ^^;
0
blush_851
I definitely appreciate it. <3 It's great to know what's going on, even if I can't understand every bit of it (though it was pretty understandable, I thought. ^^) Thanks so much for keeping us up to date!
0
darthpaul
thanks, i can't wait to start battling again <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
GryffindorRUFC1
Thank you for the explanation. I really do not envy you typing thousands of lines of code <img src="http://images.subeta.net/smilies/6398_emoticon_sad.gif" border="0" />. I think, knowing that, we can forgive a few typos. You are awesome for trying to keep our beloved site safe and for keeping us updated with what is happening and what you guys are doing to fix it. I don't know any other site that keeps users as informed as this one does. Keep up the good work <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />
0
Mod
Thanks <img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" /> I was quite curious about those blank pages.
0
majikninja
Thanks for the update, any idea when the Battle Coliseum will stop white screen of deathing? I just want to try out my new scroll <img src="http://images.subeta.net/smilies/6398_emoticon_raspberry.gif" border="0" />
0
alx
BoneCollector: Subeta.net is our *official* name. .ws exists mainly because we didn't have .net when we moved away from .org.
0
kiwi_714
thanks for the explanation! <img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" />
0
BoneCollector
thanks for the simple explanation even I did understood everything <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
what realy annoys me is that in the news posts if they put a link or at peoples profiles you click on a whislist its always wrong because it redirects you to subeta.net and we have to change net into ws all the time in the adress,, will that be solved in the future too if i may ask ??? thanks in advance -for all the hard work to make the site better every time
what realy annoys me is that in the news posts if they put a link or at peoples profiles you click on a whislist its always wrong because it redirects you to subeta.net and we have to change net into ws all the time in the adress,, will that be solved in the future too if i may ask ??? thanks in advance -for all the hard work to make the site better every time
0
Saturnine
-waits for 'SQL'-
But your explanation makes it clear. Thanks! <img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" />
But your explanation makes it clear. Thanks! <img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" />
0
Mana_958
I just want to add my thanks to everyone else's for keeping us updated on what's going on! This is what elevates Subeta so far above other sites <img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" />
0
User not found:
See this is exactly what I love about this site. Thanks for keeping us posted =p
0
Diana
Alex RULES! <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
User not found:
thanks for telling us whats going on :3
Its not fun not knowing xP
Its not fun not knowing xP
0
RyokoNaomi
ohh i've been wondering what was up with the blank pages (which i get on my friend's profiles) and also what the backslashes were for. thanks for the explanation!
0
User not found:
Thank you for explaining all the errors and why it was all happening.
0
Pip
I'll vote for you!
I think Faith is volunteering to type billions of miles of code for you though... <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
I think Faith is volunteering to type billions of miles of code for you though... <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
aiya
thank you so much for explaining about the apostrophes. I have seen other sites deal with the same problem and wondered why. At least now I will be less annoyed by them.
Oh yes, alx for president ... of the Subetan Galaxy!
Oh yes, alx for president ... of the Subetan Galaxy!
0
crayon
that's so awesome! thanks for explaining <img src="http://images.subeta.net/smilies/6398_emoticon_heart.gif" border="0" />
0
User not found:
It's nothing pressing, but...will Subeta Staff intend to correct the situation regarding the usage of possessives and contractions on the site? Being a proper typist, it's kind of annoying to see it'/s instead of it's.
Like I said: Not urgent. Just something I'd like to see in the future. <img src="http://images.subeta.net/smilies/6398_emoticon_happy.gif" border="0" />
Good work on the security update. The less occurrances like these we have, the better.
Like I said: Not urgent. Just something I'd like to see in the future. <img src="http://images.subeta.net/smilies/6398_emoticon_happy.gif" border="0" />
Good work on the security update. The less occurrances like these we have, the better.
0
Purge
Good to know exactly what the cause of the blank pages are. Thanks for the update <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
*waits patiently for battling to come back*
*waits patiently for battling to come back*
0
ashleyplz
I was wondering what the backslashes were for.
Ill try and not to use them. XD
NO PROMISES THOUGH
Ill try and not to use them. XD
NO PROMISES THOUGH
0
panda_cub29
Now I know what they are thanks for letting us know <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
Friskysquirt
I consider myself enlightened. Thanks hun <img src="http://images.subeta.net/smilies/6398_emoticon_heart.gif" border="0" />
0
Kris
Thank you Alex.
I like how well you explain and keep us informed.
<img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" />
I like how well you explain and keep us informed.
<img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" />
0
splinter
The mystery of the multiplying backslashes has been revealed at last. xD
Thanks for the update. ;D
Thanks for the update. ;D
0
MoogerMint
Very much appreciate the explanation, actually. Also for letting us know that you're on it with fixing the problems that arise as quickly as you can. Thank you greatly for everything! I do like to know when there's something going up. :3
0
Monsoon
*smooshes* You're always awesome with the explanations. <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" /> Thank you!
0
User not found:
I haven't seen a blank page yet,I'll look out though!Thanks!
0
Chance
Thanks for explaining everything.
Nice to know exactly whats going on <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
Nice to know exactly whats going on <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0