admin_activity_log data too long

[balihr]

Symptom spotted on ZC 1.5.5 (no suffix) and reproduced on 1.5.6c

Adding/editing category description with a dozen YouTube embedded videos. Blank page on save. Error log as follows:

Code:

[17-Jan-2020 10:29:06 Australia/Melbourne] Request URI: /ADMIN/categories.php?action=update_category&cPath=23_26, IP address: XXX.XXX.XXX.134
#1  trigger_error() called at [/home/ACCOUNT/public_html/includes/classes/db/mysql/query_factory.php:167]
#2  queryFactory->show_error() called at [/home/ACCOUNT/public_html/includes/classes/db/mysql/query_factory.php:139]
#3  queryFactory->set_error() called at [/home/ACCOUNT/public_html/includes/classes/db/mysql/query_factory.php:266]
#4  queryFactory->Execute() called at [/home/ACCOUNT/public_html/ADMIN/includes/functions/database.php:53]
#5  zen_db_perform() called at [/home/ACCOUNT/public_html/ADMIN/includes/classes/class.admin.zcObserverLogWriterDatabase.php:45]
#6  zcObserverLogWriterDatabase->updateNotifyAdminFireLogWriters() called at [/home/ACCOUNT/public_html/includes/classes/class.base.php:103]
#7  base->notify() called at [/home/ACCOUNT/public_html/ADMIN/includes/classes/class.admin.zcObserverLogEventListener.php:59]
#8  zcObserverLogEventListener->updateNotifyAdminActivityLogEvent() called at [/home/ACCOUNT/public_html/includes/classes/class.base.php:103]
#9  base->notify() called at [/home/ACCOUNT/public_html/ADMIN/includes/init_includes/init_admin_history.php:13]
#10 require(/home/ACCOUNT/public_html/ADMIN/includes/init_includes/init_admin_history.php) called at [/home/ACCOUNT/public_html/includes/autoload_func.php:48]
#11 require(/home/ACCOUNT/public_html/includes/autoload_func.php) called at [/home/ACCOUNT/public_html/ADMIN/includes/application_top.php:171]
#12 require(/home/ACCOUNT/public_html/ADMIN/includes/application_top.php) called at [/home/ACCOUNT/public_html/ADMIN/categories.php:9]

[17-Jan-2020 10:29:06 Australia/Melbourne] PHP Fatal error:  1406:Data too long for column 'attention' at row 1 :: insert into admin_activity_log (access_date, admin_id, page_accessed, page_parameters, ip_address, gzpost, flagged, attention, severity, logmessage) values (now(), '1', 'categories.php', 'action=update_category&cPath=23_26', 'XXX.XXX.XXX.134', 'Í—ÛNã0†_%ÊÅ^miJËAå�-=ÐÒRh¥H‘ãL]ƒÛ!*ˆwÇ¥€àb©Š–\\eò\'3ú~Ÿ2yr12@„¢##C\Z»õÚVå÷g-AÜú“ë¹u·…TLâô�6##0CZ;×4¡Ýç/I1h¬¨4T$ï¹ût¦l)\'£±™îf¥¸Î(™›�[##°�çÆH]ÊA9˲�…HM\ZÁ<(� Êž\\´vèØ»‰šG\nØÁ2÷µ|$TÊÖX*ˆ1‘ÍRÆ,@r¸”W‡N##‚$W\"Õ‡ì’ð^÷Q¯E”;ÐtK_ÞŸ´G´Z##ËÑîLªd,Èú@òðWiÙpö#õª8N®�þ0kûó㽿RŒQz“þvÚ´C7.ÐÞ‰\ZvwýÁìb½##—;�ß.�]éSõPÅë½##¦å5W¸Ö5{4Ñ´ÝCÙ£Úº»gá](jÛÕj‡�«^<dÍÔO›ƒqÛŸ\r�ßN³�Qj„dhÑp Áj!\rÄ%1EÿùÐó*ôÈ-nMÏ~Þ]®Î¢n´™_uæaïÇ�å>mI\'í�v[œDãb˜û´ûr7;š<Ôú¢/�“b˜ÍÓ\\xÿ(ñ##:ßcç…0·ú8çj‘Œ/ÝëÎìÛ>¦@\'£øSšNü6�Zµób”à`ê†óWü†CJh,$4I±I”hRz¿_uAY¾wPÛl©-wÊISe›t÷KO9\"r”¤ˆ##®”Ø\"ûSàV¬¤…2á«5+ìXA�6Êb…f!—/yîó', '1', 'ALERT: Please review for possible XSS activity: [&lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe and &lt;iframe]', 'notice', 'Accessed page [categories.php] with action=update_category. Review page_parameters and postdata for details.') ==> (as called by) /home/ACCOUNT/public_html/ADMIN/includes/functions/database.php on line 53 <== in /home/ACCOUNT/public_html/includes/classes/db/mysql/query_factory.php on line 167

This might be related to CSF installed on server, and/or OWASP mod_security with very strict rules in use (almost paranoia mode), but still...

Is there any specific reason why the 'attention' column isn't TEXT instead of varchar(255) - are there any downsides or possible problems that might occur after changing it to TEXT ? I mean, I've already done it, but just wondering if I should expect headaches...

Code:

ALTER TABLE `admin_activity_log` CHANGE `attention` `attention` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;

[DrByte]

Yes it's probably time to "store more" :)

v157 will change it like this:
ALTER TABLE admin_activity_log MODIFY attention MEDIUMTEXT;