This document covers administrator use of the CrushPaper web site.
For information on how to install, configure and run the CrushPaper server see this document.
Notes, Quotations and Sources
- Admins may see, modify or edit any user's notes, quotations and sources.
- Only admins may browse the full list of accounts or search by username.
- Admins may modify any user's account information without knowing that user's password.
- Admins (or the user themselves) may prevent a user from signing in by marking their account as closed.
- Only admins may mark another account as an admin.
- Only admins may shutdown the server.
- This method of shutting down the server reduces the risk of corrupting the database compared to killing the process.
- This removes all data from the database.
- If the server is configured for single user mode then that account is automatically recreated after the database is cleared.
- This creates a copy of the database with an CSV extract for each database table.
- Changes made while the backup is being done will NOT corrupt the backup.
Check DB Errors
- This checks the database for internal consistency errors.
- This functionality is mainly for CrushPaper developers to use.
- This locks the database for a very long time. During this time any user operations will fail or be queued.
- If any errors are reported this could have resulted from:
- A bug in the logic of the CrushPaper server.
- The server was shutdown in an ungraceful manner (
kill -9 is not graceful) and H2 was not able to recover its transactions.
- Manual modification of data in the H2 database through the H2 console interface.
- Corruption of the H2 database via the filesystem from another process.
- This lists all of the backups that have been made.
- Clicking on a backup will display the command for restoring the backup.
- The server must be shutdown and the command must be run from the command line in order to restore a backup.
- This creates a copy of the database by copying the files via the command line.
- Changes made while the backup is being done will corrupt the backup.
- There is almost never a reason to do an offline backup instead of an online backup.
- The CrushPaper server supports HTTPS and you are recommended to use it.
- Passwords are stored SHA1 hashed in the database.
- All CrushPaper operations which modify the database or are long running are implemented as POST requests that use tokens to prevent Cross-site request forgery (CSRF).
- The CrushPaper server is implemented entirely in Java which reduces the risks of security issues resulting from stack smashing and buffer overflows.
- All input to the CrushPaper server is validated and anything stored in the database in length checked.
- By policy a user's information is not stored in application or HTTP request log files.
- By default the database is created with a blank username and password.
Try CrushPaper for free without creating an account!
Or watch the Demo Movie