Vulnerability in EPiServer.Forms
I upgraded EPiServer to newest version. I run update-epidatase command and got command timeout exception.
The error occured on tblActivityLog table.
I used SQL Management studio to execute script.
I'm wonder if it's possible to use update-epidatase with some extended value of CommandTimeout property.
So, did you manage to update database eventually through SQL Management Studio?
even epideploy.exe does not provide out-of-the-box way to increase command timeout. defaults to 30
I manage to update schema by running SQL scripts via SQL Management Studio. I did it on only my Dev environment. I need to update other collegues machines, Test, Staging and Production servers. Usually I used update-epidatase and Export‑EPIUpdates to export and execute scripts which save a lot of time.
I also checked the code of epideploy.exe. The GetConnection method of DatabaseHandler class used DbProviderFactories.GetFactory to create connection:
protected virtual DbConnection GetConnection()
DbProviderFactory DbProviderFactory = DbProviderFactories.GetFactory(this.ConnectionStringSettings.ProviderName);
Maybe I could try to chcange the provider to my own with Timeout property increased to more than 30 seconds.
That should affect only connection timeouts and not Command timeouts.
Commands were created within DatabaseHandler or similar class. Not quite sure that we can override Command.Timeout value without changing source of epideploy.exe.