Win a copy of Secure Financial Transactions with Ansible, Terraform, and OpenSCAP this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Rob Spoor
  • Henry Wong
  • Liutauras Vilda
Saloon Keepers:
  • Tim Moores
  • Carey Brown
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
Bartenders:
  • Frits Walraven
  • Himai Minh
  • Jj Roberts

xkcd

 
Ranch Hand
Posts: 541
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
                           
 
author
Posts: 9022
21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
sweetest cartoon ever!
 
Bartender
Posts: 2700
IntelliJ IDE Opera
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

XKCD
 
Java Cowboy
Posts: 16084
88
Android Scala IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The secret with XKCD is that you have to read the text in the tooltip that appears when you hold the mouse over the image (only works on the XKCD website itself) - it often contains the point of the joke, or an extra joke.
 
lowercase baba
Posts: 12975
66
Chrome Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Bobby Tables will always be my favorite.
 
Bartender
Posts: 1202
22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

fred rosenberger wrote:Bobby Tables will always be my favorite.



I've passed out that exact strip to contractors that left us open to just that type of problem. Of course the inputs were only coming from internal (employee) users, so we were a little less worried about malicious SQL hacking. Nonetheless, the guy didn't qualify as "done with the project" until he used parameterized SQL at the very least.


  • Best: Stored Procs
  • Better: Parameterized dynamic SQL
  • Good: Relying on each new programmer to parse the input to catch possible attacks.
  • Bad: none of the above.


  • OF COURSE, other factors can make the, say, "Better" option above more attractive for certain projects. You have to look at it on a case-by-case basis.
     
    Could you hold this puppy for a sec? I need to adjust this tiny ad:
    SKIP - a book about connecting industrious people with elderly land owners
    https://coderanch.com/t/skip-book
    reply
      Bookmark Topic Watch Topic
    • New Topic