Seqram (seqram) wrote,

Remember Bobby Tables

You would think the guardians of Scottish culture (inexplicably unavailable at this precise moment) would be more careful.  I had trouble logging in because of an apostrophe in a password, and the error message was very obviously a sanitation problem ("Error in SQL at string..." obviously because the quote ended too early).  An apostrophe in an input field should not cause a server error.  (I really hope I've not made that mistake in anything I've coded.  I think I've watched for it all the time, but maybe I missed once, or didn't sanitize enough..?)

I sent them email telling them about the problem, and suggested they show to their DB techs.  They have fixed the problem (or I wouldn't be telling you who it was in a blog right now).  You can't be too careful.
  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment