Date: Thu, 19 Jan 2017 16:22:56 +0100 From: Polytropon <freebsd@edvax.de> To: Matthew Seaman <matthew@freebsd.org> Cc: freebsd-questions@freebsd.org Subject: Re: Clerical help wanted Message-ID: <20170119162256.d0a1e608.freebsd@edvax.de> In-Reply-To: <e44bdfaf-1d70-2e73-090f-dddb257d7f63@FreeBSD.org> References: <ffc85b2d1203a8e8a491f6131b589fe3.squirrel@webmail.harte-lyne.ca> <e44bdfaf-1d70-2e73-090f-dddb257d7f63@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 19 Jan 2017 14:22:21 +0000, Matthew Seaman wrote: > On 19/01/2017 14:13, James B. Byrne wrote: > > How many of us work with data entry operators that you suspect would > > just enter this company's registered name into your database systems? > > > > https://beta.companieshouse.gov.uk/company/10542519 > > Except that company name is missing a strategically placed quote mark, > so it wouldn't actually work... > > Also: evolution in action. Anyone vulnerable to SQL injection in this > day and age *needs* an unpleasant lesson. Yay, it's Bobby Tables! https://xkcd.com/327/ For everyday practical use: http://hackaday.com/2014/04/04/sql-injection-fools-speed-traps-and-clears-your-record/ ;-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170119162256.d0a1e608.freebsd>