Funny take on PHP function names, SQL injection attacks



  • Over at Slashdot.org, there is an amusing exchange regarding an article on SQL injection attacks:

    <font face="Tahoma" size="2">
    by
    CHR1S (694833) Alter Relationship

    			on Wednesday July 19, @07:37AM (</span><a style="background-color: rgb(255, 165, 0);" href="http://it.slashdot.org/comments.pl?sid=191584&amp;cid=15742484">#15742484</a><span style="background-color: rgb(255, 165, 0);">)
    			</span><br><font size="1">(<a href="http://www.enragednet.org/" rel="nofollow">http://www.enragednet.org/</a>)</font> 
    		</span></font>
    	</div>
    
    <div class="commentBody">	
    	<div id="comment_body_15742484"><font face="Tahoma" size="2"><span style="background-color: rgb(211, 211, 211);">How
    

    can it be that hard for web developers to check data before it is
    submitted? I wouldn't imagine trusting the data that an anonymous user
    can enter into my website.. so maybe I'm just trained to check data. Of
    course, I'm also glad I use MySQL with PHP where a simple
    mysql_real_escape_string can prevent any popular SQL Injection attempt.

    </font>

    <font face="Tahoma" size="2">
    by
    Goaway (82658) Alter Relationship

    			on Wednesday July 19, @07:41AM (</span><a style="background-color: rgb(255, 165, 0);" href="http://it.slashdot.org/comments.pl?sid=191584&amp;cid=15742507">#15742507</a><span style="background-color: rgb(255, 165, 0);">)
    			</span><br><font size="1">(<a href="http://wakaba.c3.cx/" rel="nofollow">http://wakaba.c3.cx/</a>)</font> 
    		</span></font>
    	</div>
    
    <div class="commentBody">	
    	<div id="comment_body_15742507"><font style="background-color: rgb(211, 211, 211);" face="Tahoma" size="2">You're <em>glad</em>
    

    that you use pretty much the only langauge where this is not done
    automatically for you, but which instead forces you to use a function
    with a name like mysql_real_escape_string()? And that
    actually has a similarly-named function without the "real" that
    doesn't do the job right? Just kidding with that other one, here's the
    real one!
    </font>

    That last line cracked me up. Not to mention also that PHP has the_most_absurd_funtion_names_sometimes().







  • I alwyas love flame wars between Starcraft and Total Annihilation (spotted at http://groups.google.ca/group/alt.games.starcraft/browse_thread/thread/da3d96262b55e11b/33646c3f01315459?lnk=st&q=total+annihilation+command+line&rnum=6&hl=en):

    @Random StarCraft guy said:

    > Yeah. I think that's the wierdest thing about SC, that the air units
    > aren't really "air" units. They never land, and are not really faster
    > than ground units (can a Mutalisk outfly a fast Zergling?).

    You TA freaks are so unbelievably stupid. Ever heard of round planets ?
    You know the distance vs altitude modifier ? If I am at lets say 20.000 feet, I
    have
    to travel a longer distance than some peon walking or driving on the face of
    the earth.


    Columbus figured this out a long time ago. When will TA players do the same ?

    And the slowest tank drives at about the same speed as the fastest fighter - this is one of the main reasons that air travel has been fading - people are learning (like Columbus) that it's actually faster to walk/swim to China than to fly there!

    BTW what's with this edit box?  Characters take like 4 seconds to appear after I type them! (PIII 1.33ghz, 768mb Ram, IE6, XPSP2, nothing else open)


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.