1. Home
  2. Categories
  3. General
  4. Funny take on PHP function names, SQL injection attacks

Funny take on PHP function names, SQL injection attacks

  • R

    Over at Slashdot.org, there is an amusing exchange regarding an article on SQL injection attacks:

    <font face="Tahoma" size="2">
    by     CHR1S (694833) Alter Relationship

    			on Wednesday July 19, @07:37AM (</span><a style="background-color: rgb(255, 165, 0);" href="http://it.slashdot.org/comments.pl?sid=191584&amp;cid=15742484">#15742484</a><span style="background-color: rgb(255, 165, 0);">)
			</span><br><font size="1">(<a href="http://www.enragednet.org/" rel="nofollow">http://www.enragednet.org/</a>)</font> 
		</span></font>
	</div>

<div class="commentBody">	
	<div id="comment_body_15742484"><font face="Tahoma" size="2"><span style="background-color: rgb(211, 211, 211);">How

    can it be that hard for web developers to check data before it is
    submitted? I wouldn't imagine trusting the data that an anonymous user
    can enter into my website.. so maybe I'm just trained to check data. Of
    course, I'm also glad I use MySQL with PHP where a simple
    mysql_real_escape_string can prevent any popular SQL Injection attempt.

    </font>

    <font face="Tahoma" size="2">
    by     Goaway (82658) Alter Relationship

    			on Wednesday July 19, @07:41AM (</span><a style="background-color: rgb(255, 165, 0);" href="http://it.slashdot.org/comments.pl?sid=191584&amp;cid=15742507">#15742507</a><span style="background-color: rgb(255, 165, 0);">)
			</span><br><font size="1">(<a href="http://wakaba.c3.cx/" rel="nofollow">http://wakaba.c3.cx/</a>)</font> 
		</span></font>
	</div>

<div class="commentBody">	
	<div id="comment_body_15742507"><font style="background-color: rgb(211, 211, 211);" face="Tahoma" size="2">You're <em>glad</em>

    that you use pretty much the only langauge where this is not done
    automatically for you, but which instead forces you to use a function
    with a name like mysql_real_escape_string()? And that
    actually has a similarly-named function without the "real" that
    doesn't do the job right? Just kidding with that other one, here's the
    real one!    </font>

    That last line cracked me up. Not to mention also that PHP has the_most_absurd_funtion_names_sometimes().





    0
  • A

    I alwyas love flame wars between Starcraft and Total Annihilation (spotted at http://groups.google.ca/group/alt.games.starcraft/browse_thread/thread/da3d96262b55e11b/33646c3f01315459?lnk=st&q=total+annihilation+command+line&rnum=6&hl=en):

    @Random StarCraft guy said:

    > Yeah. I think that's the wierdest thing about SC, that the air units
    > aren't really "air" units. They never land, and are not really faster
    > than ground units (can a Mutalisk outfly a fast Zergling?).

    You TA freaks are so unbelievably stupid. Ever heard of round planets ?
    You know the distance vs altitude modifier ? If I am at lets say 20.000 feet, I
    have
    to travel a longer distance than some peon walking or driving on the face of
    the earth.


    Columbus figured this out a long time ago. When will TA players do the same ?

    And the slowest tank drives at about the same speed as the fastest fighter - this is one of the main reasons that air travel has been fading - people are learning (like Columbus) that it's actually faster to walk/swim to China than to fly there!

    BTW what's with this edit box?  Characters take like 4 seconds to appear after I type them! (PIII 1.33ghz, 768mb Ram, IE6, XPSP2, nothing else open)

    0 dtech 1 Reply
Log in to reply