Off Topic > Off Topic
Pecon writes a forum system (New bbcode parser, finally!)
VerticalHorizon:
--- Quote from: Pecon on April 12, 2017, 12:49:27 AM ---I made a pretty major overhaul to the structure of SQL calls.
--- End quote ---
i hope they're parameterized
Pecon:
--- Quote from: VerticalHorizon on May 24, 2017, 11:03:17 AM ---i hope they're parameterized
--- End quote ---
Most of my queries are for the most part very simple, so that sort of thing never even crossed my mind. Probably something I should think about the next time I write anything like that.
VerticalHorizon:
--- Quote from: Pecon on May 24, 2017, 11:06:06 AM ---Most of my queries are for the most part very simple, so that sort of thing never even crossed my mind. Probably something I should think about the next time I write anything like that.
--- End quote ---
yeah sql injection is no joke
Pecon:
--- Quote from: VerticalHorizon on May 24, 2017, 11:09:07 AM ---yeah sql injection is no joke
--- End quote ---
To be fair, I personally think I did a pretty good job making sure all inputs are sanitized. I can see how a parameterized structure would make a trivial catch all for injections since it would just be done automatically.
Refticus:
--- Quote from: VerticalHorizon on May 24, 2017, 11:09:07 AM ---yeah sql injection is no joke
--- End quote ---
100s of people die a year from injecting raw sql into their veins.
real question, why do the page numbers start at 0 and not 1 like a sensible web developer?