May 19, 2010

I’m Not Attacking You. I Promise!

registration error 

It’s nice to know that you’re sanitising your user input but I’m pretty sure that my bog standard email address isn’t a SQL Injection attack.

4 comments:

  1. It could be worse - you could have been named Bobby Tables, and then you'd be in trouble.

    http://xkcd.com/327/

    ReplyDelete
  2. Obviously you've never tried a 'SELECT * FROM richard.banks' on a SQL Server 2008 installation.
    Very very scary stuff.

    ReplyDelete
  3. this website is so fun, oh, it is based on asp.net. I am not sure if i want to download NDepend.

    ReplyDelete