Actually, what I really wanted to blog about before getting carried away with irony yesterday was an old idea on how to force my developers to use placeholders exclusively for SQL queries in applications. As should be apparent from yesterdays blog entry, I am strongly in favour of using placeholders for interpolating values into SQL… Continue reading Placeholders and SQL injection, part 2
Month: January 2009
Placeholders and SQL injection
It is sad to see how 9X% (or should that be 99.X%?) of SQL applications are riddled with SQL injection bugs. There really is no excuse for this. Nobody writes code like this: sub stupid_sum { my ($list) = @_; my $string = shift @$list; for (@$list) { $string .= ” + ” . $_;… Continue reading Placeholders and SQL injection
Skal EU tvinge Windows brugere til Firefox?
Der er gang i diskussionen vedrørende EU’s mulige krav til at lade folk vælge browser når de køber Windows. Har Microsoft misbrugt sit monopol, er det en god ide at EU blander sig, er det for megen indblanding, osv. Når man installerer en Linux-distribution skal man typisk ikke vælge browser… men man har jo også… Continue reading Skal EU tvinge Windows brugere til Firefox?