Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Try it with email or password or something that's more ignored for securing against sql injection :P I've seen pages that had secured input from content, but with a single registration you could send the whole thing to hell.
Don't kill devRant, what would we do in work/school then? :( -
jimmeh10498y@KeyWeeUsr I wasn't trying to do anything. I added all the tags when I wrote the rant. It was meant more as a joke.
Future reference, other fields, but also a lot of URL's aren't secured when they contain search parameters, like a rant id ;)
But I've heard the "rant id" is actually a hash, so @dfox and crew are already safeguarding a lot. That's why I felt comfortable giving the above a shot without fear of actually doing harm. -
@jimmeh I just find funny to write such a sentence. It's kind of expected to secure the page/app against such things if you invite devs to fool around. Don't worry, you aren't the first, nor the last who posted a rant or a profile with similar sql :D Actually, this is probably the third rant specifically about dropping users table. :P
-
jimmeh10498y@KeyWeeUsr I guess I don't get points for originality 🤗. Like I said, it was just funny. I would hope I'd your entire community is for developers, you secure your shit.
-
i love doing sql injection / xss tests mainly because if i find one i mess with other people using that environment e.g. i have a really arrogant grinning emoji i inject through an iframe so they know it was me
Related Rants
-
linuxxx68So, someone submitted a 'bug' to Mozilla. As some of you may know, in the next year, the new mass surveillanc...
-
darthy10when you get downvoted on Stackoverflow...
-
DangerousDev11Before you're hired: 1. A binary tree? 2. Currying? 3. Higher-order function? 4. How does event loop work? 5. ...
'; DROP TABLE users --
undefined
damn
tried
worthit
devs
sql fun