144

A guy named Valter couldn't register on this website because the developer blacklisted *ALTER*, amongst other words, to prevent SQL injection.

Comments
  • 10
    Well that's pretty stupid, Walter isn't exactly a rare name.
  • 7
    @deadlyRants of course.. that also reminds me of a recent article I have read regarding a Mr. Null who wasn't lucky registering himself on the web too, which indicates that still today devs are using blacklists to prevent injection.. lazy approach to security to say the least.
  • 10
    Reminds me of an ex college who's last name was just "Pe" and a lot of forms rejected it because of being too short.
  • 2
    Classic
  • 2
    @DarkMukke that would make many names that I know of friends from China and Japan with names that are too short. (Not a racist comment)
  • 4
    @uziiuzair granted, this was in the early 2000's when validation was new on the web
  • 2
    On my Galaxy S5, the vpn connect form have a maxlength set to 32 on the userid/email field. An IT department requirement is to have full name given in the email address, causing mine to be 33 chars long...
  • 4
    @valter @walter are you out there buddy?
  • 2
    @andersoyvind that is hell long
  • 1
    *instead of using prepared statements*
  • 2
    @andersoyvind, by now setting a max number of chars on an email field is just wrong. Many people has full name addresses, and some even add more characters by using the "+ something" option most providers offer.
Add Comment