Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

Re: 標eb Security

by sboss (Initiate)
on Jun 24, 2002 at 18:49 UTC ( #176888=note: print w/replies, xml ) Need Help??

in reply to Web Security


Working as a consultant I see alot of companies doing the same thing. Someone will write some code (pick any language) and put it into production, including mission critical & customer facing production enviroments when the code should never be run in a lab let alone where it is running. Too many webmasters/web developers/etc that generate this code do no error checking at all. I have gone into production sites, entering "scott rules" for every field that had a text box where it was expecting either text (e.g. names, locations), numbers (e.g. phone number, ip numbers, device numbers), text boxes (large input boxes), etc... breaking the interface since it was expecting syntax and I entered "scott rules". After I showed them a simple little code to check to make sure the inputed values are at least in the correct format (e.g. for an IP address), at least their code was a little more stable.

But with the cut backs/recession I have seen more and more people inherit code that they do not know anything about the language nor how/why it was written the way it was.


Randal, be very very afraid! It is much worse than you think.


Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://176888]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (2)
As of 2018-01-22 05:43 GMT
Find Nodes?
    Voting Booth?
    How did you see in the new year?

    Results (231 votes). Check out past polls.