969
Life Hack (lemm.ee)
submitted 6 months ago by sag@lemm.ee to c/programmer_humor@programming.dev
128 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] Kerb@discuss.tchncs.de 37 points 6 months ago* (last edited 6 months ago)

its an sql injection attack.
its rather unlikely that it works in a modern app.

assuming this would work,
it injects a command in the sql database.

it is assumed that the app runs a sql querry with the input field as a parameter e.g.
INSERT INTO "bills" (item, ammount, tip) VALUES ("steak", "20,00 $", "content of the custom tip goes here");

the semicolon indicates the end of the querry,
so the the text would cause the app to run an unfinished querry, and then start a new querry that messes up the content of the bills table.

[-] some_guy@lemmy.sdf.org 14 points 6 months ago

Further: xkcd.com/327

[-] RavenFellBlade@startrek.website 4 points 6 months ago

Is that Bobby?

this post was submitted on 04 Apr 2024
969 points (97.5% liked)

Programmer Humor

19331 readers
37 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev