I thought that when becoming a software engineer you'd get some kind of official packet of Basic Things We've Learned The Hard Way from somebody (??) but you really don't. You just one day see an xkcd about SQL injection, google it, and say "holy shit I do this" under your breath
Conversation
Replying to
With SQL Injection, that vulnerability shouldn’t be possible today, because the SQL should be a “developer defined string”, with user values provided separately (via parameterised queries), and rare exceptions should be handled by a library: eiv.dev
This Tweet was deleted by the Tweet author. Learn more
Show replies
Replying to
There was a comic I can't find where some executives are discussing using AI in their product, and then it cuts to their database where users' passwords are stored as strings.
3
This Tweet was deleted by the Tweet author. Learn more
Show replies






