this post was submitted on 04 Apr 2024

164 points (97.7% liked)

Programmer Humor

19618 readers

1 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 1 year ago

MODERATORS

Feyter@programming.dev

anzo@programming.dev

BurningTurtle@programming.dev

pylapp@programming.dev

164

Life Hack (lemm.ee)

submitted 7 months ago by sag@lemm.ee to c/programmer_humor@programming.dev

94 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Kerb@discuss.tchncs.de 5 points 7 months ago* (last edited 7 months ago) (1 children)

its an sql injection attack.
its rather unlikely that it works in a modern app.

assuming this would work,
it injects a command in the sql database.

it is assumed that the app runs a sql querry with the input field as a parameter e.g.
INSERT INTO "bills" (item, ammount, tip) VALUES ("steak", "20,00 $", "content of the custom tip goes here");

the semicolon indicates the end of the querry,
so the the text would cause the app to run an unfinished querry, and then start a new querry that messes up the content of the bills table.

[–] some_guy@lemmy.sdf.org 2 points 7 months ago (1 children)

Further: xkcd.com/327

[–] RavenFellBlade@startrek.website 1 points 7 months ago

Is that Bobby?