145
top 9 comments
sorted by: hot top controversial new old
[-] abbadon420@lemm.ee 24 points 1 day ago

Putting the psyco in psycopg

[-] 9point6@lemmy.world 17 points 1 day ago

Flashbacks to one of my early freelance PHP gigs I did about 2 decades ago where I opened up the existing backend source code to find a load of unsanitised user input directly from the query string getting interpolated into the various SQL queries the application made. Part of me also feels like the "bobby tables" xkcd already existed by this point, so I've got no idea how that website managed to not get nuked before I refactored it.

To top it all off, of course the application authenticated with the database using the root user...

Thankfully I think that was the worst I ever discovered in the wild

[-] cm0002@lemmy.world 12 points 1 day ago

Im gonna manually merge values to a query

[-] 30p87@feddit.org 7 points 1 day ago

Why is it only a yellow warning, and not a red one?

[-] vithigar@lemmy.ca 19 points 1 day ago

There's an edge case where you want the guys in balaclavas to show up.

[-] Quetzalcutlass@lemmy.world 10 points 23 hours ago

When you hope they're dyslexic and show up with delicious baklavas instead.

[-] lena@gregtech.eu 7 points 22 hours ago

That's how I read it at first

[-] mmddmm@lemm.ee 4 points 22 hours ago

To add. The specific edge case where you want to do the balaclava thing is when you are concatenating internally generated column and table names, operators, and entire conditions with extra parameters that you will add the correct way.

[-] moonpiedumplings@programming.dev 2 points 21 hours ago
this post was submitted on 30 Apr 2025
145 points (100.0% liked)

Programmer Humor

22901 readers
956 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS