| Author |
xkcd
|
Saurabh Pillai
Ranch Hand
Joined: Sep 12, 2008
Posts: 449
|
|
|
 |
Bert Bates
author
Sheriff
Joined: Oct 14, 2002
Posts: 8712
|
|
|
sweetest cartoon ever!
|
Eliminate fossil fuel subsidies. (If you're not on the edge, you're taking up too much room.)
|
|
Wouter Oet
Saloon Keeper
Joined: Oct 25, 2008
Posts: 2700
|
|
XKCD
|
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler
Please correct my English.
|
|
Jesper de Jong
Java Cowboy
Bartender
Joined: Aug 16, 2005
Posts: 12929
|
|
|
The secret with XKCD is that you have to read the text in the tooltip that appears when you hold the mouse over the image (only works on the XKCD website itself) - it often contains the point of the joke, or an extra joke.
|
Java Beginners FAQ - JavaRanch SCJP FAQ - The Java Tutorial - Java SE 7 API documentation
Scala Notes - My blog about Scala
|
|
fred rosenberger
lowercase baba
Bartender
Joined: Oct 02, 2003
Posts: 9956
|
|
|
Bobby Tables will always be my favorite.
|
Never ascribe to malice that which can be adequately explained by stupidity.
|
|
Ryan McGuire
Ranch Hand
Joined: Feb 18, 2005
Posts: 945
|
|
fred rosenberger wrote:Bobby Tables will always be my favorite.
I've passed out that exact strip to contractors that left us open to just that type of problem. Of course the inputs were only coming from internal (employee) users, so we were a little less worried about malicious SQL hacking. Nonetheless, the guy didn't qualify as "done with the project" until he used parameterized SQL at the very least.
Best: Stored ProcsBetter: Parameterized dynamic SQLGood: Relying on each new programmer to parse the input to catch possible attacks.Bad: none of the above.
OF COURSE, other factors can make the, say, "Better" option above more attractive for certain projects. You have to look at it on a case-by-case basis.
|
|
 |
|
|
subject: xkcd
|
|
|
0
