|
|
|
|
|
|
by chasd00
1031 days ago
|
|
|
hah what i did involved a db too, a string based query without sanitization introducing a possible sql injection. The input never came from a user and was sourced from a config file but i still should have known better. I learned that if you put it in a slide, no matter scope/purpose, it better be production quality because people are just going to copy/paste. |
|
|
the only thing scarier than seeing your personal “not for prod” code running in prod by someone else’s hand. the “improvements.”