Oracle Scratchpad

March 20, 2008

Humour

Filed under: humour — Jonathan Lewis @ 5:01 pm BST Mar 20,2008

Tom Kyte and Pete Finnigan are both well known for talking about the need to use bind variables and the dangers of SQL Injection. This cartoon must have been written just for them.

3 Comments »

  1. Except the cartoon makes the same mistake a lot of programmers make. They assume they just need to write a parser to make sure that type of stuff doesn’t get through. Instead they should just use bind variables. (simpler and more performant anyway) I remember getting into an argument with a bunch of programmers that they could write such a filter for their dynamic sql and didn’t need to use bind variables to prevent sql injection.

    Comment by Jim — March 20, 2008 @ 5:15 pm BST Mar 20,2008 | Reply

  2. I love that it’s even using Oracle syntax!

    Comment by Stew Stryker — April 1, 2008 @ 2:42 am BST Apr 1,2008 | Reply

  3. This is a bit off-topic but since this entry is labeled Humour, I found really hilarious this email I got today:

    Dear Amazon.com Customer,

    We’ve noticed that customers who have purchased or rated books by Thomas Kyte have also purchased All Mouth by Jonathan Lewis. For this reason, you might like to know that All Mouth is now available. You can order yours for just $12.89 ($6.06 off the list price) by following the link below.

    Comment by Oscar de la Torre — April 9, 2008 @ 6:59 am BST Apr 9,2008 | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Theme: Rubric. Get a free blog at WordPress.com

Follow

Get every new post delivered to your Inbox.

Join 4,267 other followers