Comments on: The daily WTF Greatest Hits II http://www.jorgebernal.info/wtf/the-daily-wtf-greatest-hits-ii Tue, 09 Mar 2010 14:28:38 +0000 http://wordpress.org/?v=abc hourly 1 By: DidieR http://www.jorgebernal.info/wtf/the-daily-wtf-greatest-hits-ii/comment-page-1#comment-72 DidieR Tue, 25 Apr 2006 06:26:38 +0000 #comment-72 Ouh... "Les grands esprits se rencontrent"... In fact, this is pretty stupid. I don't hack much.. But I see that this is stupid though... Ouh… “Les grands esprits se rencontrent”…

In fact, this is pretty stupid. I don’t hack much.. But I see that this is stupid though…

]]> By: Raphink http://www.jorgebernal.info/wtf/the-daily-wtf-greatest-hits-ii/comment-page-1#comment-71 Raphink Fri, 14 Apr 2006 02:04:54 +0000 #comment-71 Wow that is really stupid indeed! Would be faster to just print the db url, user, and passwd on the website if this guy wants his db to be borked :D Wow that is really stupid indeed!
Would be faster to just print the db url, user, and passwd on the website if this guy wants his db to be borked :D

]]> By: koke http://www.jorgebernal.info/wtf/the-daily-wtf-greatest-hits-ii/comment-page-1#comment-70 koke Thu, 13 Apr 2006 04:19:00 +0000 #comment-70 <p>This one is definitely winning my personal contest of worst code piece ever by now:</p> <code><pre> function saveform() { var firstName = escapeSql(mainForm.elements.txtFirstName.value); var lastName = escapeSql(mainForm.elements.txtLastName.value); /* ... */ var offerCode = escapeSql(mainForm.elements.txtOfferCode.value); var code = ' $cn = mssql_connect($DB_SERVER, $DB_USERNAME, $DB_PASSWORD) ' + ' or die("ERROR: Cannot Connect to $DB_SERVER"); ' + ' $db = mssql_select_db($DB_NAME, $cn); ' + ' ' + ' if (mssql_query("SELECT 1 FROM APPS WHERE SSN=\''+ssn+'\'", $cn)) ' + ' { $ins = false; } ' + ' else ' + ' { $ins = true; } ' + ' ' + ' if ($ins) { ' + ' $sql = "INSERT INTO APPS (FIRSTNM, LASTNM, ..., OFFERCD) VALUES ("; ' + ' $sql+= "\''+firstName+'\',"; ' + ' $sql+= "\''+lastName+'\',"; ' + ' $sql+= "\''+offerCode+'\')"; ' + ' ' + ' /* ... */ ' + ' ' + ' mssql_query($sql, $cn); ' + ' mssql_close($cn); '; execPhp(code); } </pre></code> <p>I wonder who’d kill who if someone saves the <span class="caps">HTML</span> code and changes $sql to <code>DELETE FROM APPS</code>.</p> <p>Via <a href="http://www.thedailywtf.com/forums/68115/ShowPost.aspx">Client-side <span class="caps">PHP</span></a></p> This one is definitely winning my personal contest of worst code piece ever by now:

function saveform()
{
  var firstName = escapeSql(mainForm.elements.txtFirstName.value);
  var lastName = escapeSql(mainForm.elements.txtLastName.value);
  /* ... */
  var offerCode = escapeSql(mainForm.elements.txtOfferCode.value);

  var code =
  '  $cn = mssql_connect($DB_SERVER, $DB_USERNAME, $DB_PASSWORD)           ' +
  '          or die("ERROR: Cannot Connect to $DB_SERVER");                ' +
  '  $db = mssql_select_db($DB_NAME, $cn);                                 ' +
  '                                                                        ' +
  '  if (mssql_query("SELECT 1 FROM APPS WHERE SSN=\''+ssn+'\'", $cn)) ' +
  '  { $ins = false; }                                                     ' +
  '  else                                                                  ' +
  '  { $ins = true; }                                                      ' +
  '                                                                        ' +
  '  if ($ins) {                                                           ' +
  '    $sql = "INSERT INTO APPS (FIRSTNM, LASTNM, ..., OFFERCD) VALUES ("; ' +
  '    $sql+= "\''+firstName+'\',";                                        ' +
  '    $sql+= "\''+lastName+'\',";                                         ' +
  '    $sql+= "\''+offerCode+'\')";                                        ' +
  '                                                                        ' +
  '  /* ... */                                                             ' +
  '                                                                        ' +
  '  mssql_query($sql, $cn);                                               ' +
  '  mssql_close($cn);                                                     ';

  execPhp(code);
}

I wonder who’d kill who if someone saves the HTML code and changes $sql to DELETE FROM APPS.

Via Client-side PHP

]]>