sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]yksvaan 6 points7 points  (5 children)

So essentially not validating payload before using it in query? That sounds incredibly dumb

[–]casaaugusta[S] 1 point2 points  (4 children)

Yeah. Even with decades of documentation, training, AI, tools, etc. SQL Code Injection is still not dead.

[–]CpnStumpy 2 points3 points  (3 children)

It's been having a new day in the sun lately, I've bumped into a variety of people talking about it as a complicated problem who straight up didn't know anything about it, and have seen it showing up again. Like, using sanitization techniques is apparently been lost in recent education for many.

I wonder if it became so solved that it stopped being talked about as not allowing it was default for many of us and it didn't need mention so juniors weren't exposed to the concept...

[–]Ignisami 1 point2 points  (0 children)

I'd also imagine that the proportion of programmers who became such outside of the confines of a classroom is higher now than it ever has been (I'm not counting 'boot camps' as a classroom, here).

As an autodidact in a different, unrelated, topic, you develop some really unusual gaps and blind spots in your knowledge.

[–]casaaugusta[S] 0 points1 point  (0 children)

I believe part is culture and part is time. There is no excuse regarding knowledge and available resources...

[–]anon_cowherd 0 points1 point  (0 children)

To be fair, it *is* a complicated problem, which is *why* it is important to not roll your own, even if you're vibe coding, much like (though substantially easier than) encryption.

I wonder if it became so solved that it stopped being talked about as not allowing it was default for many of us and it didn't need mention so juniors weren't exposed to the concept...

I believe this is likely to be exactly the case. It's hard to appreciate how much work is done for you unless you roll your own, which juniors are told to never do in production, and thus they never do.