|
Comments on Articles
Monday, June 01, 2009
'Careers in Open Source'
I have been reading PCQuest since I was in 10th grade. But seriously, this
article completely blew me off, as if it's my story. Anyways, thanks for the
insights. This article really helped me to focus on my career more clearly.
PCQuest always rocks.
Neeraj Kumar on pcquest.com
Thanks for those encouraging words. We will try our best to continue the
movement
Editor
'Careers in Software Testing'
Detailed focus is needed in building the career as well! Today, many of the
testers only think of test execution tools but are yet to explore how test
design/data tools like TestersDesk.com can accelerate and enable more value
delivery in the services that they perform for their clients. Thanks and look
forward for more coverage on software testing from you.
Ashwin Palaparth on PCQ forums
'Securing apps against SQL injection', Feb 09, Pg No 89
Avoiding or Replacing the single quote in the webform would also handle these
simple SQL injection, right?
Vasanth on PCQ forums
You are right. The injection I was doing in the article was very simple. In
addition to the single quote, other characters you should be careful about would
be two dashes (the hacker would try to insert comments in your code and try to
figure reasons behind various responses), EXEC, sp_, xp_ and UNION. The
challenge however is there is no 'fool proof' way to prevent all possible types
of injection. At the end of the day it is a battle of wits between them and us!
Amaresh Patnaik, PCQ Contributor
Page(s) 1
|
Print
Comment
Email
Digg
Del.icio.us
Reddit
Twitter
