Come they told me, pa rum pum pum pum A new born King to see, pa rum pum pum pum Our finest gifts we bring, pa rum pum pum pum To lay before the King, pa rum pum pum pum, rum pum pum pum, rum pum pum pum,
So to honor Him, pa rum pum pum pum, When we come.
Little Bobby, pa rum pum pum pum I am a poor boy too, pa rum pum pum pum I have no gift to bring, pa rum pum pum pum That’s fit to give the King, pa rum pum pum pum, rum pum pum pum, rum pum pum pum,
Shall I play for you, pa rum pum pum pum, On my unsanitized database inputs?
At the very least I’d try to clean up that fuzzy condition on behavior to anticipate any bad or inconsistent data entry.
WHERE UPPER(TRIM(behavior)) = ‘NICE’
Depending on the possible values in behavior, adding a wildcard or two might be useful but would need to know more about that field to be certain. Personally I’d rather see if there was a methodology using code values or existing indicators instead of a string, but that’s often just wishful thinking.
Edit: Also, why dafuq we doing a select all? What is this, intro to compsci? List out the values you need, ya heathen ;)
Honest question, which ones wouldn’t it work with? Most add a semicolon to the end automatically or have libraries and interfaces saved me a million times?
I’m not sure how including a final semicolon can protect against an injection attack. In fact, the “Bobby Tables” attack specifically adds in a semicolon, to be able to start a new command. If inputs are sanitized, or much better, passed as parameters rather than string concatenated, you should be fine - nothing can be injected, regardless of the semicolon. If you concatenate untrusted strings straight into your query, an injection can be crafted to take advantage, with or without a semicolon.
You need semicolons if it is a script with multiple commands to separate them. It is not needed for a single statement, like you would use in most language libraries.
The only people I know who actually call it ess queue ell are either too new to know the “sequel” pronunciation, or the type of person you generally smell before you see.
Here in Germany everyone I know pronounces the letters individually – as German letters that is, which means the Q is pronounced “coo” rather than “cue”. I don’t mind it, it’s not quite as clunky as in English.
I say ess cue ell for the sake of uniformity because it’s not Mysequel nor Postgresequel and the language changed from Sequel to the acronym SQL in the 70s so not really in the “too new” ballpark anymore.
I think those make sense as deviations. I’ve heard “my sequel” but you’re absolutely right about postgresql.
The name is kinda irrelevant like hard vs soft g in gif. People know what you mean when you say either.
But in that same vein, the creator of the “graphics interchange format” says the pronunciation is soft g, but basically everyone says hard g… So “official” pronunciation is kinda irrelevant.
I don’t judge anyone who uses whichever term they want, but I’ve just noticed the general trend in my smallish interaction bubble.
I’m neither, I refuse to pronounce acronyms if it doesn’t make sense to do so.
Same thing with ‘gooey’ for GUI, except I hate that even more because that straight up elicits feelings of disgust, I don’t want anything gooey anywhere near any electronics
Add comment