Learn More
Resend Email
70
Worst legacy code experience?
Week 58 Group Rant
kurtr
8y

If you thought your legacy code was bad, this is what I'm dealing with. The below SQL is stored in a cookie on login and executed to on every further request to determine the user / privileges.

undefined

legacy code

wk58

sql injection

bad cookie
Favorite
Ranter
Comments
  • 1
    8y
    Oh.....wow
  • 31
    8y
    Now that's a unique approach that shows thinking outside the box. Too bad it's so stupid.
  • 16
    8y
    Oh.. That's cute.
    Now kill it, with napalm.
  • 1
    8y
    Wow. What the actual fuck! 😆
  • 5
    8y
    That could be fun, cookies can be changed clientside so i hope there is some sanity checks in place.
  • 7
    8y
    Sweet baby jesus 😱

    You guys are gonna getting hacked as fuck!
  • 12
    8y
    @ItsNotMyFault No checks - also has public registration and the db user is admin with full privileges.
  • 1
    8y
    Wait... what????!?!
  • 9
    8y
    Never have I thought that someone DESERVES to have all their tables dropped.
  • 1
    8y
    @Fydrenak one can hope the connected user is at least not privileged enough..
  • 0
    8y
    I'm impressed... that's a very creative way to fuck things up
  • 1
    8y
    @lotd user? You mean that thing that says 'root'?
  • 1
    8y
    @ocab19 don't see it in that picture.

    But yeah, it wouldn't surprise me if the database is connected on root...
  • 0
    8y
    Maybe the developer who wrote that code, didn't get paid or the client was shit.
  • 1
    8y
    @pajaja Times like these you'd kill for a box. ;)
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment