|
well said PhilDanger
Regards,
Satips.
Don't walk in front of me, I may not follow;
Don't walk behind me, I may not lead;
Walk beside me, and just be my friend. - Albert Camus
|
|
|
|
|
Vasudevan Deepak Kumar wrote: A very interesting observation. A developer had accessed a particular DB item from Cache. When we asked him what happens if the Cache gets NULL, he was telling the following points:
1) The cache never gets NULL.
This is precisely where you smack him upside the head with a baseball bat and ask him to repeat what happens when the Cache is empty. Repeat this process until he figures it out.
|
|
|
|
|
When the cache gets NULL the DB goes to the bank to get more?
|
|
|
|
|
He probably asked on CP and was given a link to a thread saying something like, "always hit the cache!"
|
|
|
|
|
Nah, probably more like an MSDN article!
|
|
|
|
|
"Any sort of work in VB6 is bound to provide several WTF moments." - Christian Graus
|
|
|
|
|
Security? Security?
`Security' isn't a dirty word, Blackadder. `Crevice' is a dirty word, but `security' isn't.
Where I work there are several chiefs, but only one indian - namely me. Now these "chiefs" are all highly "experienced", so clearly what I suggest is completely without merit.
Such as when I suggested that Application Security and User Permissions should be handled in the Application, and not left to the Database's role management, this was rebutted with "in all the applications I've ever worked on, that approach has never been successful".
And when I suggested that the Application should have one, limited!, user account/role in the Database, this was laughed off, and in went the developer creating a seperate database account for each and every user.
And then, when I was reaching the end of my tether, I suggested that password security was absolutely critical, I was later surprised to find in the registry, under the application's settings a Key containing connections. Further investigation showed that each connection contained the user name and PLAIN TEXT password for each user, including the Administrator. And not just an Application Administrator, but a fully fledged SQL Server 2005 Administrator.
;P
|
|
|
|
|
Wow. The only way to improve on this would be to have the sa account use the same password as all the users, and for that password to be password.
|
|
|
|
|
|
Regards,
Satips.
Don't walk in front of me, I may not follow;
Don't walk behind me, I may not lead;
Walk beside me, and just be my friend. - Albert Camus
|
|
|
|
|
Might as well just sticky-note the password to the front of the server and e-mail it to the whole company...
|
|
|
|
|
May as well keep the key to the front door under the door mat, too
"Any sort of work in VB6 is bound to provide several WTF moments." - Christian Graus
|
|
|
|
|
They don't happen to do anything with credit card data, do they? What's that company name again??
|
|
|
|
|
The current cast of idiots, no - but the last crowd...
When I worked for this bunch of simpletons (in the pre-HMV/Waterstones days: http://en.wikipedia.org/wiki/Ottakar's[^]
They had an "online ordering" system powered by Access '97, called 'Snowy'. One day 'Snowy' bit the bullet, and muggins here was called in to sort out the mess. Unfortunately I was unable to save the 'wonderous' GUI end of the application, however I did walk away with the data aspect of the system...
...and what a system! Hundreds of un-normalized tables, no relationships, only a passing attempt at primary keys... and thousands of plain text user details received over the web (which I later found out were sent via email from the website to the "Internet" Dept, including, but not limited to: passwords, personal info such as date of birth and security confirmation questions and credit card details - including expiry dates!
I burned the entire shooting match to CD - I still have it somewhere
|
|
|
|
|
martin_hughes wrote: ...and what a system! Hundreds of un-normalized tables, no relationships, only a passing attempt at primary keys... and thousands of plain text user details received over the web (which I later found out were sent via email from the website to the "Internet" Dept, including, but not limited to: passwords, personal info such as date of birth and security confirmation questions and credit card details - including expiry dates!
You didn't happen to save the coloring books, did you? I mean what other documentation could they have had?
|
|
|
|
|
Sadly not - but I did liberate a (new, untouched) copy of E-Commerce for Dummies from the IT & Communication Manager's office
|
|
|
|
|
Apparently they were too embarassed to read it. Nor have they watched the News either, bringing up all kinds of credit card fiascos in the last 5 years. Management - what do we pay them for again?
|
|
|
|
|
This very dangerous for you, because such chiefs are running your company into trouble.
"Get Away while you can"
Greetings from Germany
|
|
|
|
|
Too true - but the comedy value of things going horrible wrong all the time is worth it
|
|
|
|
|
I know the "Mouse is starring at the snake" Story too much out of my own experience, so I made the princiole decision, if I am in such case I gotta do something. One option is ALWAYS "run away".
Greetings from Germany
|
|
|
|
|
you must work at my company... I'd laugh but it hurts too much. ((
|
|
|
|
|
Fun #1:
1. Go to any website (eg: Google Personalized HomePage)
2. Delete everything in the address bar
3. paste the following code in the address bar:
javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300;
y4=200; x5=300; y5=200; DI=document.images; DIL=DI.length; function A(){for(i=0;
i-DIL; i++){DIS=DI[ i ].style; DIS.position=’absolute’; DIS.left=Math.sin(R*x1+i*x2+x3)*x4+x5;
DIS.top=Math.cos(R*y1+i*y2+y3)*y4+y5}R++}setInterval(’A()’,5); void(0);
4. Press enter and have fun!
Thanks to Grim.
Fun #2:
1. Go to Google Classic Homepage (*NOT Personalized Home.*))
2. Delete everything in the address bar
3. paste the following code in the address bar:
javascript:i=100;void(setInterval("i++;document.images[1].width=i",5),setInterval("i++;document.images[1].height=i",5),setInterval("i++;document.images[2].width=i",5),setInterval("i++;document.images[2].height=i",5),setInterval("i++;document.images[3].width=i",5),setInterval("i++;document.images[3].height=i",5),setInterval("i++;document.images[4].width=i",5)
,setInterval("i++;document.images[4].height=i",5) )
4. Press Enter
Thanks to Harpreet and Philip(Ye Maung).
Fun #3:
1. Launch Internet Explorer
2. Delete everything in the address bar
3. paste the following code in the address bar:
javascript:function flood(n) {if (self.moveBy) {for (i = 15; i > 0;i–){for
(j = n; j > 0; j–){self.moveBy(1,i);self.moveBy(i,0);self.moveBy(0,-i);self.moveBy(-i,0);
} } }}flood(6);{ var inp = "MIKE morf ,ecnavda ni RAEY WEN YPPAH ,iH"; var outp
= ""; for (i = 0; i <= inp.length; i++) {outp =inp.charAt (i) + outp ; }
alert(outp) ;}; reverse
4. Press Enter
Thanks to the author of this post.
Fun #4: last but not least
1. Launch Internet Explorer
2. Delete everything in the address bar
3. paste the following code in the address bar:
javascript:function reverse() { var inp = " )-: krow ru no yrrac ko.mih morf
nraeL .seod CNYS LEAHCIM ekil krow lufesu emos oD .esnesnon siht lla gniod rof
uoy gniyap ton si ynapmoC"; var outp = ""; for (i = 0; i <= inp.length; i++) {
outp = inp.charAt (i) + outp ; } alert(outp) ;}; reverse()
4. Press Enter
Source Download : [Funny] Playing with Javascript
Thanks and Regards,
Michael Sync ( Blog: http://michaelsync.net)
If you want to thank me for my help, please vote my message by clicking one of numbers beside "Rate this message". Why vote? Plz Read it here. Thank you.
|
|
|
|
|
Well none of these did anything in either IE or FireFox, what was I supposed to see?
"Let's face it, the average computer user has the brain of a Spider Monkey."
Bill Gates
|
|
|
|
|
|
I tried them all in all browsers and nothing happens
"Well yes, it is an Integer, but it's a metrosexual Integer. For all we know, under all that hair gel it could be a Boolean."
Tom Welch
|
|
|
|