| « LOGON.EXE | Superhero Wanted » |
While wading through hundreds of disallowed implicit casts and such from turning option strict on for a large project, Tevildo came across this little gem.
Sort of like Visual Studio's comment tasks except potentially visible to the user. Who knows, it might actually get attended to if a user reports it as a bug.
Public ReadOnly Property EntityTypeDescription As String Get 'DAVE: I edited this as I don't think its needed any more. Let me know if you disagree. 'If Me.EntityTypeLUT IsNot Nothing Then ' Return Me.EntityTypeLUT.Description 'End If Return "Need to fix this" End Get End Property
No word on who "Dave" is though.
Also, Chris was looking at some code left by a recently departed colleague. He wrote, "I never had a great deal of confidence in his coding ability, so the SQL injection vulnerabilities aren't a great surprise, but I had though he would have known of the existence of the OR operator."
String searchString="select * from ProjectAndTask_view"; if (searchWhere !=""){ searchString=searchString + " where ProjectCode like '" + searchWhere + "%' union " ; searchString=searchString + "select * from ProjectAndTask_view where ProjectDesc like '" + searchWhere + "%' union " ; searchString=searchString + "select * from ProjectAndTask_view where TaskCode like '" + searchWhere + "%' union " ; searchString=searchString + "select * from ProjectAndTask_view where TaskDesc like '" + searchWhere + "%'" ; } searchString = searchString + " ORDER BY sortval";
Finally, I'm in the same boat with Daniel Thomson - regex scares me a little, OK, a lot actually. But I don't mind using fairly simple regex in my code. It's tidy and saves processing power. He came across this in a website that he's currently maintaining, still not sure what the num variable is for. Better safe than sorry I guess.
function checkAlpha(sStr) { var alpha = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; var num = '0123456789'; var Char; var isChar = true; for (var i=0;(i<sStr.length) && (isChar==true);i++) { Char = sStr.charAt(i); if (alpha.indexOf(Char)==-1) { isChar=false; } } return isChar; } //end function
I'm sorry, Dave. I'm afraid I can't do that. |
|
The problem with regexen is a lot like the problem with library functions: you can never be entirely sure what they're doing. So, in cases like this where the results are important, it is safest to write your own.
|
|
Actually, here UNION is the same as OR, but in the MySQL point of view, presents a better performance ;)
|
var isChar = true; Obvious WTF apart, I really HATE it when people state things in their code that are just not true. Do you know it's a Char? NO, not yet. So don't freaking set "isChar" to true! Make your checks, use whatever temporal variables you need, but for god's sake, don't name them "isChar" like it was the actual result... like it IS the actual result, and then you get on and on checking it on each iteration of the loop... WTF! Oh, right, you have to be able to break out of the look somehow. Let me guess, maybe "break" would work? Maybe setting the counter out-of-bounds so the loop condition is no longer met? But oh no, you had to use "isChar", the freaking result variable, to break out of the loop. Give me a break. |
| « LOGON.EXE | Superhero Wanted » |
