- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
It reflects pretty well the sad state of IT recruitment. Bounty-driven recruitment agencies are the industry's number one plague.
People who don't understand a thing about IT are making decisions on who gets through these screening processes.
You end up as a candidate with your CV not even reaching employers that have positions that fit you perfectly because "you're missing one keyword". And as a company you end up receiving people for interviews that don't fit your profile at all, but that made it through the net by bloating their CVs with exagerations.
It's so revealing when "head hunters" call you for a position. During the part of the conversation that makes you look like the ideal candidate you can hear the "sweet, I'm getting my $1000 bounty today" tone of voice. But as soon as you don't tick one of their key points you're treated as a second-class citizen and you never hear from them again.
I loathe incompetent recruitment agencies.
Admin
SQL Injection is very serious and I certainly wouldn't have dismissed the candidate but I'd make a note to have a talk with him about the issue just in case he wasn't familiar with the threat. But if they thought he copied his answer or it was just to "ingenius" for him to come up with on his own then the guy is way better off for ignoring such an ignorant company. Probably a spam agency, porn site or viagra dealership. lol.
Jeff
Admin
Once in an interview I was actually asked to define what string concatenation was and I laughed out loud. Once I contained myself, I asked if they were really serious about that question and they responded that they were. Of course I answered and after getting the job, one of the interviewers said that my disbelief about something so simple was exactly what they were looking for.
As a side note, that also was the interview that I went through half of with my fly open. Thankfully they didn't notice and I was able to discretely zip up while pulled up to the table.
Ahhh, memories.
Admin
All stuff i know
but i can't answer questions that well thought thru claps
My answer would have been along the lines of "joining two strings togheter" like "hello" + "World"
lol
Admin
Fuck Yeah
Admin
Hahaha, i knew that he will be rejected. To complicated answer.
Admin
Plagerizing is a valuable talent. At least twenty percent, if not more, of any code i produced has been lifted from earlier work or the internet. If a company is big on paying for wheel reinvention, you have to wonder about the company.
Admin
its a good job.! [image]
Admin
Around 0.83E^-10 Newton.
Admin
I can honestly say I'm shocked, "They think you plagiarized it. I'm sorry." - they've got no definite proof - but I think Peter's better off without that company!
Admin
...I honestly can't think how I'd make a script work without dyanamically driven data. I'm not a professional (I.E. I don't get paid), so perhaps that's it.
But why don't you think before you say something like that? Can't you sanitize the data before putting into the query? I know I can.
Admin
Can I say Insert spiffy new string lingo? Insert spiffy explanation while laying on the sarcasm so that the previous poster feels studpid
Admin
Well perhaps if he had explained the uses more in the context of "how he had used it in the past", it would dispel suspicions that he just plagerised it...
Admin
Hello! I want to inform you about new interesting project.
"DesireFotos" is intended for processing digital photos in accordance with your wishes. This is initiative of professionals with wide experience in photography and related activities. You can use "DesireFotos" to make your photos qualitative. Do you think there is nothing to improve in your photos? It's not so!
Go to www.desirefotos.com and make sure ourselves.
If you want to have really good photos, this service for you!
Admin
Good answer but your query is open to sql injection.
Admin
The answer is not open to SQL injection. It's concatenating in a server-side variable, and there's no reason to assume user ids can be be arbitrary strings.
Admin
My way of preventing sql injection, is to prevent the ' and " of even making it to the query! e.g: Say your db table looks like this: +----+------+ |USER|PASSWD| +----+------+ |JOE |<sha2>| |JOHN|<sha2>| +----+------+
(replace <sha2> with an sha2 hash of their password) In books they tell you to do it this way (my sql is a little rusty, forgive me for that):
$sql = "SELECT USER FROM USERS WHERE PASSWD=SHA2('$password') and USER='$username';";While i usualy do (the table has an added column containing an sha2 hash of the username called HASHUSER):
$hashuser = sha2($username); //this is php, sha2 is an function which i'm not feeling the need for to discuss (it's pretty obvious) $hashpass = sha2($password); $sql = "SELECT USER FROM USERS WHERE PASSWD='$hashpass' AND HASHUSER='$hashuser';"; //process the sql and split the columns in arrays (1 column per array, the array contains the resulting rows), in this case this results in 1 array containing the column USER and the entry's are the items sorted by row if ($result_USER[0] == $username /*and some other login logic (user priv's, already logged in?, etc)*/) { //do stuff because we're logged in!!! } else { //do stuff when login fails }See? No bad chars make it to the sql query, only sha2 hashes. And as double safety, the input username has to match the unencrypted one retreived by the query (so collisions are also taken care of). That and other custom (as in: case specific) logic make logins secure (that and a good ssl connection, verified before even attempting an login of showing a loginbox).
Admin
Totally agree with your suggestion... Very nice post and good information here... Thanks for posting that....
http://teavdrama.com/
Admin
https://cialiswithdapoxetine.com/ cialis coupon
Admin
very nice
Addendum 2022-10-23 22:40: There are many obstacles to face in order to find a good job. My primary issue was that people kept ignoring my résumé because it wasn't impressive enough. After numerous failures, I made the decision to employ a recommendation letter writer . Because my cover letter was flawless and I finally landed my ideal job, I'm quite happy.
Admin
Dude, just for you. I don't know what you would do without my help, but I know how easy it is for you to write your essay on this film. Just collect the material and go to https://www.nursingpaper.com/our-services/nursing-essay-writing-service/ . There are so professional writers that they take on any topics that customers only require.
Addendum 2022-12-12 11:04: 1
Addendum 2022-12-12 11:05: https://www.nursingpaper.com/our-services/nursing-essay-writing-service/
Admin
prednisone daily: http://prednisone1st.store/# generic prednisone for sale
Admin
Hello. Tired of looking for a reliable and trusted casino? You don't have to look anymore, because I recommend you to visit the official website of Slots City Casino https://slotscity.ua/ . This casino has won the hearts of most gamblers because of its game variety, as you can enjoy a variety of games such as poker, roulette and slots. Everyone will find their favourite game here, which will bring big wins and fun.
Admin
so dope
Addendum 2024-05-26 22:41: I discovered an extensive review on the website about Astropay casinos. The page covered the benefits of using Astropay for casino transactions, including security, speed, and ease of use. It also listed some of the top casinos that accept Astropay. The detailed information helped me decide to use this payment method for a smoother gambling experience you can try Topcasinosreviews out . Anyone considering Astropay should definitely check out this review