Difference between revisions of "Little Bobby Tables"
Karl Jones (Talk | contribs) (→SQL statement) |
Karl Jones (Talk | contribs) |
||
| Line 2: | Line 2: | ||
The character represents a [[cautionary tale]] about the importance of [[sanitizing user inputs]], in this case against [[SQL injection]] attacks. | The character represents a [[cautionary tale]] about the importance of [[sanitizing user inputs]], in this case against [[SQL injection]] attacks. | ||
| + | |||
| + | == Image == | ||
| + | |||
| + | (TO DO: image.) | ||
== Dialog == | == Dialog == | ||
Revision as of 09:11, 14 September 2015
Little Bobby Tables is the nickname of a character from xkcd, a webcomic by Randall Munroe.
The character represents a cautionary tale about the importance of sanitizing user inputs, in this case against SQL injection attacks.
Contents
Image
(TO DO: image.)
Dialog
School: Hi, this is your son's school. We're having some computer trouble.
Mom: Oh, dear -- Did he break something?
School: In a way. Did you really name your son Robert'); DROP TABLE Students;--?
Mom: Oh. Yes. Little Bobby Tables we call him.
School: Well, we've lost this year's student records. I hope you're happy.
Mom: And I hope you've learned to sanitize your database inputs.
Full name
Robert'); DROP TABLE Students;--?
Results of SQL statement
In the comic, the school has entered Robert'); DROP TABLE Students;--? into the database, resulting in the deletion of all students records.
Sanitize your inputs
It's worth repeating several times: sanitize your database inputs.
More generally: sanitize all your inputs, whatever the purpose.
See also
External links
- Exploits of a Mom - "Little Bobby Tables"
- xkcd
