Difference between revisions of "Little Bobby Tables"
Karl Jones (Talk | contribs) (→Sanitize your inputs) |
Karl Jones (Talk | contribs) (→External links) |
||
Line 52: | Line 52: | ||
* [https://www.google.com/#q=Little+Bobby+Tables Google search] "Little Bobby Tables" | * [https://www.google.com/#q=Little+Bobby+Tables Google search] "Little Bobby Tables" | ||
* [http://stackoverflow.com/questions/332365/how-does-the-sql-injection-from-the-bobby-tables-xkcd-comic-work How does the SQL injection from the “Bobby Tables” XKCD comic work?] @ Stack Overflow | * [http://stackoverflow.com/questions/332365/how-does-the-sql-injection-from-the-bobby-tables-xkcd-comic-work How does the SQL injection from the “Bobby Tables” XKCD comic work?] @ Stack Overflow | ||
+ | |||
+ | [[Category:Comics]] | ||
+ | [[Category:Computer security]] | ||
+ | [[Category:Computing]] | ||
+ | [[Category:Databases]] |
Latest revision as of 14:54, 24 April 2016
Little Bobby Tables is the nickname of a character from xkcd, a webcomic by Randall Munroe.
The character represents a cautionary tale about the importance of sanitizing user inputs, in this case against SQL injection attacks.
Contents
Image
Source: Exploits of a Mom
Dialog
School: Hi, this is your son's school. We're having some computer trouble.
Mom: Oh, dear -- Did he break something?
School: In a way. Did you really name your son Robert'); DROP TABLE Students; --?
Mom: Oh. Yes. Little Bobby Tables we call him.
School: Well, we've lost this year's student records. I hope you're happy.
Mom: And I hope you've learned to sanitize your database inputs.
Full name
Robert'); DROP TABLE Students;
Results of SQL statement
In the comic, the school has entered Robert'); DROP TABLE Students;
into the database, resulting in the deletion of all student records.
Sanitize your inputs
It's worth repeating several times: sanitize your database inputs.
Other kinds of inputs exist, requiring their own security techniques.
Sanitize all your inputs, whatever the purpose.
See also
External links
- Exploits of a Mom - Official website
- xkcd @ Wikipedia
- Google search "Little Bobby Tables"
- How does the SQL injection from the “Bobby Tables” XKCD comic work? @ Stack Overflow