CodeSOD: Hungry For an Education

, Software Pundits
This post was originally published on this site

The Daily WTF

An anonymous submitter from Hungary reached out with both some bad code, and a story behind it.

Hungary’s school system runs on a software package called KRÉTA. The Sawarim$ hacker group felt that the software was badly designed and left millions of students personal information unprotected- so they hacked in to prove it. The company running the software responded in the worst possible way- by attempting to cover up the breach and pretending nothing ever happened. It’s quite the news story.

The hacking group, not interested in releasing any students’ private information, instead released the C# source code. Our Anonymous submitter reviewed some of that code, and sends us one method from it.

/// <summary> /// Removes all elements that could cause problems with input fields /// To be used with with LoadWithFilter /// </summary> /// <param name=”text”></param> /// <returns></returns> public static string PreventSQLInjection(string dirtytext) { List<string> disallowedtags = new

To read the full article click on the 'post' link at the top.

Date

You May Also Like

A Tapestry of Threads

Error'd: Are You Old Enough to Know Better?

Perfect Uptime

Classic WTF: Working Around, Over and Through the Process

CodeSOD: Constantly Magic

CodeSOD: In House Refactoring

More Posts From: Software Pundits

Error'd: No Time Like the Present

CodeSOD: Don't Date Me

CodeSOD: Expressing a Leak

Representative Line: Broken Up With

COGNOS: Fast, Private & On-Demand Answers for Business Operations

CodeSOD: Where is the Validation At?