December 30, 2017 at 2:46 pm
Lynn Pettis - Saturday, December 30, 2017 2:36 PMEd Wagner - Saturday, December 30, 2017 1:37 PMThom A - Saturday, December 30, 2017 10:25 AMThom A - Saturday, December 30, 2017 8:35 AMAs it stands, this is really a disaster waiting to happen: https://www.sqlservercentral.com/Forums/1914914/using-araylist-in-stored-procReally hope the OP entertains fixing the real problem, and it's fixed, before any one starts looking at their actual question.
And almost some 2 hours later, I wish I had ignored that post. >_<
It looks like you put some real effort into that thread. You gave them something pretty useful, even though I really don't think they understood the first thing about SQL injection. Nice job.
Holy S**t, and I didn't even make it all the way into the OPs initial post.
Yeah, that was some real work, but I don't think the OP understood the danger of what was explained.
December 30, 2017 at 2:51 pm
Ed Wagner - Saturday, December 30, 2017 1:37 PMIt looks like you put some real effort into that thread. You gave them something pretty useful, even though I really don't think they understood the first thing about SQL injection. Nice job.
No, I don't think they did Ed. A real concern, in my opinion as their stored procedure was riff with opportunities for injection.
They clearly, also, don't understand what I've posted, even though I asked them to ask me if they didn't. They've tried to instead switch to a delimited list, or (even worse) a CURSOR. I suppose, yes, a delimited string could work, but I feel a table-value parameter has more control.
Thom~
Excuse my typos and sometimes awful grammar. My fingers work faster than my brain does.
Larnu.uk
January 2, 2018 at 11:48 am
A situation came up today that really has me irked. I work for an IT consulting agency and need to log in weekly to submit my timesheets. I recently lost all of my passwords—I was later able to recover them, and I needed to submit my timesheets and couldn't find any way to recover my lost password. I wrote to my contact telling them that I couldn't log in expecting them to forward me a link to recover my password. Today, I got an email from the IT Support person at the agency with my password. Not a new temporary password; my old password. And he sent unsecured and unencrypted. And there is still no obvious way to change my password.
Drew
J. Drew Allen
Business Intelligence Analyst
Philadelphia, PA
January 2, 2018 at 12:09 pm
drew.allen - Tuesday, January 2, 2018 11:48 AMA situation came up today that really has me irked. I work for an IT consulting agency and need to log in weekly to submit my timesheets. I recently lost all of my passwords—I was later able to recover them, and I needed to submit my timesheets and couldn't find any way to recover my lost password. I wrote to my contact telling them that I couldn't log in expecting them to forward me a link to recover my password. Today, I got an email from the IT Support person at the agency with my password. Not a new temporary password; my old password. And he sent unsecured and unencrypted. And there is still no obvious way to change my password.Drew
GAHHH!
January 2, 2018 at 12:16 pm
SCOPE CHANGE!
My personal "pet project" is self-coding for language skills and demanded immediate updates to its software. Of course, when we tried to implement anti-viral precautions, there were many loud obnoxious alerts and warnings against such updates. But we went ahead and implemented the 2nd major release anyway. It's kinda necessary for the project's future viability, after all. We just spent a few days with said project in semi-meltdown mode. Lots of red-screens (oh, was that face red), as opposed to blue screens. But same effect. We had to do emergency monitoring 24/7.
Finally everything started working as normal. But I'm required to input new sleep mode parameters now as well as adjusting the alert threshold upwards a bit while still searching for the correct language input software.
January 2, 2018 at 12:26 pm
drew.allen - Tuesday, January 2, 2018 11:48 AMA situation came up today that really has me irked. I work for an IT consulting agency and need to log in weekly to submit my timesheets. I recently lost all of my passwords—I was later able to recover them, and I needed to submit my timesheets and couldn't find any way to recover my lost password. I wrote to my contact telling them that I couldn't log in expecting them to forward me a link to recover my password. Today, I got an email from the IT Support person at the agency with my password. Not a new temporary password; my old password. And he sent unsecured and unencrypted. And there is still no obvious way to change my password.Drew
Good luck getting that fixed. And I hope you have different passwords for every service.
January 2, 2018 at 12:27 pm
drew.allen - Tuesday, January 2, 2018 11:48 AMA situation came up today that really has me irked. I work for an IT consulting agency and need to log in weekly to submit my timesheets. I recently lost all of my passwords—I was later able to recover them, and I needed to submit my timesheets and couldn't find any way to recover my lost password. I wrote to my contact telling them that I couldn't log in expecting them to forward me a link to recover my password. Today, I got an email from the IT Support person at the agency with my password. Not a new temporary password; my old password. And he sent unsecured and unencrypted. And there is still no obvious way to change my password.Drew
At least you don't need to memorize a new password. :hehe:
And I thought that I was in a bad situation when I asked to reset my password and they sent the temporary password to my email account which obviously needed the password to be accessed.
January 2, 2018 at 12:36 pm
Steve Jones - SSC Editor - Tuesday, January 2, 2018 12:26 PMdrew.allen - Tuesday, January 2, 2018 11:48 AMA situation came up today that really has me irked. I work for an IT consulting agency and need to log in weekly to submit my timesheets. I recently lost all of my passwords—I was later able to recover them, and I needed to submit my timesheets and couldn't find any way to recover my lost password. I wrote to my contact telling them that I couldn't log in expecting them to forward me a link to recover my password. Today, I got an email from the IT Support person at the agency with my password. Not a new temporary password; my old password. And he sent unsecured and unencrypted. And there is still no obvious way to change my password.Drew
Good luck getting that fixed. And I hope you have different passwords for every service.
I have not quite gotten to the stage of having a different password for every service, but this is the only one that uses this particular password. I only use this site to enter timesheets, and I believe that's the only personal information that is available there.
Drew
J. Drew Allen
Business Intelligence Analyst
Philadelphia, PA
January 2, 2018 at 1:59 pm
drew.allen - Tuesday, January 2, 2018 12:36 PMI have not quite gotten to the stage of having a different password for every service, but this is the only one that uses this particular password. I only use this site to enter timesheets, and I believe that's the only personal information that is available there.Drew
If you don't have a password manager, grab one. I like Password safe as it's on my phone, desktop, etc. through drop box. I always create a new pwd for sites and for critical ones (medical, financial, etc), I reset the passwords as soon as I got the password manager.
January 2, 2018 at 2:42 pm
Steve Jones - SSC Editor - Tuesday, January 2, 2018 1:59 PMdrew.allen - Tuesday, January 2, 2018 12:36 PMI have not quite gotten to the stage of having a different password for every service, but this is the only one that uses this particular password. I only use this site to enter timesheets, and I believe that's the only personal information that is available there.Drew
If you don't have a password manager, grab one. I like Password safe as it's on my phone, desktop, etc. through drop box. I always create a new pwd for sites and for critical ones (medical, financial, etc), I reset the passwords as soon as I got the password manager.
I did have a password manager, but it started behaving erratically. I was unable to sync on my new phone when I got it, and it wiped out the data on my old phone and on the website. I was able to recover data from my desktop version. Plus it kept nagging me to subscribe to the Pro version.
I've abandoned that for another password manager, which I like less.
Drew
J. Drew Allen
Business Intelligence Analyst
Philadelphia, PA
January 2, 2018 at 2:57 pm
drew.allen - Tuesday, January 2, 2018 11:48 AMA situation came up today that really has me irked. I work for an IT consulting agency and need to log in weekly to submit my timesheets. I recently lost all of my passwords—I was later able to recover them, and I needed to submit my timesheets and couldn't find any way to recover my lost password. I wrote to my contact telling them that I couldn't log in expecting them to forward me a link to recover my password. Today, I got an email from the IT Support person at the agency with my password. Not a new temporary password; my old password. And he sent unsecured and unencrypted. And there is still no obvious way to change my password.Drew
Heh... and where does the company store employee and contractor PII? Bet that would be interesting to see, as well.
--Jeff Moden
Change is inevitable... Change for the better is not.
January 2, 2018 at 6:29 pm
drew.allen - Tuesday, January 2, 2018 2:42 PMI did have a password manager, but it started behaving erratically. I was unable to sync on my new phone when I got it, and it wiped out the data on my old phone and on the website. I was able to recover data from my desktop version. Plus it kept nagging me to subscribe to the Pro version.I've abandoned that for another password manager, which I like less.
Drew
Password Safe is free on the desk (OSS) and a small charge for the DropBox sync on iOS/Android. Worth it to me.
January 3, 2018 at 3:17 am
Steve Jones - SSC Editor - Tuesday, January 2, 2018 6:29 PMdrew.allen - Tuesday, January 2, 2018 2:42 PMI did have a password manager, but it started behaving erratically. I was unable to sync on my new phone when I got it, and it wiped out the data on my old phone and on the website. I was able to recover data from my desktop version. Plus it kept nagging me to subscribe to the Pro version.I've abandoned that for another password manager, which I like less.
Drew
Password Safe is free on the desk (OSS) and a small charge for the DropBox sync on iOS/Android. Worth it to me.
I love Password Safe. I need to figure out how to do the DropBox sync on my phone. Is it just a matter of installing (and paying) for the DropBox app?
January 3, 2018 at 3:19 am
Does anyone feel sorry for me yet?
https://weather.com/weather/today/l/USFL0228:1:US
Bridges are supposed to start freezing sometime soon.
January 3, 2018 at 4:52 am
Brandie Tarvin - Wednesday, January 3, 2018 3:19 AMDoes anyone feel sorry for me yet?https://weather.com/weather/today/l/USFL0228:1:US
Bridges are supposed to start freezing sometime soon.
Nope:
https://weather.com/weather/today/l/USMA0429:1:US
"The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood"
- Theodore Roosevelt
Author of:
SQL Server Execution Plans
SQL Server Query Performance Tuning
Viewing 15 posts - 60,826 through 60,840 (of 66,549 total)
You must be logged in to reply to this topic. Login to reply