|
I get an email whenever there's an error on my webapps. We recently initiated a service to do Red-Siren testing; e.g., testing for any security issues.
Got an error message today.
Of most interest, and danged funny at that, is the unedited, verbatim "Error Message" from Microsoft's lovely .NET Framework ... (emphasis added)
URL: https : / / www.RedactedWebSite.com /SomeWebApp/ThatLoginPage.aspx?ReturnUrl=%2fSomeWebApp%2fDefault.aspx%3faction%3dppr&action=ppr%3CScript%20%3Ealert(%22HelloSIG%22)%3C/Script%3E
Error Date: [redacted]
Error Message: A potentially dangerous Request.QueryString value was
detected from the client (action="ppr<Script >alert("Hell..."
Albeit a little late (going on 7+ years of .NET programming...), thanks for the warning Microsoft!
|
|
|
|
|
Message Closed
modified 4-Oct-12 18:55pm.
|
|
|
|
|
void ReadTheAbovePost(object sender, EventArgs e)
{
if (theObvious(ThankYouForPointingOutTheObvoius, "Thank You For Pointing Out The Obvious."))
return;
}
bool theObvious(bool condition, string cluedIn)
{
if (condition) { MessageBox.Show(cluedIn, "Thx");
return condition;
}
|
|
|
|
|
override bool theObvious(bool condition, string cluedIn)
{
if (condition)
MessageBox.Show(cluedIn, "Thx");
else
{
}
return condition;
}
|
|
|
|
|
CS007: theObvious cannot be overridden; theObvious is not virtual; theObvious is private.
|
|
|
|
|
|
I encountered one once that amused me so much I taped a screenshot of it on my office door. It consisted of nothing but an exclamation point icon and the two words:
"Catastrophic Failure"
|
|
|
|
|
Well, it can't be clearer, Everything is wrong! time to run like a headless chicken!
|
|
|
|
|
My favourite from Microsoft has to be
"There has been an error"
I've also seen reports of one thats just a blank dialog box without even an OK button to make it go away!
|
|
|
|
|
I once got an error message from a 3rd party component:
"Don't know what to do"
Seriously?!
|
|
|
|
|
This is easy. I am staring at (VB.NET):
A call to PInvoke function 'exam123-DB!exam123.Exam123F::Sleep' has unbalanced the stack. This is likely because the managed PInvoke signature does not match the unmanaged target signature. Check that the calling convention and parameters of the PInvoke signature match the target unmanaged signature.
|
|
|
|
|
That's a perfectly reasonable error message:
- It's aimed at developers, so it can assume you'll know, or be able to find out, what managed, unmanaged and PInvoke mean;
- It tells you what's wrong; (your PInvoke method signature)
- It tells you where the problem is; (the import of exam123-DB!exam123.Exam123F::Sleep)
- It tells you how to fix it; (correct the signature)
It can't do much more for you, since unmanaged methods don't have enough metadata for the compiler to tell you what the correct signature should be.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Biggest error I ever seen is "Your Windows is successfully installed". Yes, it was MY fault. )
|
|
|
|
|
Have you considered fixing yourself?
|
|
|
|
|
Tried many times - with OS/2, Linux, FreeBSD, QNX... hell knows how I hate ugly Windows but still have to use it. Now I'm developer, hooked on .NET;
|
|
|
|
|
I personally really hate the error GDI throws whenever anything goes wrong.
"A generic error has occured in GDI+".
Like, 'You don't say' much?
|
|
|
|
|
"Nullable object must have a value"
No further comment required.
|
|
|
|
|
Must have been written by a developer after checking his bank account
|
|
|
|
|
In many database solutions folk tend to use tables with one to many relationships in order to hierarchal data where as the following achieves the same.
ID - Field1 - Field2 - ParentID
1 x y 0
2 xx yy 1
3 rr r 1
4 pr p 2
modified 3-Oct-12 12:25pm.
|
|
|
|
|
I won't downvote you for this but it is entirely the wrong place to post your code. If you really want to post this turn it into an article.
I would remove it rather quickly if I were you, before it does get downvoted and obliterated.
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
Please remove Thread
Regards
|
|
|
|
|
I don't have the power to do that I'm afraid.
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
Top of Page: The Weird and The Wonderful forum is a place to post Coding Horrors, Worst Practices, and the occasional flash of brilliance.
I'm guessing the OP thinks this is a brilliant data structure (though I don't agree).
|
|
|
|
|
To be fair he is a n00b and the original post had much more code (not that it was any more insightful but we all have to learn, somehow).
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
The illustrated structure is not the normal approach to db design and not tought to everyone, It wasn't in my day. But is now given in some hard back publications, for the intermediate skilled person, as an example of how to use a database to run the .net menu control.
Some folk prefer to code XML files to run the .net menu controls, but others prefer a database. Thus allowing one to standardise on using datbases for everything rather than a mix of db and xml on a website.
The structure is also great for managing lists as one does not need one table for the list name and one for the list items, less overhead
For example it is great for the storage of dropdown list values as one can basically use the same sql for all dropdown controls - just passing a different 'ParentID' to get a different data set for the control.
This simplifies life in some areas when buildiong a N-Tier Application -
Select field1, field2 From table Where ParentID = @ParentID
is all you would ever need to code against/use to retrieve any list!
It all boils down to preference, what you need to do and how you have been tought!
The structure is not for everyone and everyone should always use what they are happiest using.
Happy coding
|
|
|
|