On Wed, Jun 22, 2011 at 6:58 PM, Jeff Johnson <[email protected]> wrote: > I tell my customers "I don't do web apps" I can't afford the security > issues and all of my customers are small businesses and they are very > happy with my approach. I don't know if they will ever solve the > Internet security issues. Until then, we are shipping safe applications > for small businesses. -------------
You "can't afford the security issues"? I read that as "I am not going to change the way I do things because you want to use that hoaky internet thingy." Sony made amateur mistakes and hackers took advantage of them. Just read what they did wrong and DON'T DO THAT. Granted VFP program design is 95% prone to sql injection. You combine text to form the command and you execute that generated statement. Poof SQL Injection is going to be difficult to stop. Now your statement Safe Applications I have to say rings a warning bell. could someone inside the organization take down your system? An employee who is leaving add a segment of text to a search that drops a table? What if they put in your ending text marker and the words use customers exclu; zap ? If you used non dbf tables for storage just change the syntax to fit the back end? That is not safe at all is it? -- Stephen Russell Unified Health Services 60 Germantown Court Suite 220 Cordova, TN 38018 Telephone: 888.510.2667 901.246-0159 cell _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
