I was shocked to find a weakness in my authentication library today. It was possible to get around the password check if you knew the username. All you had to do was to enter 00 as the password. Or you just entered 00 as the username too and you got authenticated as the first user.
(more…)
Archive for the ‘Database’ Category
MySQL comparison catch: ‘abc’ = 00
Monday, May 25th, 2009How to deal with IMMUTABLE error in indexes that work with timestamps
Wednesday, March 19th, 2008Say that in an older version of PostgreSQL you had an index like this:
-
span class=”st0″>’day’
and now after upgrading to 8.1+ you’re getting:
ERROR: functions in index expression must be marked IMMUTABLE