156

A while ago I encountered this atrocity

Comments
  • 18
    Please, tag this as “horror”.
  • 21
    When I see this stuff, I go into inspect element, and add an option with the value "123'; DROP TABLE users;--".

    When lame UI developers rely on such methods to restrict the input, it's most likely that it doesn't get validated on the server. They think they just can't get any other values than there are in the options.

    It even worked with PayPal (YEARS ago), where I could register a card from a country that was not supported.
  • 4
    I had to give the sql injection lesson to my colleague after showing him this and he didn't get it.
  • 1
    I saw something like this on Reddit
  • 2
    Ahhh! My eyes!!
  • 1
    Oh that's nasty
  • 1
    Day by day we are getting away.... From god
  • 7
    Burn it, before it lays eggs!
  • 1
    I've seen worse but I don't have a link on my phone. Okay Devrant; set a reminder, in 8 hours post link to post related to rant.
  • 10
    Manager: I want you to create a form for our registration page.

    Wordpress developer: *Sweaty palms, nervous as fuck* Ya okay.

    *Knows only how to put dropdown menus*

    WD: Its done and deployed.

    Manager: Let me see.
    .
    .
    .
    .
    Manager: WHAT DA FUCKKKKKK.! YOU ARE FIRED.! But also let this be on production.
  • 5
    Don't phone numbers differ in length, too?
    I mean it's not only horrible ux, it is just fucking wrong.😁
  • 1
    How can we make this more complicated? ... Hmm ... Well, ... We could add checkboxes for every drop-down list to put them on and off. And at every selection changed event
    for(i = 0; i < 10; i++)
    {
    alert("Are you sure?");
    }
  • 0
    I've just noticed the asterisk. Apparently you're forced to use the fucker.
  • 1
    Very smart UI design.
    Strong typing without actually typing.
    Prevents needless validation checks, avoids clunky regex matching. Increases input speed.
    Everybody knows that mouse is better than the old keyboard.
    Touch screen is even better than mouse.

    All in all best way to get user input.
  • 1
    @Noob "Increases input speed" Are you joking? The only thing taking more time would be to draw the chars with pixels.
  • 1
    Or have a drop-down list with all possible phone numbers 8)
  • 1
    In times like this I'm glad that I can `tab` and then type the numbers in
  • 1
    Thank god there are no negatives.
  • 0
    @FunkDelegate I find it better to you voice commands.
  • 0
    @Noob Those are fast I suppose. I don't use it myself. Mainly because I have no mic connected to my pc.

    For some reason, there's some resistance in Belgium to use Alexia and the like. I don't know why. Maybe because it's only available in English.
  • 1
    @FunkDelegate Well, first of all I was indeed kidding.
    Secondly Alexa sends tons of private information to her servers. And for what she offers - that's not a worthy sacrifice :)
  • 1
    That's just wrong on so many levels.
    Hey at least it's not a +1 button to reach your number, could always be worse I guess
  • 0
    @AndSoWeCode I don't think so.... Adding a SQL commands using inspect element would create an option, but depends on how php code is written.
    If I had created such design (good forbid) my php would've thrown error for can't add a string and a number.
    I think so.......
  • 1
    @VTCoder the thing is that I've seen more people relying on front-end to do the whole validation and data format restriction, than it's acceptable. Dude, it worked for Paypal! Not the SQL injection, but the fooling of the validator.

    The common criteria is whether you see an option box where it shouldn't be, it's usually accompanied by shitty validation.
  • 0
    Oh sweet Lord Jesus!
  • 0
  • 1
    Meanwhile in a world without keyboards.
Add Comment