Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
When I see this stuff, I go into inspect element, and add an option with the value "123'; DROP TABLE users;--".
When lame UI developers rely on such methods to restrict the input, it's most likely that it doesn't get validated on the server. They think they just can't get any other values than there are in the options.
It even worked with PayPal (YEARS ago), where I could register a card from a country that was not supported. -
I had to give the sql injection lesson to my colleague after showing him this and he didn't get it.
-
I've seen worse but I don't have a link on my phone. Okay Devrant; set a reminder, in 8 hours post link to post related to rant.
-
Manager: I want you to create a form for our registration page.
Wordpress developer: *Sweaty palms, nervous as fuck* Ya okay.
*Knows only how to put dropdown menus*
WD: Its done and deployed.
Manager: Let me see.
.
.
.
.
Manager: WHAT DA FUCKKKKKK.! YOU ARE FIRED.! But also let this be on production. -
Don't phone numbers differ in length, too?
I mean it's not only horrible ux, it is just fucking wrong.😁 -
How can we make this more complicated? ... Hmm ... Well, ... We could add checkboxes for every drop-down list to put them on and off. And at every selection changed event
for(i = 0; i < 10; i++)
{
alert("Are you sure?");
} -
Noob64607yVery smart UI design.
Strong typing without actually typing.
Prevents needless validation checks, avoids clunky regex matching. Increases input speed.
Everybody knows that mouse is better than the old keyboard.
Touch screen is even better than mouse.
All in all best way to get user input. -
@Noob "Increases input speed" Are you joking? The only thing taking more time would be to draw the chars with pixels.
-
@Noob Those are fast I suppose. I don't use it myself. Mainly because I have no mic connected to my pc.
For some reason, there's some resistance in Belgium to use Alexia and the like. I don't know why. Maybe because it's only available in English. -
Noob64607y@FunkDelegate Well, first of all I was indeed kidding.
Secondly Alexa sends tons of private information to her servers. And for what she offers - that's not a worthy sacrifice :) -
Djanjo4467yThat's just wrong on so many levels.
Hey at least it's not a +1 button to reach your number, could always be worse I guess -
gitlog57637y@AndSoWeCode I don't think so.... Adding a SQL commands using inspect element would create an option, but depends on how php code is written.
If I had created such design (good forbid) my php would've thrown error for can't add a string and a number.
I think so....... -
@VTCoder the thing is that I've seen more people relying on front-end to do the whole validation and data format restriction, than it's acceptable. Dude, it worked for Paypal! Not the SQL injection, but the fooling of the validator.
The common criteria is whether you see an option box where it shouldn't be, it's usually accompanied by shitty validation.
Related Rants
-
bjorngi26The aCalendar app let's you choose vibration pattern, it's one of the better settings I've seen.
-
aswinmohanme17When you take User Experience to the next level. Just what I was thinking Credits : Riot App
-
htlr81Been looking around ways to improve devrant's user experience a little, Idk whether you guys like it or not.. ...
A while ago I encountered this atrocity
rant
ux