How Not To Develop A Web App

If there ever was a glaring example of how not to write Web application code, then the Oklahoma Department of Corrections Web site is it.

Not only did the site process unsanitized user input, they also put SQL queries in clickable GET request links! As a result, all sorts of data was available - not to mention the likelihood of changing data stored in the site's database. And this wasn't just any old database. It was a database of sex offenders, which you can imagine presents a gigantic problem and liability for the state government.

Head over to The Daily WTF to read their exposé.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.