I came across this post in a rare break between meetings. Since I’m an IT manager now, I found it good reading (and a good ego check as well).
Month: November 2006
The right penalty for breaking a software build
Maybe I should institute this at my office on Monday.
String.Format is your friend
One of the consultants that works for me was trying to figure out the best way to format strings for writing messages to the event log for a Windows service he’s writing. He was using the horrifying “blah blah blah” +
A quick Google search revealed an excellent String.Format 101 blog post by Kathy Kam. Karl Seguin’s post on the same topic brings performance advantages into the discussion. Another bit of information I didn’t know before reading his post was that the StringBuilder class has an equivalent AppendFormat method.
SQL Injection
It’s one thing to know that SQL injection is bad, and quite another to have some stats to back it up. I came across a Michael Sutton blog post on the topic via Joel Spolsky‘s latest blog post.
Out of 708 sites checked, 80 had potential vulnerabilities to SQL injection attacks. Beyond the importance of the topic as a security hole, the most interesting thing about Sutton’s article was the tool he built to come up with these stats. He used a C# app with the Google API to get his results. I only wish I had time to build a tool that clever and useful.