Register | Sign In


Understanding through Discussion


EvC Forum active members: 65 (9162 total)
7 online now:
Newest Member: popoi
Post Volume: Total: 915,816 Year: 3,073/9,624 Month: 918/1,588 Week: 101/223 Day: 12/17 Hour: 1/0


Thread  Details

Email This Thread
Newer Topic | Older Topic
  
Author Topic:   General Discussion Of Moderation Procedures (aka 'The Whine List')
nwr
Member
Posts: 6408
From: Geneva, Illinois
Joined: 08-08-2005
Member Rating: 5.1


Message 61 of 1049 (595645)
12-09-2010 3:14 PM
Reply to: Message 53 by bluegenes
12-09-2010 1:26 PM


Re: Where are all the arachs?
bluegenes writes:
We don't capitalize and use formal grammar when we chat.
Well, there was Victor Borge who did just about everything other than capitalize.

Jesus was a liberal hippie

This message is a reply to:
 Message 53 by bluegenes, posted 12-09-2010 1:26 PM bluegenes has seen this message but not replied

  
Admin
Director
Posts: 12998
From: EvC Forum
Joined: 06-14-2002
Member Rating: 2.3


Message 62 of 1049 (595648)
12-09-2010 3:51 PM
Reply to: Message 58 by crashfrog
12-09-2010 2:40 PM


Re: Whine & Cheese
Okay, I see how you're thinking about this, and in this case the attempted insertion doesn't need to be inside an HTML tag. To keep it simple let's say this is your entire message:
');DROP TARLE users;
And now I'm going to add this message to the message database, and the SQL query would look like this:
insert into messages values (..., '');DROP TARLE users;', ...);
Your close quote ends the insert query, after which the users table is deleted.
However, a message is text, and all single quotes in message text are escaped, so the actual query becomes:
insert into messages values (..., '\');DROP TARLE users;', ...);
But interestingly, this has uncovered a bug. The mere presence of the string "drop tarle" in message text hangs the message preview feature, and that explains why I've used "tarle" in place of "table" in this message. I'm really curious about this one.
Edited by Admin, : Typo.

--Percy
EvC Forum Director

This message is a reply to:
 Message 58 by crashfrog, posted 12-09-2010 2:40 PM crashfrog has replied

Replies to this message:
 Message 63 by crashfrog, posted 12-09-2010 4:09 PM Admin has replied
 Message 67 by Jon, posted 12-09-2010 7:31 PM Admin has replied

  
crashfrog
Member (Idle past 1467 days)
Posts: 19762
From: Silver Spring, MD
Joined: 03-20-2003


Message 63 of 1049 (595649)
12-09-2010 4:09 PM
Reply to: Message 62 by Admin
12-09-2010 3:51 PM


Re: Whine & Cheese
Sure.
Like, I don't ask because I think you haven't taken measures, I ask because I'm curious, and somewhat of a (poor) programmer myself. And I guess I could try to find out by trying these hacks myself but if any of them worked I'd have destroyed EvC Forum. (That, of course, overestimates my hacking abilities to a significant extent.)
Of course, maybe you don't want to openly discuss the nuts and bolts of site security? Maybe I'll just let it go.

This message is a reply to:
 Message 62 by Admin, posted 12-09-2010 3:51 PM Admin has replied

Replies to this message:
 Message 77 by Admin, posted 12-09-2010 11:38 PM crashfrog has replied

  
arachnophilia
Member (Idle past 1344 days)
Posts: 9069
From: god's waiting room
Joined: 05-21-2004


Message 64 of 1049 (595659)
12-09-2010 6:21 PM
Reply to: Message 53 by bluegenes
12-09-2010 1:26 PM


Re: Where are all the arachs?
you can't have looked at too many forums, as i'm registered at quite a few.
bluegenes writes:
They want period, space, space, capital. That's double your preferred period, space.
well, as crash pointed out, that's not what "double spaced" means, but yes, that is part of standard MLA (i think?). i actually prefer it myself, and always have, but i've stopped typing that way since html doesn't allow it. it collapses all extra spaces in text. i'd literally have to add two extra non-breaking spaces at the end of each sentence, and i'm not going to do that when period-space is sufficient.
MLA also does not like the extra blank line between paragraphs, which i believe that nearly everyone does here for the sake of clarity.
Edited by arachnophilia, : No reason given.

אָרַח

This message is a reply to:
 Message 53 by bluegenes, posted 12-09-2010 1:26 PM bluegenes has seen this message but not replied

  
Jon
Inactive Member


Message 65 of 1049 (595666)
12-09-2010 7:26 PM
Reply to: Message 56 by crashfrog
12-09-2010 2:17 PM


Re: Where are all the arachs?
No style guide since the age of typewriters has specified "period space space capital" formatting, because modern computers kern text - that is, they adjust the space between letters to compensate for the relative visual width of letters. In the age of typewriters "period space space capital" formatting was preferred because the text was monospaced and unkerned, so there was less visual density of text and therefore less apparent space between sentences.
"The Mac is not a Typewriter" is, of course, best-selling author and editor Robin Williams's cri de coeur against obsolete style guides misapplied to computers, and he spends most of it railing against "period space space capital" formatting, and he's absolutely right - unless you're reading this on your old IBM Selectric, somehow, you shouldn't be doing it under any circumstances.
I always double space after sentencesalways.
Jon

Check out Apollo's Temple!
Ignorance is temporary; you should be able to overcome it. - nwr

This message is a reply to:
 Message 56 by crashfrog, posted 12-09-2010 2:17 PM crashfrog has replied

Replies to this message:
 Message 66 by crashfrog, posted 12-09-2010 7:30 PM Jon has replied

  
crashfrog
Member (Idle past 1467 days)
Posts: 19762
From: Silver Spring, MD
Joined: 03-20-2003


Message 66 of 1049 (595667)
12-09-2010 7:30 PM
Reply to: Message 65 by Jon
12-09-2010 7:26 PM


Re: Where are all the arachs?
I always double space after sentencesalways.
HTML strips out extra whitespace, so here it doesn't matter. In any other context where you're producing printed material on a computer, you shouldn't be.
Don't misapply obsolete styles.

This message is a reply to:
 Message 65 by Jon, posted 12-09-2010 7:26 PM Jon has replied

Replies to this message:
 Message 68 by Jon, posted 12-09-2010 7:31 PM crashfrog has replied

  
Jon
Inactive Member


Message 67 of 1049 (595668)
12-09-2010 7:31 PM
Reply to: Message 62 by Admin
12-09-2010 3:51 PM


Re: Whine & Cheese
However, a message is text, and all single quotes in message text are escaped, so the actual query becomes:
insert into messages values (..., '\');DROP TARLE users;', ...);
Is this why when I do a PNT, the ' in my signature becomes '\ (or maybe it's \')? When I enter Edit mode and then Submit (even without making any actual changes to anything), it goes back to normal...
It only seems to happen in PNTs.
Jon

Check out Apollo's Temple!
Ignorance is temporary; you should be able to overcome it. - nwr

This message is a reply to:
 Message 62 by Admin, posted 12-09-2010 3:51 PM Admin has replied

Replies to this message:
 Message 80 by Admin, posted 12-10-2010 7:45 AM Jon has not replied

  
Jon
Inactive Member


Message 68 of 1049 (595669)
12-09-2010 7:31 PM
Reply to: Message 66 by crashfrog
12-09-2010 7:30 PM


Re: Where are all the arachs?
In any other context where you're producing printed material on a computer, you shouldn't be.
Why shouldn't I be?
Jon

Check out Apollo's Temple!
Ignorance is temporary; you should be able to overcome it. - nwr

This message is a reply to:
 Message 66 by crashfrog, posted 12-09-2010 7:30 PM crashfrog has replied

Replies to this message:
 Message 69 by crashfrog, posted 12-09-2010 7:35 PM Jon has replied
 Message 70 by nwr, posted 12-09-2010 7:37 PM Jon has not replied

  
crashfrog
Member (Idle past 1467 days)
Posts: 19762
From: Silver Spring, MD
Joined: 03-20-2003


Message 69 of 1049 (595670)
12-09-2010 7:35 PM
Reply to: Message 68 by Jon
12-09-2010 7:31 PM


Re: Where are all the arachs?
Why shouldn't I be?
UR DOIN IT RONG

This message is a reply to:
 Message 68 by Jon, posted 12-09-2010 7:31 PM Jon has replied

Replies to this message:
 Message 72 by Jon, posted 12-09-2010 7:59 PM crashfrog has not replied

  
nwr
Member
Posts: 6408
From: Geneva, Illinois
Joined: 08-08-2005
Member Rating: 5.1


Message 70 of 1049 (595671)
12-09-2010 7:37 PM
Reply to: Message 68 by Jon
12-09-2010 7:31 PM


Re: Where are all the arachs?
Jon writes:
Why shouldn't I be?
That was just crashfrog being ornery. I wouldn't worry about it.
When I'm using a plain text editor in a command line window, the two spaces at the end of a sentence still look better.

Jesus was a liberal hippie

This message is a reply to:
 Message 68 by Jon, posted 12-09-2010 7:31 PM Jon has not replied

Replies to this message:
 Message 71 by crashfrog, posted 12-09-2010 7:40 PM nwr has seen this message but not replied

  
crashfrog
Member (Idle past 1467 days)
Posts: 19762
From: Silver Spring, MD
Joined: 03-20-2003


Message 71 of 1049 (595672)
12-09-2010 7:40 PM
Reply to: Message 70 by nwr
12-09-2010 7:37 PM


Re: Where are all the arachs?
When I'm using a plain text editor in a command line window, the two spaces at the end of a sentence still look better.
Right, but that's a monospaced font, which is exactly when you should do it.
Unless Jon is writing papers in Courier, though, he shouldn't use two spaces after periods.

This message is a reply to:
 Message 70 by nwr, posted 12-09-2010 7:37 PM nwr has seen this message but not replied

Replies to this message:
 Message 73 by arachnophilia, posted 12-09-2010 8:06 PM crashfrog has replied

  
Jon
Inactive Member


Message 72 of 1049 (595674)
12-09-2010 7:59 PM
Reply to: Message 69 by crashfrog
12-09-2010 7:35 PM


Re: Where are all the arachs?
UR DOIN IT RONG
Why is it rong? Why is your method wright?
Jon

Check out Apollo's Temple!
Ignorance is temporary; you should be able to overcome it. - nwr

This message is a reply to:
 Message 69 by crashfrog, posted 12-09-2010 7:35 PM crashfrog has not replied

  
arachnophilia
Member (Idle past 1344 days)
Posts: 9069
From: god's waiting room
Joined: 05-21-2004


Message 73 of 1049 (595675)
12-09-2010 8:06 PM
Reply to: Message 71 by crashfrog
12-09-2010 7:40 PM


Re: Where are all the arachs?
crashfrog writes:
Unless Jon is writing papers in Courier, though, he shouldn't use two spaces after periods.
i might have written a paper once in courier. i can't, for the life of me, remember why.
i have also had at least one teacher at some point when i was in school who insisted on "period space space capital" which i only remember because i thought it was absurd at the time.

אָרַח

This message is a reply to:
 Message 71 by crashfrog, posted 12-09-2010 7:40 PM crashfrog has replied

Replies to this message:
 Message 74 by Jon, posted 12-09-2010 8:15 PM arachnophilia has replied
 Message 76 by crashfrog, posted 12-09-2010 8:46 PM arachnophilia has not replied

  
Jon
Inactive Member


Message 74 of 1049 (595676)
12-09-2010 8:15 PM
Reply to: Message 73 by arachnophilia
12-09-2010 8:06 PM


Re: Where are all the arachs?
I use a typewriter quite often. Not always with a Courier-esque font; but they are always monospaced (naturally). But that's not why I use double-spaces after sentences.
Now what I really hate are lining figures. Yuck.
Jon

Check out Apollo's Temple!
Ignorance is temporary; you should be able to overcome it. - nwr

This message is a reply to:
 Message 73 by arachnophilia, posted 12-09-2010 8:06 PM arachnophilia has replied

Replies to this message:
 Message 75 by arachnophilia, posted 12-09-2010 8:34 PM Jon has not replied

  
arachnophilia
Member (Idle past 1344 days)
Posts: 9069
From: god's waiting room
Joined: 05-21-2004


Message 75 of 1049 (595678)
12-09-2010 8:34 PM
Reply to: Message 74 by Jon
12-09-2010 8:15 PM


Re: Where are all the arachs?
Jon writes:
I use a typewriter quite often.
and people think i'm weird for owning a turntable.
in any case, in reference to the original sub-thread title, there's a very famous message board with a somewhat high percentage of lowercase posts. it just made the news recently, as members took down the webpages of visa, mastercard, and the government of sweden.

אָרַח

This message is a reply to:
 Message 74 by Jon, posted 12-09-2010 8:15 PM Jon has not replied

Replies to this message:
 Message 81 by bluegenes, posted 12-13-2010 5:30 AM arachnophilia has replied

  
Newer Topic | Older Topic
Jump to:


Copyright 2001-2023 by EvC Forum, All Rights Reserved

™ Version 4.2
Innovative software from Qwixotic © 2024