no implicit conversion from nil to integer

totheralistair / Muffinland

start of the real Muffinland

2 stars 2 forks source link

no implicit conversion from nil to integer #4

Closed davengeo closed 10 years ago

davengeo commented 10 years ago

putting become a page 100 into -100 results in a persistent 500 http error code from server and all the system fails for ever and ever and ever... http://www.w3.org/Protocols/HTTP/HTRESP.html

davengeo commented 10 years ago

Once you deploy to the public this is called "the public fire", could be worse if you use DB Ids externally and somebody tries to do a SQL injection for instance. http://www.w3schools.com/sql/sql_injection.asp

totheralistair commented 10 years ago

Thank you... what does this phrase mean? "putting become a page 100 into -100" ?? .... Does SQL injection work/hurt if you don't use SQL?

davengeo commented 10 years ago

It's an example of the bad habits of deploy things in the cloud without a second of concern about robustness and security.

When I put in the second edit text with label "Or change page " 100 " to become " -100. You can reproduce the fail in your local environment.

davengeo commented 10 years ago

Tested in local env. fixed.