https://www.explainxkcd.com/wiki/api.php?action=feedcontributions&user=172.69.34.126&feedformat=atomexplain xkcd - User contributions [en]2024-03-28T16:34:15ZUser contributionsMediaWiki 1.30.0https://www.explainxkcd.com/wiki/index.php?title=Robert%27);_DROP_TABLE_Students;--&diff=334845Robert'); DROP TABLE Students;--2024-02-12T07:26:19Z<p>172.69.34.126: /* Real life occurrences */ replaced quotes with code blocks</p>
<hr />
<div>__NOTOC__{{Infobox character<br />
| image = Little Bobby Tables.PNG<br />
| imagesize = 200px<br />
| caption = '<br />
| first_appearance = [[327: Exploits of a Mom]]<br />
| fix = yes<br />
}}<br />
<br />
<noinclude>:''For a list of comics, see [[:Category:Comics featuring Robert'); DROP TABLE Students;--|Comics featuring Robert'); DROP TABLE Students;--]].''<br />
:''For Robert'); DROP TABLE Students;--'s sister, see [[Help I'm trapped in a driver's license factory Elaine Roberts]].''<br />
:''For Robert'); DROP TABLE Students;--'s mother, see [[Mrs. Roberts]].''</noinclude><br />
<br />
'''Robert'); DROP TABLE Students;--''', also known as '''Little Bobby Tables''', is a [[stick figure]] character in [[xkcd]]. He is the youngest son of elite hacker [[Mrs. Roberts]] and [[Help I'm trapped in a driver's license factory Elaine Roberts]] is his older sister. His full name is known to cause problems with some computers. When he was first enrolled in school in [[327: Exploits of a Mom]], it exploited a vulnerability in the parsing of students' names into the school's student database resulting in the school losing all the student records for the year.<br />
<br />
==Appearances==<br />
[[File:Adult Bobby Tables.PNG|thumb|200px|Robert'); DROP TABLE Students;-- as an adult from [[884: Rogers St.]]]]<br />
Within the five comics he is referenced, he is only drawn three times. The first two are in the [[:Category:1337|1337 series]] where he is drawn as a Cueball-like kid. But then he also appears as a young man with long curly hair in [[884: Rogers St.]]. Here it is only the title text that reveals that this is Bobby, that, and the fact that [[Randall]] in the official transcript does not mention the gender, but only that it is a person. <br />
Here is how he looks in that comic:<br />
<br />
There have been suggestions that the Robert in the table in [[596: Latitude]] was Bobby but given that [[Black Hat]] has never had any relation to him in the other comics, and that [[Rob]] has, it seems more likely that the Robert is Rob.<br />
<br />
==Name==<br />
In {{w|SQL}}, commands are terminated by semicolons <code>;</code> and data is often quoted using single quotes <code>'</code>. Commands may also be enclosed in parentheses <code>(</code> and <code>)</code>. Data is stored in tables of similar items (e.g., <code>Students</code>) and individual entries are "rows" in the table. To delete an entire table (and every row of data in that table), you use the command <code>DROP</code> (e.g., <code>DROP TABLE Students</code>). The <code>--</code> represents the start of a {{w|Comment_(computer_programming)#SQL|SQL comment}} which ensures that the rest of the command is ignored so an error will not occur.<br />
<br />
The exploited vulnerability is that the single quote in the name input was not properly "escaped" by the software. Thus, when the name is embedded into some SQL statement, the quote is erroneously parsed as a closing quote inside that statement, rather than being parsed as part of the name. Lack of such escaping is a common SQL vulnerability; this type of exploit is referred to as {{w|SQL injection}}.<br />
<br />
The name Bobby Tables inspired a website, [http://bobby-tables.com/ bobby-tables.com], a guide for beginning programmers to learn the right way to avoid SQL injection in their code. It appears in [[1253: Exoplanet Names]] as one of the suggested planet names.<br />
<br />
===Example of SQL injection===<br />
<br />
A typical, unsecured SQL command vulnerable to SQL injection would be something like:<br />
<br />
database.execute("INSERT INTO Students (name) VALUES ('" + name + "');");<br />
<br />
where <code>name</code> is a variable which is filled with the name to be inserted into the database. With a regular name, this would result in the following SQL command to be sent to the database system:<br />
<br />
INSERT INTO Students (name) VALUES ('Elaine');<br />
<br />
However, with Little Bobby Tables's full name, the SQL command would be:<br />
<br />
INSERT INTO Students (name) VALUES ('Robert'); DROP TABLE Students;--');<br />
<br />
Or, if split after each <code>;</code>:<br />
<br />
INSERT INTO Students (name) VALUES ('Robert');<br />
DROP TABLE Students;<br />
--');<br />
<br />
The first command inserts the name <code>Robert</code> into the database as in the first example. The second command however completely deletes the table <code>Students</code>. The remainder <code>--</code> is a comment to prevent syntax errors with the apostrophe and the closing parenthesis from the target command that the exploit code otherwise would have no use for.<br />
<br />
===Real life occurrences===<br />
In 2017, a Swiss group called their book <code><script>alert("!Mediengruppe Bitnik");</script></code> to make e-commerce websites display an innocuous pop-up as soon as the book name loads. [https://i.imgur.com/Dd4XN7d.png It immediately worked on several sites] and to this day, [https://www.tomlinsons-online.com/p-16381221-scriptalertmediengruppe-bitnikscript.aspx some websites] are still affected.<br />
<br />
In 2019, a person chose a vanity license plate that said <code>NULL</code> and subsequently [https://www.wired.com/story/null-license-plate-landed-one-hacker-ticket-hell/ received thousands of dollars in fines from random vehicles] for which the license plate was unavailable. Some database programmers somewhere along the way failed to consider the difference between the string <code>NULL</code> and the value {{w|NULL}}.<br />
<br />
In 2020, the British corporate register [https://forum.aws.chdev.org/t/cross-site-scripting-xss-software-attack/3355/8 accepted a registration] for <code> "><SRC=<nowiki>H</nowiki>TTPS://MJT.XSS.HT> LTD</code>, which was soon officially renamed <code>THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD</code> to avoid a cross-site scripting problem.<br />
<br />
{{navbox-characters}}<br />
[[Category:Characters]]<br />
[[Category:Minor characters]]</div>172.69.34.126https://www.explainxkcd.com/wiki/index.php?title=2397:_I_Just_Don%27t_Trust_Them&diff=2030512397: I Just Don't Trust Them2020-12-12T07:35:06Z<p>172.69.34.126: this is indecipherable and incoherent</p>
<hr />
<div>{{comic<br />
| number = 2397<br />
| date = December 11, 2020<br />
| title = I Just Don't Trust Them<br />
| image = i_just_dont_trust_them.png<br />
| titletext = I believe in getting immunity the old-fashioned way: By letting a bat virus take control of my lungs and turn my face into a disgusting plague fountain while my immune system desperately Googles 'how to make spike protein antibodies'.<br />
}}<br />
<br />
==Explanation==<br />
{{incomplete|Created by a BAT. Please mention here why this explanation isn't complete. Do NOT delete this tag too soon.}}<br />
This comic is another comic in a [[:Category:COVID-19|series of comics]] related to the {{w|2019–20 coronavirus outbreak|2020 pandemic}} of the {{w|coronavirus}} {{w|SARS-CoV-2}}, which causes {{w|COVID-19}}.<br />
<br />
Cueball partially echoes a statement made by anti-vaccine activists about "Big Pharma" (the powerful and profit-driven companies who develop pharmaceutical drugs such as vaccines). Anti-vaccine protesters believe that vaccines contain harmful toxins that cause ill effects on the human body, and that the corporations that make them are not to be trusted because they are exploiting a captive public for profit while disregarding public health. The joke is that Cueball is revealed to be not talking about Big Pharma but, instead, bats. <br />
<br />
The comic could simply be seen to serve as a compelling argument against the anti-vaccine movement, which is often criticized for spreading misinformation and increasing rates of disease, especially since the start of the COVID-19 pandemic. This comic comes shortly after the news of the development of several COVID-19 vaccines with high rates of success; there are concerns that herd immunity may be delayed if people refuse to take the vaccine. <br />
<br />
The title text refers to getting immunity the old fashioned way, i.e. catching the disease and waiting for your immune system to build up a response. This is usually considered very healthy when immunity to local diseases is common, and can avoid the sudden forced evolution of new diseases among extensively hypercareful communities, but developing natural immunity is certainly incredibly dangerous during a new pandemic. One joke here is that many anti-vaxxers claim that it is more natural to not take a vaccine. While it is usually true that what is "natural" is also "healthy", this is not the case anymore in many modern scenarios that have become more commonplace. Of course, far far more modern things are lethal, than natural things are. But relying on nature to solve a modern problem without guidance, can be even more lethal.<br />
<br />
==Transcript==<br />
{{incomplete transcript|Do NOT delete this tag too soon.}}<br />
:[Cueball stands with his arms to his sides, facing Megan.]<br />
:Cueball: I just don't trust them, and I don't want to put something they developed into my body.<br />
<br />
:[Caption below the panel]:<br />
:How I feel about bats<br />
<br />
{{comic discussion}}<br />
[[Category:Comics featuring Cueball]]<br />
[[Category:Comics featuring Megan]]<br />
[[Category:Animals]]<br />
[[Category:Biology]]<br />
[[Category:COVID-19]]</div>172.69.34.126https://www.explainxkcd.com/wiki/index.php?title=Talk:2297:_Use_or_Discard_By&diff=191151Talk:2297: Use or Discard By2020-04-23T17:24:05Z<p>172.69.34.126: Cmt</p>
<hr />
<div><!--Please sign your posts with ~~~~ and don't delete this text. New comments should be added at the bottom.--><br />
comics featuring expiration dates<br />
<br />
This comic is definitely not related to the COVID-19 theme. Has Randall decided after 19 (or 20) comics to end his series? [[Special:Contributions/108.162.215.166|108.162.215.166]] 01:28, 23 April 2020 (UTC)<br />
: I personally agree. However some will make the argument that all the people who stocked up on a lifetime supply will face "best by" issues in the next years. --[[Special:Contributions/172.68.215.76|172.68.215.76]] 06:29, 23 April 2020 (UTC)<br />
:: This one is satisfactorily unrelated for me. I was for Exa-Exabyte, and although I understand the slight argument someone had for it, against Garbage. But this one surely only has convoluted arguments on par with the symbiotic relationship it has with yeast. [[Special:Contributions/172.69.71.64|172.69.71.64]] 12:40, 23 April 2020 (UTC)<br />
::: This one feels like a "things to do while stuck at home" that may have been inspired by the COVID-19 lockdown, but that doesn't make it a COVID-related comic. --[[User:Bobson|Bobson]] ([[User talk:Bobson|talk]]) 14:06, 23 April 2020 (UTC)<br />
<br />
She didn’t say it said “use by (some date)”. She just said it says “use by ..”. My interpretation is that it is so old the date has worn off. That happens to my nitroglycerin quite often. I think her interlocutor is saying, if the date has worn off or gotten illegibly smeared, assume it’s expired. —— OTOH the explanation given by the editors is funnier! [[Special:Contributions/108.162.216.232|108.162.216.232]] 05:08, 23 April 2020 (UTC)<br />
:In the first panel she states that the guns (plural) are about to expire. So I guess they have bought 2 guns about the same time, from different vendors who handle this wording differently, but both flare guns have a visible expiry date in the close future. --[[User:Lupo|Lupo]] ([[User talk:Lupo|talk]]) 05:56, 23 April 2020 (UTC)<br />
::I disagree. The other one says Use By and no date. So think either explanation is wrong, or at least the two possible interpretations should be mentioned --[[User:Kynde|Kynde]] ([[User talk:Kynde|talk]]) 14:56, 23 April 2020 (UTC)<br />
:::My interpretation of that panel is that Cueball cut her off before she was able to finish her sentence, aware that she was interested in using the flare gun. [[Special:Contributions/172.69.34.126|172.69.34.126]] 17:24, 23 April 2020 (UTC)<br />
<br />
I play the browser-game Urban Dead. The flare-pistols in that have no expiry date (a handy 15HP damage item, ''if'' they hit, so I often save any I scavenge for a time my Action Points are low but I might appreciate a chance killing shot on a worn-down zombie) and are 'safe' to fire at all times - except for your target if hit, of course. Outside they can act as a signal, though never seen that as useful myself, but I always wished that inside a darkened building they'd at least be seen as a flash (maybe transient blinding) to anyone present but not hit by it. I mean, does ''nobody'' notice someone firing off a flare in an unpowered cinema, even the person it was aimed at but apparently just missed? (It was argued that a 'miss' was a misfire, a similar argument given with shotgun/pistol non-hits that no-one even hears, but they have no failure rate when deployed as signal.) [[Special:Contributions/162.158.158.211|162.158.158.211]] 13:46, 23 April 2020 (UTC)<br />
<br />
How does one properly dispose of these? I have an emergency smoke"grenade" (it's just a tin can) that expired in or before 2012 in my car. Related question, what is the best way to improperly dispose one of those? [[Special:Contributions/162.158.111.175|162.158.111.175]] 15:39, 23 April 2020 (UTC)<br />
:Probably need to contact your local HAZMAT for either smoke grenades or flare guns. Neither one would be appropriate for regular garbage or recycling. And forget about taking them on an airplane. [[User:Rtanenbaum|Rtanenbaum]] ([[User talk:Rtanenbaum|talk]]) 16:55, 23 April 2020 (UTC)</div>172.69.34.126https://www.explainxkcd.com/wiki/index.php?title=2297:_Use_or_Discard_By&diff=1911502297: Use or Discard By2020-04-23T17:18:54Z<p>172.69.34.126: /* Explanation */ ce</p>
<hr />
<div>{{comic<br />
| number = 2297<br />
| date = April 22, 2020<br />
| title = Use or Discard By<br />
| image = use_or_discard_by.png<br />
| titletext = One of the things of bear spray says that, and I'm not one to disobey safety instructions, but there are no bears around here. Guess it's time for a camping trip where we leave lots of food out!<br />
}}<br />
<br />
==Explanation==<br />
{{incomplete|Created by a BOT, used and discarded by a cruel master before its time. Please mention here why this explanation isn't complete. Do NOT delete this tag too soon.}}<br />
<br />
Many products carry a "Use By", "{{w|Expiration date}}", "Discard by" or similar date. The date shows the latest date by which the product has been verified to provide its expected use. For example, a foodstuff will have a "consume by" date, showing the date after which the food may be unsuitable for eating. For most products, this is a conservative estimate, especially if a product is kept sealed and stored in a cool, dark place. A few products become dangerous to use after that point, some simply become stale and less palatable (as in the case of foods) or lose potency. For most consumer items, there's no immediate imperative to discard a product as soon as it expires; you simply take the risk of a decline in quality or reliability. <br />
<br />
One of the issues around expiration dates is that the language used tends to be arbitrary and ambiguous. Some have explicit instructions to the consumer, such as "use by:", others have instructions to the seller, such as "sell by:", still others say things such as "best by:" or "freshest before:". This can make it confusing how important it is to get rid of a given product on that date. <br />
<br />
In this comic, two similar emergency {{w|flare gun}}s, an item typically used to send out distress {{w|flare}}s, have slightly different expiry instructions. One has an instruction to "use by or discard by" a specific date (in this case, three days after the date of publishing). The other has an instruction to "use by" this date. These two phrases almost certainly have the same intent. There would be no reason to actually fire the flare. Even the instructions to discard the flare gun really just mean that the manufacturer cannot guarantee that it will work past the printed date, and so do not advise counting on it in an emergency situation.<br />
<br />
Despite this implication, [[Megan]] seems to take the latter instruction literally, as an order to actually fire the flare gun prior to the expiration date, whether or not it's necessary. It may be taken that she *wants the experience of firing a flare, and takes that instruction as an excuse to do so. [[Cueball]] immediately objects to this line of reasoning. Firing a flare unnecessarily is generally a bad idea. It could summon emergency responders to a non-emergency situation, diverting emergency resources that may be needed elsewhere. Even worse, if a flare is fired improperly, or in an unsafe direction, it could cause a fire and/or injuries, ironically creating an emergency situation, rather than signalling one. <br />
<br />
The title text similarly indicates that Megan intends to follow the same instructions with a can of {{w|bear spray}}. Since there are no bears where she lives, she will go camping in an area known to be inhabited by bears and leave her food out to attract their attention, so that she may use the bear spray to repel bears before it "goes bad". The danger of such a response is hopefully obvious. <br />
<br />
Expiration dates (for food) have also been mentioned in [[737: Yogurt]], [[1109: Refrigerator]], and [[2178: Expiration Date High Score]].<br />
<br />
==Transcript==<br />
{{incomplete transcript|Do NOT delete this tag too soon.}}<br />
<br />
:[Megan stands in the middle of the panel, holding two flare guns, one in each hand.]<br />
:Megan: These emergency flare guns are about to expire.<br />
:Cueball [off-panel]: I forgot we had those.<br />
<br />
:[Cueball sitting at a desk, working on a computer.]<br />
:Megan [off-panel]: This one says "Use or discard by Apr 25 2020."<br />
:Cueball: Okay...<br />
<br />
:[Megan holds up one of the flare guns looking at it. She holds the other flare gun by her side.]<br />
:Megan: But '''''this''''' one just says "Use by" ...<br />
:Cueball [off-panel]: '''''No.'''''<br />
<br />
== Trivia ==<br />
* Twenty-seven years ago exactly ([https://www.gocomics.com/calvinandhobbes/1993/04/22 April 22, 1993]), ''Calvin and Hobbes'' made a similar joke about expiration dates on milk. Obviously the humor has a very long shelf-life.<br />
* This comic shares some similarities with [[1821: Incinerator]], particularly in the last panel.<br />
<br />
{{comic discussion}}<br />
[[Category:Comics featuring Cueball]]<br />
[[Category:Comics featuring Megan]]</div>172.69.34.126https://www.explainxkcd.com/wiki/index.php?title=2297:_Use_or_Discard_By&diff=1911492297: Use or Discard By2020-04-23T17:17:25Z<p>172.69.34.126: /* Explanation */ ce</p>
<hr />
<div>{{comic<br />
| number = 2297<br />
| date = April 22, 2020<br />
| title = Use or Discard By<br />
| image = use_or_discard_by.png<br />
| titletext = One of the things of bear spray says that, and I'm not one to disobey safety instructions, but there are no bears around here. Guess it's time for a camping trip where we leave lots of food out!<br />
}}<br />
<br />
==Explanation==<br />
{{incomplete|Created by a BOT, used and discarded by a cruel master before its time. Please mention here why this explanation isn't complete. Do NOT delete this tag too soon.}}<br />
<br />
Many products carry a "Use By", "{{w|Expiration date}}", "Discard by" or similar date. The date shows the latest date by which the product has been verified to provide its expected use. For example, a foodstuff will have a "consume by" date, showing the date after which the food may be unsuitable for eating. For most products, this is a conservative estimate, especially if a product is kept sealed and stored in a cool, dark place. A few products become dangerous to use after that point, some simply become stale and less palatable (as in the case of foods) or lose potency. For most consumer items, there's no immediate imperative to discard a product as soon as it expires; you simply take the risk of a decline in quality or reliability. <br />
<br />
One of the issues around expiration dates is that the language used tends to be arbitrary and ambiguous. Some have explicit instructions to the consumer, such as "use by:", others have instructions to the seller, such as "sell by:", still others say things such as "best by:" or "freshest before:". This can make it confusing how important it is to get rid of a given product on that date. <br />
<br />
In this comic, two similar emergency {{w|flare gun}}s, an item typically used to send out distress {{w|flare}}s, have slightly different expiry instructions. One has an instruction to "use by or discard by" a specific date (in this case, three days after the date of publishing). The other has an instruction to "use by" this date. These two phrases almost certainly have the same intent. There would be no reason to actually fire the flare. Even the instructions to discard the flare gun really just mean that the manufacturer cannot guarantee that it will work past the printed date, and so do not advise counting on it in an emergency situation.<br />
<br />
Despite this implication, Megan seems to take the latter instruction literally, as an order to actually fire the flare gun prior to the expiration date, whether or not it's necessary. It may be taken that she *wants the experience of firing a flare, and takes that instruction as an excuse to do so. Cueball immediately objects to this line of reasoning. Firing a flare unnecessarily is generally a bad idea. It could summon emergency responders to a non-emergency situation, diverting emergency resources that may be needed elsewhere. Even worse, if a flare is fired improperly, or in an unsafe direction, it could cause a fire and/or injuries, ironically creating an emergency situation, rather than signalling one. <br />
<br />
The title text similarly indicates that Megan intends to follow the same instructions with a can of {{w|bear spray}}. Since there are no bears where she lives, she will go camping in an area known to be inhabited by bears and leave her food out to attract their attention, so that she may use the bear spray to repel bears before it "goes bad". The danger of such a response is hopefully obvious. <br />
<br />
Expiration dates (for food) have also been mentioned in [[737: Yogurt]], [[1109: Refrigerator]], and [[2178: Expiration Date High Score]].<br />
<br />
==Transcript==<br />
{{incomplete transcript|Do NOT delete this tag too soon.}}<br />
<br />
:[Megan stands in the middle of the panel, holding two flare guns, one in each hand.]<br />
:Megan: These emergency flare guns are about to expire.<br />
:Cueball [off-panel]: I forgot we had those.<br />
<br />
:[Cueball sitting at a desk, working on a computer.]<br />
:Megan [off-panel]: This one says "Use or discard by Apr 25 2020."<br />
:Cueball: Okay...<br />
<br />
:[Megan holds up one of the flare guns looking at it. She holds the other flare gun by her side.]<br />
:Megan: But '''''this''''' one just says "Use by" ...<br />
:Cueball [off-panel]: '''''No.'''''<br />
<br />
== Trivia ==<br />
* Twenty-seven years ago exactly ([https://www.gocomics.com/calvinandhobbes/1993/04/22 April 22, 1993]), ''Calvin and Hobbes'' made a similar joke about expiration dates on milk. Obviously the humor has a very long shelf-life.<br />
* This comic shares some similarities with [[1821: Incinerator]], particularly in the last panel.<br />
<br />
{{comic discussion}}<br />
[[Category:Comics featuring Cueball]]<br />
[[Category:Comics featuring Megan]]</div>172.69.34.126