Tuesday, July 15, 2008

SQL Injection

That's a bad thing.

Late last week we got an email from a knitter who had tried to go to our website to find a nearby retailer. When she clicked on the "Where to Buy" button all the data was gone! Yikes!

So we got on the horn with our web guys and tried to figure things out. I was told things like "the problem is being caused by a sql injection" and all sorts of catch-y phrases like that. I was nodding away like a bobblehead doll pretending it made sense. They could have been speaking Swahili for all I understood.

I learned that we'd gotten hacked into and someone had added some junk script that screwed things up. Jerks. I mean really. Why would anyone want to mess with someone like us? It's not a site that handles money or has confidential information. Arrgghh!

But by Monday, the web guys were able to do their magic. The retailer buttons were working again and all the data had returned. We were beyond relieved. The prospect of re-entering all the shop information had been weighing heavy on our minds. We did the dance of joy when we dodged that bullet.

So fifteen minutes ago, we got another email. Same problem. Big.Heavy.Sigh. Let's all keep our fingers crossed that it gets fixed for good this time.

Nasty, mean sql injector people. I hope all their socks get holes in them.


Rhonda the Stitchingnut said...

Gosh ... what have they got against knitting? Good luck with squashing the bugs.

North Pines GS said...

Your web guys need to darn their security holes so the hackers can't get in.