I came across this post in a rare break between meetings. Since I’m an IT manager now, I found it good reading (and a good ego check as well).
Maybe I should institute this at my office on Monday.
One of the consultants that works for me was trying to figure out the best way to format strings for writing messages to the event log for a Windows service he’s writing. He was using the horrifying “blah blah blah” +
A quick Google search revealed an excellent String.Format 101 blog post by Kathy Kam. Karl Seguin’s post on the same topic brings performance advantages into the discussion. Another bit of information I didn’t know before reading his post was that the StringBuilder class has an equivalent AppendFormat method.
Out of 708 sites checked, 80 had potential vulnerabilities to SQL injection attacks. Beyond the importance of the topic as a security hole, the most interesting thing about Sutton’s article was the tool he built to come up with these stats. He used a C# app with the Google API to get his results. I only wish I had time to build a tool that clever and useful.