{"id":54,"date":"2006-09-12T08:17:00","date_gmt":"2006-09-12T08:17:00","guid":{"rendered":"http:\/\/dhbolton.com\/blog\/?p=54"},"modified":"2006-09-12T08:17:00","modified_gmt":"2006-09-12T08:17:00","slug":"the-joys-of-online-purchasing","status":"publish","type":"post","link":"https:\/\/dhbolton.com\/blog\/uncategorized\/the-joys-of-online-purchasing\/","title":{"rendered":"The joys of online purchasing"},"content":{"rendered":"<p>So I need a USB cable- a long one as I&#8217;ve bought a printer and my old parallel (Centronics) cable is no use. So I visit the <a href=\"http:\/\/www.maplin.co.uk\/\">Maplin<\/a> website. Find a USB cable, add it to the checkout, go to register an account and after doing so get this helpful error message when registering.<\/p>\n<p>&#8220;XML_CreateCustomer err(X1) occurred. We apologise for any inconvenience caused.&#8221;<\/p>\n<p>Ah bless. So- lets try live support. I enter this :<\/p>\n<p><span>Trying to register to make a purchase.<br \/>I get this &#8216;helpful&#8217; error!<br \/>XML_CreateCustomer err(X1) occurred. We apologise for any inconvenience caused.<\/span><\/p>\n<p>and get this<br \/><span>Microsoft OLE DB Provider for SQL Server error &#8216;80040e14&#8217;<br \/>Line 2: Incorrect syntax near &#8216;helpful&#8217;.<br \/>\/chat.asp, line 111 <\/span><\/p>\n<p>Looks like a SQL Injection error- the quotes round helpful aren&#8217;t correctly handled.  That&#8217;s very dangerous, though its possibly only a chat database. If I was malicious, I could have some &#8216;Get into Jail Real Quick&#8217; fun but I won&#8217;t. <\/p>\n<p>Hint to Maplin. Get your website fixed quick, and add some helpful errors!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So I need a USB cable- a long one as I&#8217;ve bought a printer and my old parallel (Centronics) cable is no use. So I visit the Maplin website. Find a USB cable, add it to the checkout, go to register an account and after doing so get this helpful error message when registering. &#8220;XML_CreateCustomer [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-54","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/posts\/54","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/comments?post=54"}],"version-history":[{"count":0,"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/posts\/54\/revisions"}],"wp:attachment":[{"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/media?parent=54"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/categories?post=54"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dhbolton.com\/blog\/wp-json\/wp\/v2\/tags?post=54"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}