April 16, 2018 at 9:29 am
Grant Fritchey - Monday, April 16, 2018 7:29 AMThom A - Monday, April 16, 2018 3:30 AM...SQL injection...I didn't see anything else but red after I saw this. It makes me absolutely insane that we're still dealing with this issue in CURRENT YEAR.
We have to look no further than the higher education system as the source of this continued disaster. So many questions on all the forums where you hear things like "my professor says not to worry about sql injection" or "we kind of touched on that but were told the real world would help". It is so painfully obvious that the professors across the globe just ignore the very real dangers of sql injection and either themselves lack the knowledge of how to deal with or they simply don't care. As somebody who went through college a bit later in life for a second career to enter the IT world I know from my experience that often the professors teaching are ones who didn't make it as real world developers. There were a few here and there that chose to enter the college life as a way to help but most pretty obviously had to settle for lower pay because their ability forced them out of developer job.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
April 16, 2018 at 9:36 am
I love this editorial.
April 16, 2018 at 9:42 am
Sean Lange - Monday, April 16, 2018 9:29 AMGrant Fritchey - Monday, April 16, 2018 7:29 AMThom A - Monday, April 16, 2018 3:30 AM...SQL injection...I didn't see anything else but red after I saw this. It makes me absolutely insane that we're still dealing with this issue in CURRENT YEAR.
We have to look no further than the higher education system as the source of this continued disaster. So many questions on all the forums where you hear things like "my professor says not to worry about sql injection" or "we kind of touched on that but were told the real world would help". It is so painfully obvious that the professors across the globe just ignore the very real dangers of sql injection and either themselves lack the knowledge of how to deal with or they simply don't care. As somebody who went through college a bit later in life for a second career to enter the IT world I know from my experience that often the professors teaching are ones who didn't make it as real world developers. There were a few here and there that chose to enter the college life as a way to help but most pretty obviously had to settle for lower pay because their ability forced them out of developer job.
This is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.
April 16, 2018 at 9:42 am
Sean Lange - Monday, April 16, 2018 9:29 AMGrant Fritchey - Monday, April 16, 2018 7:29 AMThom A - Monday, April 16, 2018 3:30 AM...SQL injection...I didn't see anything else but red after I saw this. It makes me absolutely insane that we're still dealing with this issue in CURRENT YEAR.
We have to look no further than the higher education system as the source of this continued disaster. So many questions on all the forums where you hear things like "my professor says not to worry about sql injection" or "we kind of touched on that but were told the real world would help". It is so painfully obvious that the professors across the globe just ignore the very real dangers of sql injection and either themselves lack the knowledge of how to deal with or they simply don't care. As somebody who went through college a bit later in life for a second career to enter the IT world I know from my experience that often the professors teaching are ones who didn't make it as real world developers. There were a few here and there that chose to enter the college life as a way to help but most pretty obviously had to settle for lower pay because their ability forced them out of developer job.
Heh... or they thought they could just mow the lawn.
--Jeff Moden
April 16, 2018 at 9:49 am
ZZartin - Monday, April 16, 2018 9:42 AMSean Lange - Monday, April 16, 2018 9:29 AMGrant Fritchey - Monday, April 16, 2018 7:29 AMThom A - Monday, April 16, 2018 3:30 AM...SQL injection...I didn't see anything else but red after I saw this. It makes me absolutely insane that we're still dealing with this issue in CURRENT YEAR.
We have to look no further than the higher education system as the source of this continued disaster. So many questions on all the forums where you hear things like "my professor says not to worry about sql injection" or "we kind of touched on that but were told the real world would help". It is so painfully obvious that the professors across the globe just ignore the very real dangers of sql injection and either themselves lack the knowledge of how to deal with or they simply don't care. As somebody who went through college a bit later in life for a second career to enter the IT world I know from my experience that often the professors teaching are ones who didn't make it as real world developers. There were a few here and there that chose to enter the college life as a way to help but most pretty obviously had to settle for lower pay because their ability forced them out of developer job.
This is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.
When you attend a technical college and your degree is in programming it damn well better be preparing you for a real world position. Sadly in my experience it wasn't even on the same planet. This would be like attending culinary school and not being taught about food safety and preventing food borne illness with proper handling and storage of food.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
April 16, 2018 at 9:56 am
HighPlainsDBA - Monday, April 16, 2018 9:36 AMI love this editorial.
Thanks.
----------------------------------------------------The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood... Theodore RooseveltThe Scary DBAAuthor of: SQL Server 2017 Query Performance Tuning, 5th Edition and SQL Server Execution Plans, 3rd EditionProduct Evangelist for Red Gate Software
April 16, 2018 at 9:59 am
Sean Lange - Monday, April 16, 2018 9:49 AMZZartin - Monday, April 16, 2018 9:42 AMThis is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.When you attend a technical college and your degree is in programming it damn well better be preparing you for a real world position. Sadly in my experience it wasn't even on the same planet. This would be like attending culinary school and not being taught about food safety and preventing food borne illness with proper handling and storage of food.
My son had to take a programming course in C for his engineering degree he's currently working on. Yes, C. Not only that, but the teacher required them to take all tests on paper because "engineers and developers never make mistakes, so you have to be able to code everything, only on paper." He wouldn't let me go and have a chat with the guy. Anecdote <> Data, but it didn't give me a warm & fuzzy about the state of education.
----------------------------------------------------The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood... Theodore RooseveltThe Scary DBAAuthor of: SQL Server 2017 Query Performance Tuning, 5th Edition and SQL Server Execution Plans, 3rd EditionProduct Evangelist for Red Gate Software
April 16, 2018 at 10:06 am
Sean Lange - Monday, April 16, 2018 9:49 AMZZartin - Monday, April 16, 2018 9:42 AMSean Lange - Monday, April 16, 2018 9:29 AMGrant Fritchey - Monday, April 16, 2018 7:29 AMThom A - Monday, April 16, 2018 3:30 AM...SQL injection...I didn't see anything else but red after I saw this. It makes me absolutely insane that we're still dealing with this issue in CURRENT YEAR.
We have to look no further than the higher education system as the source of this continued disaster. So many questions on all the forums where you hear things like "my professor says not to worry about sql injection" or "we kind of touched on that but were told the real world would help". It is so painfully obvious that the professors across the globe just ignore the very real dangers of sql injection and either themselves lack the knowledge of how to deal with or they simply don't care. As somebody who went through college a bit later in life for a second career to enter the IT world I know from my experience that often the professors teaching are ones who didn't make it as real world developers. There were a few here and there that chose to enter the college life as a way to help but most pretty obviously had to settle for lower pay because their ability forced them out of developer job.
This is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.
When you attend a technical college and your degree is in programming it damn well better be preparing you for a real world position. Sadly in my experience it wasn't even on the same planet. This would be like attending culinary school and not being taught about food safety and preventing food borne illness with proper handling and storage of food.
That's fair but I don't think that even 4 years in a technical program as broad as "programming" is going to teach you the intricate ins and outs of every single programming language, development tool and how to use those in corporate environments. Now if someone went to school for a degree specifically in SQL and couldn't identify the issues with SQL Injection I would be more annoyed.
April 16, 2018 at 10:12 am
My kid did a Python course and then another programming one. I think they did a good job teaching programming fundamentals, but not for the real world. No VCS, no testing, just hack and go, much like I did back in 1979/80. There are better ways now, and there should be some updates to more classes.
Follow me on Twitter: http://www.twitter.com/way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
April 16, 2018 at 10:22 am
ZZartin - Monday, April 16, 2018 10:06 AMSean Lange - Monday, April 16, 2018 9:49 AMZZartin - Monday, April 16, 2018 9:42 AMSean Lange - Monday, April 16, 2018 9:29 AMGrant Fritchey - Monday, April 16, 2018 7:29 AMThom A - Monday, April 16, 2018 3:30 AM...SQL injection...I didn't see anything else but red after I saw this. It makes me absolutely insane that we're still dealing with this issue in CURRENT YEAR.
We have to look no further than the higher education system as the source of this continued disaster. So many questions on all the forums where you hear things like "my professor says not to worry about sql injection" or "we kind of touched on that but were told the real world would help". It is so painfully obvious that the professors across the globe just ignore the very real dangers of sql injection and either themselves lack the knowledge of how to deal with or they simply don't care. As somebody who went through college a bit later in life for a second career to enter the IT world I know from my experience that often the professors teaching are ones who didn't make it as real world developers. There were a few here and there that chose to enter the college life as a way to help but most pretty obviously had to settle for lower pay because their ability forced them out of developer job.
This is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.
When you attend a technical college and your degree is in programming it damn well better be preparing you for a real world position. Sadly in my experience it wasn't even on the same planet. This would be like attending culinary school and not being taught about food safety and preventing food borne illness with proper handling and storage of food.
That's fair but I don't think that even 4 years in a technical program as broad as "programming" is going to teach you the intricate ins and outs of every single programming language, development tool and how to use those in corporate environments. Now if someone went to school for a degree specifically in SQL and couldn't identify the issues with SQL Injection I would be more annoyed.
Of course it won't teach the ins and outs of all languages. But it should teach you about parameterized queries from any application. What it shouldn't do it suggest you don't need which seems to be the norm these days. I know when I got my degree in 2001 we barely touched on the topic at all. Sad really, it should have been covered and required in any language we learned. It is so easy in every language I have written code that not teaching this to students should be grounds for termination. I mean that seriously. It is barely a few keystrokes more typing and saves entire applications. Especially for people for learning this is critical. I think it is more critical for a developer to understand the importance of this as they are the ones writing the code.
My actual degree title is Computer Information Systems (or something close to that). We wrote code in C++, Java, VB6. There were still a couple "dinosaur" classes being taught but only a semester each like COBOL, CICS and JCL. We worked with Access (of course), DB2 (COBOL class) and Oracle. Pretty broad for sure but parameterized queries should have been the norm and required. The only time I used parameterized queries was in my senior project, not because I had to but because I had learned on my own how critical that is. Thankfully that is the case as our team wrote a POS for a local business which they used for several years.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
April 16, 2018 at 11:43 am
Grant Fritchey - Monday, April 16, 2018 9:59 AMSean Lange - Monday, April 16, 2018 9:49 AMZZartin - Monday, April 16, 2018 9:42 AMThis is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.When you attend a technical college and your degree is in programming it damn well better be preparing you for a real world position. Sadly in my experience it wasn't even on the same planet. This would be like attending culinary school and not being taught about food safety and preventing food borne illness with proper handling and storage of food.
My son had to take a programming course in C for his engineering degree he's currently working on. Yes, C. Not only that, but the teacher required them to take all tests on paper because "engineers and developers never make mistakes, so you have to be able to code everything, only on paper." He wouldn't let me go and have a chat with the guy. Anecdote <> Data, but it didn't give me a warm & fuzzy about the state of education.
Oh man, I had a couple professors that made us do that too. Paper tests/quizes using C. Forgot the semicolon on a statement? That'll be one point sir. Maybe 10 - 20% of my degree had real world benefits, the rest I had to learn OJT or on my own initiative.
April 16, 2018 at 12:24 pm
HighPlainsDBA - Monday, April 16, 2018 11:43 AMGrant Fritchey - Monday, April 16, 2018 9:59 AMSean Lange - Monday, April 16, 2018 9:49 AMZZartin - Monday, April 16, 2018 9:42 AMThis is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.When you attend a technical college and your degree is in programming it damn well better be preparing you for a real world position. Sadly in my experience it wasn't even on the same planet. This would be like attending culinary school and not being taught about food safety and preventing food borne illness with proper handling and storage of food.
My son had to take a programming course in C for his engineering degree he's currently working on. Yes, C. Not only that, but the teacher required them to take all tests on paper because "engineers and developers never make mistakes, so you have to be able to code everything, only on paper." He wouldn't let me go and have a chat with the guy. Anecdote <> Data, but it didn't give me a warm & fuzzy about the state of education.
Oh man, I had a couple professors that made us do that too. Paper tests/quizes using C. Forgot the semicolon on a statement? That'll be one point sir. Maybe 10 - 20% of my degree had real world benefits, the rest I had to learn OJT or on my own initiative.
Maybe they were preparing you for that job interview where you're expected to write code on the white board. 🙂
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
April 16, 2018 at 12:30 pm
Eric M Russell - Monday, April 16, 2018 12:24 PMHighPlainsDBA - Monday, April 16, 2018 11:43 AMGrant Fritchey - Monday, April 16, 2018 9:59 AMSean Lange - Monday, April 16, 2018 9:49 AMZZartin - Monday, April 16, 2018 9:42 AMThis is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.When you attend a technical college and your degree is in programming it damn well better be preparing you for a real world position. Sadly in my experience it wasn't even on the same planet. This would be like attending culinary school and not being taught about food safety and preventing food borne illness with proper handling and storage of food.
My son had to take a programming course in C for his engineering degree he's currently working on. Yes, C. Not only that, but the teacher required them to take all tests on paper because "engineers and developers never make mistakes, so you have to be able to code everything, only on paper." He wouldn't let me go and have a chat with the guy. Anecdote <> Data, but it didn't give me a warm & fuzzy about the state of education.
Oh man, I had a couple professors that made us do that too. Paper tests/quizes using C. Forgot the semicolon on a statement? That'll be one point sir. Maybe 10 - 20% of my degree had real world benefits, the rest I had to learn OJT or on my own initiative.
Maybe they were preparing you for that job interview where you're expected to write code on the white board. 🙂
Earned my BS in Computer Science in the 80's (took 12 years from graduating High School) and I would have to say all it really did was teach concepts with some language elements thrown in to help someone get an entry level job. I definitely learned more in the work force.
April 16, 2018 at 2:50 pm
Lynn Pettis - Monday, April 16, 2018 12:30 PMEric M Russell - Monday, April 16, 2018 12:24 PMHighPlainsDBA - Monday, April 16, 2018 11:43 AMGrant Fritchey - Monday, April 16, 2018 9:59 AMSean Lange - Monday, April 16, 2018 9:49 AMZZartin - Monday, April 16, 2018 9:42 AMThis is more a problem with bad expectations being set for higher education. A college degree is not supposed to be job training in computer science anymore than say an engineering degree is job training for being a car mechanic.When you attend a technical college and your degree is in programming it damn well better be preparing you for a real world position. Sadly in my experience it wasn't even on the same planet. This would be like attending culinary school and not being taught about food safety and preventing food borne illness with proper handling and storage of food.
My son had to take a programming course in C for his engineering degree he's currently working on. Yes, C. Not only that, but the teacher required them to take all tests on paper because "engineers and developers never make mistakes, so you have to be able to code everything, only on paper." He wouldn't let me go and have a chat with the guy. Anecdote <> Data, but it didn't give me a warm & fuzzy about the state of education.
Oh man, I had a couple professors that made us do that too. Paper tests/quizes using C. Forgot the semicolon on a statement? That'll be one point sir. Maybe 10 - 20% of my degree had real world benefits, the rest I had to learn OJT or on my own initiative.
Maybe they were preparing you for that job interview where you're expected to write code on the white board. 🙂
Earned my BS in Computer Science in the 80's (took 12 years from graduating High School) and I would have to say all it really did was teach concepts with some language elements thrown in to help someone get an entry level job. I definitely learned more in the work force.
Back in the '80s, there were a folks competing for those entry level IT jobs. I recall back in the '90s showing up for job interviews and waiting in line out in the hallway, sometimes sitting on the floor, for hours along with two dozen other candidates, and the managers conducting the interviews acted as if they couldn't care less, as if we were trying out for for a spot on 'America's Got Talent'. In that era, a CS degree bumped you to the font of the line.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
April 16, 2018 at 2:54 pm
Steve Jones - SSC Editor - Monday, April 16, 2018 10:12 AMMy kid did a Python course and then another programming one. I think they did a good job teaching programming fundamentals, but not for the real world. No VCS, no testing, just hack and go, much like I did back in 1979/80. There are better ways now, and there should be some updates to more classes.
Exactly - programming isn't just memorizing commands and stringing them together. Exposure to the core parts of our science/craft/art/etc is necessary: data structures, algorithms, abstraction / variable assignment, conditional statements, expressions, repetition, etc. I would love the see the next generation get some focus on testing and writing unit tests, scaffolding situations.
Also - Fred Brooks "Mythical Man Month" should be required reading.
Viewing 15 posts - 31 through 45 (of 80 total)
You must be logged in to reply to this topic. Login to reply