Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Monday January 02 2017, @07:48AM   Printer-friendly
from the Robert');-DROP-TABLE-students; dept.

Jennifer Null's husband had warned her before they got married that taking his name could lead to occasional frustrations in everyday life. She knew the sort of thing to expect – his family joked about it now and again, after all. And sure enough, right after the wedding, problems began.

"We moved almost immediately after we got married so it came up practically as soon as I changed my name, buying plane tickets," she says. When Jennifer Null tries to buy a plane ticket, she gets an error message on most websites. The site will say she has left the surname field blank and ask her to try again.

Instead, she has to call the airline company by phone to book a ticket – but that's not the end of the process.

"I've been asked why I'm calling and when I try to explain the situation, I've been told, 'there's no way that's true'," she says.

But to any programmer, it's painfully easy to see why "Null" could cause problems for software interacting with a database. This is because the word 'null' can be produced by a system to indicate an empty name field. Now and again, system administrators have to try and fix the problem for people who are actually named "Null" – but the issue is rare and sometimes surprisingly difficult to solve.

[...] "Null" isn't the only example of a name that is troublesome for computers to process. There are many others. In a world that relies increasingly on databases to function, the issues for people with problematic names only get more severe.

Some individuals only have a single name, not a forename and surname. Others have surnames that are just one letter. Problems with such names have been reported before. Consider also the experiences of Janice Keihanaikukauakahihulihe'ekahaunaele, a Hawaiian woman who complained that state ID cards should allow citizens to display surnames even as long as hers – which is 36 characters in total. In the end, government computer systems were updated to have greater flexibility in this area.

Source: BBC.

What other names have you run into that have been problematic for computers?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by Anonymous Coward on Monday January 02 2017, @08:13AM

    by Anonymous Coward on Monday January 02 2017, @08:13AM (#448434)

    In this case, I believe this one, while not xkcd, is more appropriate -- not to mention a requred reading for anyone implementing anything to do with names:
    http://www.kalzumeus.com/2010/06/17/falsehoods-programmers-believe-about-names/ [kalzumeus.com]

    Starting Score:    0  points
    Moderation   +4  
       Insightful=1, Interesting=1, Informative=2, Total=4
    Extra 'Informative' Modifier   0  

    Total Score:   4  
  • (Score: 0) by Anonymous Coward on Monday January 02 2017, @08:25AM

    by Anonymous Coward on Monday January 02 2017, @08:25AM (#448438)

    Not xkcd what the fuck this shit I don't even.

    Didn't you read the dept line? This is xkcd discussion.

    Get your real work professional programming shit the fuck out of here.

    • (Score: 4, Insightful) by davester666 on Monday January 02 2017, @09:30AM

      by davester666 (155) on Monday January 02 2017, @09:30AM (#448453)

      But who the fuck actually uses the string "Null" to indicate a null string?

      • (Score: 5, Insightful) by Dunbal on Monday January 02 2017, @11:36AM

        by Dunbal (3515) on Monday January 02 2017, @11:36AM (#448476)

        Airlines, apparently. You should see how the avionics are coded...

      • (Score: 2) by Nerdfest on Monday January 02 2017, @01:04PM

        by Nerdfest (80) on Monday January 02 2017, @01:04PM (#448487)

        You would be amazed the number of times I've seen this. I was thinking about getting a licence plate with this value.

      • (Score: 2) by el_oscuro on Monday January 02 2017, @06:01PM

        by el_oscuro (1711) on Monday January 02 2017, @06:01PM (#448587)

        In SQL, NULL is actually a valid keyword to represent a null value. So if your app has dynamic SQL with unsanitized input you could certainly get this error. If you put in and get an error, then you can probably dump the entire database.

        --
        SoylentNews is Bacon! [nueskes.com]
        • (Score: 2) by maxwell demon on Monday January 02 2017, @06:03PM

          by maxwell demon (1608) on Monday January 02 2017, @06:03PM (#448589) Journal

          But doesn't SQL distinguish between the keyword NULL and the string "NULL"?

          --
          The Tao of math: The numbers you can count are not the real numbers.
          • (Score: 3, Interesting) by edIII on Monday January 02 2017, @07:53PM

            by edIII (791) on Monday January 02 2017, @07:53PM (#448622)

            I think that is what he meant by inputs that aren't sanitized. I use NULL or null all over the place, but anything inside single quotes is treated as a value, and is not null.

            I'm having a hard time figuring out how this could cause a problem within SQL specific to the name itself, and not the construction of the statement. It's usually Irish names with a ' character that gave me problems in the past, but that was before I figured out how to solve it with parameterized queries.

            The example in the article isn't SQL, but XML processing giving the error. So I would surmise the real issue has nothing to do with SQL databases, but with the APIs and frameworks that are using it.

            Unrelated to names, I had a problem with XML processing in the past and got around it with a more or less ugly hack. You base64 encode everything which makes it SQL/XML safe. At display/processing time I was decoding that data. I think that had more to do with how Google was dealing with XML, since that same XML was treated as valid in other systems.

            Making strings process safe is rather hard when we use symbols to delineate, that are *also* being used in valid names and inputs. That is something that has boggled my fucking mind from day one. We should have special bookmark symbols just for that, that have no place inside common speech. The single quote is very much used in common speech and names, and is by far the stupidest fucking delimiter of all time, along with the comma. The piping symbol would seem to be perfect, looks like bookends, but noooo....

            That being said though, with emojis and ASCII art type stuff, we would need to heavily restrict those bookmark symbols lest we deal with the same bullshit we deal with now.

            Of course, in the future everyone wants something unique. Last time I had a real issue with inputs somebody legally had an underscore in their name. Not hyphen, but underscore.

            --
            Technically, lunchtime is at any moment. It's just a wave function.
          • (Score: 0) by Anonymous Coward on Monday January 02 2017, @08:03PM

            by Anonymous Coward on Monday January 02 2017, @08:03PM (#448624)

            Ideally, yes. Not if you're using Oracle, however. Remember, kids, '' != ''! Because Oracle fucking fails!

            (Note: '' IS NULL, and as we remember, NULL cannot equal anything. Things can be IS NULL, but never equal to NULL. So, '' != ''.)

            Also if you're using the edit view in SQL Enterprise Manager (MSSQL), you can type "NULL" in a varchar column to wind up with a NULL value. Not '', NULL. At least in MSSQL '' = ''. (But NULL != NULL. NULL IS NULL, never =).

            Oh, and fuck them for not using parameterized queries. Why the fuck wouldn't somebody use parameterized queries? It makes everything so fucking easy.

        • (Score: 2) by fritsd on Monday January 02 2017, @07:12PM

          by fritsd (4586) on Monday January 02 2017, @07:12PM (#448613) Journal

          If you put in (...) you can probably dump the entire database.

          I saw what you did there, tovarisj :-)

      • (Score: 3, Insightful) by mojo chan on Tuesday January 03 2017, @09:06AM

        by mojo chan (266) on Tuesday January 03 2017, @09:06AM (#448827)

        I can tell you exactly how it happens.

        Programmer A writes this great booking system for Airline A. It carefully sanitises all input, can handle names like "Null" and "O". But then the airline partners up with another and they need to share booking data. Airline B says "why don't you just submit data via this special HTML form we made?", and Airline A gets their web frontend developer to do just that. Of course, the web person doesn't really think too much about it, they just query the database and send whatever it sends back. And the other web coder at Airline B knows that he needs to sanitise his inputs, so he throws in a standard santisier string he found on Stack Exchange...

        And a few years later, after some mergers and others joining the system, that's now the standard and people called Null are screwed.

        --
        const int one = 65536; (Silvermoon, Texture.cs)