Every time I sign a NAP

does the nap actually go through though?  or is this preventing you from signing naps

have disabled all adons.. but yes I do sign them.. but it just looks so stupid every time.. like its not suppose to be there..

goldmmbr, what a dumb thing to assume you know why i'm asking.

it matters because of prioritization.  there are a lot of things to be fixed in IC and a lot of things to be looked at in general.  if this is preventing naps from being signed in any way then the urgency is much higher than if it is simply an error message.  if it simply an error message then this can wait a little bit longer.  yes it could be a simple 2 minute fix but if i stop to do every 2 minute fix i won't have time for anything else.

you see, i don't have all the time in the world. i have even less time this weekend because i am working on a tight deadline for my job where guess what, i work as a developer.

what's more is that this error in particular is exposing schema information which is less secure than i'd like.  if/when i do fix this problem i'm going to have to evaluate the error handling and decide what needs to be changed there and prioritize that as well.  there is more to a bug than simply fixing it.  there is also prioritization and time management.  any experienced programmer would recognize this when they see it

but yes, i am a developer.  really.  i've been in the field for over 10 years.  don't assume you know anything about my credentials because you don't.

haha no, i think that was one of the mods.  they're used to getting shit from players so i gather that they are sympathizing with me here

I've had that bug too, and no, it doesn't prevent a nap from being signed.

What is there to evaluate and handle?
You cannot have a ' as a valid char.
Any experienced programmer would recognize that this should be of highest priority.
What if someone names his fam:  ') drop table X
Did you think about that when making your "smart" comeback?

goldmmbr, what's up with the attitude?  First you assume I am asking for more details because I don't know what is causing this bug, and that I don't know what an unescaped string is.  Now you're assuming that I don't know what sql injection is.

Now, I can't go into too much detail because that would be a further security issue, but this particular risk is mitigated because of the way the family name and this query are processed.  Is it theoretically an injection issue?  Absolutely.  However, in its current state what you are describing is simply not possible.  I can't show you the code to explain why because you aren't a developer here.  Nor should I need to.

Does that mean it shouldn't be fixed?  Of course not.  This is still a problem and something I intend to look at.  But honestly, while your concern is a valid one, you are way out of your place here to tell any of us devs what we should be doing.  On top of that, you don't know anything about the actual code files so it is purely by assumption that you "know" what a high priority this should be.

Quit being so arrogant.  You don't know nearly as much as you think you do.

If you have concerns about something try expressing them in a positive, constructive manner.  There's no need to say "And you are a developer ? Really ?"  Honestly, how does that help anything?

Indeed.