>From the GCHG competition :
>
>Q. Sometimes security vulnerabilities are simple coding mistakes that even the most seasoned developers can make. What is wrong with the following lines of (C#) code to compute a date range to filter a list of results? What would be a better approach?
var currentDate = DateTime.Now;
>var startDate = new DateTime(currentDate.Year - 1, currentDate.Month, currentDate.Day);
>var endDate = currentDate;
>// Filter the results etc.
Blows up if run on Feb. 29th of a leap year; there is no Feb. 29 of the prior year. Better might be to always subtract 365 days, rather than one year.
Regards. Al
"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov
Neither a despot, nor a doormat, be
Every app wants to be a database app when it grows up