Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Quiz question
Message
De
17/05/2014 14:12:14
Bill Fitzgerald
Woodbury Systems Group
Hamilton, New Jersey, États-Unis
 
 
À
17/05/2014 13:50:59
Gregory Adam
Belgique
Information générale
Forum:
ASP.NET
Catégorie:
Autre
Titre:
Re: Quiz question
Versions des environnements
Environment:
VB 9.0
OS:
Windows Server 2012
Network:
Windows 2008 Server
Database:
MS SQL Server
Application:
Web
Divers
Thread ID:
01600139
Message ID:
01600155
Vues:
44
>>>>From the GCHG competition :
>>>>
>>>>Q. Sometimes security vulnerabilities are simple coding mistakes that even the most seasoned developers can make. What is wrong with the following lines of (C#) code to compute a date range to filter a list of results? What would be a better approach?
var currentDate = DateTime.Now;
>>>>var startDate = new DateTime(currentDate.Year - 1, currentDate.Month, currentDate.Day);
>>>>var endDate = currentDate;
>>>>// Filter the results etc.
>>>
>>>Better approach
>>>
>>>DateTime startDate = currentDate.AddMonths(-12);
>>>
>>>
>>>Also, ToDay may be a better choice
>>>
>>>var currentDate = DateTime.ToDay;
>>>
>>
>>Gregory - why may ToDay be a better choice?
>
>Depends, Bill, ToDay is only the date part of a DateTime struct- hours, minutes and seconds are all set to zero

Thanks!
Anyone who does not go overboard- deserves to.
Malcolm Forbes, Sr.
Précédent
Répondre
Fil
Voir

Click here to load this message in the networking platform