I let my password manager create 32 char passwords, that should be enough for a while. But of course then you have websites that throw you a ‘your password is too long’ message and have you find out by trial and error that they only accept 12 characters.

Or the off-by-one errors where they insist that 24 chars are the max, but in reality they accept 23. Probably never tested the limit.

Or websites that truncate your password after X characters when registering, but not when logging in, so you end up with an incorrect password and good luck finding out which limit the registration page actually uses.

but mysqli_real_escape_string() or any number of other similar solutions are indeed a thing that exists. A prepared statement would work, too.

You make it sound as if a prepared statement is a last resort. I would turn that around: as a rule always use prepared statements when dealing with user input. It’s very easy to forget a single call to mysqli_real_escape_string().

Ubuntu, the Nickelback of distros.

Ah, so he’s going to stop posting there? Right?

Titanic.

The hype here was insane, when I finally saw it the experience was… underwhelming. Such a boring slog of a movie, mediocre CGI when disaster finally struck and that stupid end… Get on the piece of wood that is obviously big enough to hold you both, you dolt.

Only upside is that I watched it on TV, so apart from some hours of my life I’ll never get back it didn’t cost me anything.