Database Theory 101

Relational databases are powerful beasts. Rightly so they've replaced heirarchical databases for most types of data, directories being the notable exception. But things go wrong when someone who doesn't know jack squat about them is in charge. You'd like an example? Well, it just so happens that I have one. How convenient.

Head on over to and take a look. See if you can find the error before you finish reading this post. Go ahead, I'll wait. Be careful if you sign up for an account as they'll seriously spam your email address. Make sure you uncheck the box that says "send me tons of crap", or whatever it was. Rotten liars. You know, they never did respond to my scathing email.

Anyway, their gimmick is simple. Recipes from the current episode are online, but previous episodes are only for subscribers to Cooks Illustrated magazine. Fair enough. How's it accomplished? Very poorly. A typical URL looks like this (trimmed for brevity): "/recipe.asp?recipeids=26&iSeason=6". The current season is 6, so any link to say "Season=4" will give you a "please pay us $$$ to access this content". Think about that for a second. What's to keep you from changing "4" to "6"? I'll tell you. Absolutely nothing. Try it out and you'll see.

The proper way to do this is to use a relational database (getting back to our topic) to link RecipeId #26 to Season #6. Since a recipe would only be in one season, you'd actually just need a single column added to the table. It doesn't get any simpler than that, and would prevent unauthorized access.

Well, until the incompetent webmasters over at America's Test Kitchen catch wind of this blog you may want to scoop up all their recipes. Considering the popularity of my site, I wouldn't worry about hurrying.


1 Comment

Good catch

Looks like you don't even need to register with a valid email to view these pages. They consider you registered as soon as you hit submit.

I love it when you can look at the URL and see how a site performs SQL queries. I have designed some simple dynamic websites, and the URL is such a bad place to store variables, IMHO.

It makes you wonder what other problems they might have with their website (sql injection, etc).


Subscribe to Comments for "Database Theory 101" Subscribe to - All comments