SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Evangelist j0n's Avatar
    Join Date
    Apr 2003
    Location
    uk
    Posts
    545
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Best way to pitch for a contact.

    Hi,

    We have recently come across a pretty large local companies website that has a few massive gaping holes in the system. Things like parsing database query's in the URL on lots of different occasions. It would be possible to delete the entire database just with a few variable changes on a few different urls.

    Needless to say we haven't done such a thing, but we feel this site needs fixing.

    What would be the best way to pitch for this contact? I don't want the first contact we make with the company sound like a threat. More a suggestion, but wording that we could take their entire site down in a few minutes isn't going to be an easy thing to portray to a non-techy person.

    Write a proposal and email it over? Call them and try and make it sound like a suggestion and not a thread? Take their site down and make it forward to our company site? (that isn't a serious suggestion btw )

    Any help is much appreciated.

    Thanks,
    Jon

  2. #2
    Word Painter silver trophy Shyflower's Avatar
    Join Date
    Oct 2003
    Location
    Winona, MN USA
    Posts
    10,053
    Mentioned
    142 Post(s)
    Tagged
    2 Thread(s)
    I wouldn't try to "pitch" this company at all at this point. You say that it's a pretty large company. Are you sure they don't have inhouse web development?

    I think the best thing to do is call and ask for the person in charge of their web. Introduce yourself as your name from your company and tell them you are experienced in data base programming, that you browsed their website and noticed some serious errors in the display of their urls.

    Tell them that you'd be happy to talk to their programmer and discuss the errors if they have a programmer on board. If they don't, you'd be happy to meet with them on a professional basis and discuss what it would take to fix the errors.

    That way, you're not pitching ... you're offering to help.

    First impressions are everything. Work at making a good one in your written correspondence or phone call and quite possibly, if they don't hire you for this job, they'll remember you the next time they need programming help.
    Linda Jenkinson
    "Say what you mean. Mean what you say. But don't say it mean." ~Unknown

  3. #3
    SitePoint Wizard bronze trophy
    Join Date
    Oct 2004
    Location
    UK
    Posts
    2,673
    Mentioned
    10 Post(s)
    Tagged
    0 Thread(s)
    If they are big, definitely call them up, introduce yourself and arrange a meeting. If there's a risk of SQL injection, they should know about it - chances are they'll work out the source of the problem themselves once you plant the seed, but it would be a good way to get your foot in the door.

  4. #4
    SitePoint Guru rageh's Avatar
    Join Date
    Apr 2006
    Location
    London, Formerly Somalia
    Posts
    612
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No matter what you do, I don't think they will introduce their programmer(in-house or otherwise) hastily. They may let you speak with someone with some technical knowledge about the website, and he surely would ask you about the nature of the threat. If you tell him, his team will fix it. But do'nt tell anything unless they arrange a meeting. Insist you will talk face-to-face. At no point should you sound threatening. It will be unprofessional.

    I doubt they will hire an outside help if they have an in-house programmer already. Buy try.
    ------------------


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •