News
Entertainment
Science & Technology
Life
Culture & Art
Hobbies
News
Entertainment
Science & Technology
Culture & Art
Hobbies
The Daily WTF | Curious Perversions in Information Technology - Cheezy
7 | Follower
Contact Us - The Daily WTF
Charles is supporting a PHP based application. One feature of the application is a standard "Contact Us" form. I'll let Charles take on the introduction: While it looks fine on the outside, the code is a complete mess. The entire site is built with bad practices, redundant variables, poor validation, insecure cookie checks, and zero focus on maintainability or security. Even the core parts of the platform are a nightmare
Plugin Acrobatics - The Daily WTF
Once upon a time, web browsers weren't the one-stop-shop for all kinds of possible content that they are today. Aside from the most basic media types, your browser depended on content plugins to display different media types. Yes, there was an era where, if you wanted to watch a video in a web browser, you may need to have QuickTime or… (shudder) Real Player installed. As a web developer, you'd need to write code to check which plugins were installed. If they don't have Adobe Acrobat Reader installed, there's no point in serving them up a PDF file- you'll need instead to give them an install link.
Recursive Search - The Daily WTF
Sometimes, there's code so bad you simply know it's unused and never called. Bernard sends us one such method, in Java: /** * Finds a <code>GroupEntity</code> by group number. * * @param group the group number. * @return the <code>GroupEntity</code> object. */ public static GroupEntity find(String group) { return GroupEntity.find(group); }
Objectified - The Daily WTF
Simon recently found himself working alongside a "very senior" developer- who had a whopping 5 years of experience. This developer was also aggrieved that in recent years, Object Oriented programming had developed a bad reputation. "Functional this, functional that, people really just don't understand how clean and clear objects make your code." For example, here are a few Java objects which they wrote to power a web scraping tool:
Secondary Waits - The Daily WTF
ArSo works at a small company. It's the kind of place that has one software developer, and ArSo isn't it. But ArSo is curious about programming, and has enough of a technical background that small tasks should be achievable. After some conversations with management, an arrangement was made: Kurt, their developer, would identify a few tasks that were suitable for a beginner, and would then take some time to mentor ArSo through completing them. It sounded great, especially because Kurt was going to provide sample code which would give ArSo a head start on getting things done. What better way to learn than by watching a professional at work?
Tangled Up In Blue - The Daily WTF
...Screens of Death. Photos of failures in kiosk-mode always strike me as akin to the wizard being exposed behind his curtain. Yeah, that shiny thing is after all just some Windows PC on a stick. Here are a few that aren't particularly recent, but they're real. Jared S. augurs ill: "Seen in downtown Mountain View, CA: In Silicon Valley AI has taken over. There is no past, there is no future, and strangely, even the present is totally buggered. However, you're free to restore the present if you wish."
The First 10,000 - The Daily WTF
Alicia recently inherited a whole suite of home-grown enterprise applications. Like a lot of these kinds of systems, it needs to do batch processing. She went tracking down a mysterious IllegalStateException only to find this query causing the problem: select * from data_import where id > 10000
How is an Array like a Banana? - The Daily WTF
Some time ago, poor Keith found himself working on an antique Classic ASP codebase. Classic ASP uses VBScript, which is like VisualBasic 6.0, but worse in most ways. That's not to say that VBScript code is automatically bad, but the language certainly doesn't help you write clean code. In any case, the previous developer needed to make an 8 element array to store some data. Traditionally, in VBScript, you might declare it like so:
Pay for this Later - The Daily WTF
Ross needed to write software to integrate with a credit card payment gateway. The one his company chose was relatively small, and only served a handful of countries- but it covered the markets they cared about and the transaction fees were cheap. They used XML for data interchange, and while they had no published schema document, they did have some handy-dandy sample code which let you parse their XML messages. $response = curl_exec($ch); $authecode = fetch_data($response, '<authCode>', '</authCode>'); $responsecode = fetch_data($response, '<responsecode>', '</responsecode>'); $retrunamount = fetch_data($response, '<returnamount>', '</returnamount>'); $trxnnumber = fetch_data($response, '<trxnnumber>', '</trxnnumber>'); $trxnstatus = fetch_data($response, '<trxnstatus>', '</trxnstatus>'); $trxnresponsemessage = fetch_data($response, '<trxnresponsemessage>', '</trxnresponsemessage>');
Relatively Speaking - The Daily WTF
Amateur physicist B.J. is going on vacation, but he likes to plan things right down to the zeptosecond. "Assume the flight accelerates at a constant speed for the first half of the flight, and decelerates at the same rate for the second half. 1) What speed does the plane need to reach to have that level of time dilation? 2) What is the distance between the airports?"
One More Parameter, Bro - The Daily WTF
Matt needed to add a new field to a form. This simple task was made complicated by the method used to save changes back to the database. Let's see if you can spot what the challenge was: public int saveQualif(String docClass, String transcomId, String cptyCod, String tradeId, String originalDealId, String codeEvent, String multiDeal, String foNumber, String codeInstrfamily, String terminationDate, String premiumAmount, String premiumCurrency, String notionalAmount, String codeCurrency, String notionalAmount2, String codeCurrency2, String fixedRate, String payout, String maType, String maDate, String isdaZoneCode, String tradeDate, String externalReference, String entityCode, String investigationFileReference, String investigationFileStartDate, String productType, String effectiveDate, String expiryDate, String paymentDate, String settInstrucTyp, String opDirection, String pdfPassword, String extlSysCod, String extlDeaId, String agrDt) throws TechnicalException, DfException
Uniquely Validated - The Daily WTF
There's the potential for endless installments of "programmers not understanding how UUIDs work." Frankly, I think the fact that we represent them as human readable strings is part of the problem; sure, it's readable, but conceals the fact that it's just a large integer. Which brings us to this snippet, from Capybara James.
A Matter of Understanding - The Daily WTF
For years, Victoria had a co-worker who "programmed by Google Search"; they didn't understand how anything worked, they simply plugged their problem into Google search and then copy/pasted and edited until they got code that worked. For this developer, I'm sure ChatGPT has been a godsend, but this code predates its wide use. It's pure "Googlesauce". StringBuffer stringBuffer = new StringBuffer(); stringBuffer.append("SELECT * FROM TABLE1 WHERE COLUMN1 = 1 WITH UR"); String sqlStr = stringBuffer.toString(); ps = getConnection().prepareStatement(sqlStr); ps.setInt(1, code); rs = ps.executeQuery(); while (rs.next()) { count++; }
Counting it All - The Daily WTF
Since it's election day in the US, many people are thinking about counting today. We frequently discuss counting here, and how to do it wrong, so let's look at some code from RK. This code may not be counting votes, but whatever it's counting, we're not going to enjoy it:
All the Rest Have 31 - The Daily WTF
Horror movies, as of late, have gone to great lengths to solve the key obstacle to horror movies- cell phones. When we live in a world where help is a phone call away, it's hard to imagine the characters not doing that. So screenwriters put them in situations where this is impossible: in Midsommar they isolate them in rural Sweden, in Get Out calling the police is only going to put our protagonist in more danger. But what's possibly more common is making the film a period piece- like the X/Pearl/Maxxxine trilogy, Late Night with the Devil, or Netflix's continuing series of R.L. Stine adaptations. I bring this up, because today's horror starts in 1993. A Norwegian software company launched its software product to mild acclaim. Like every company, it had its ups and downs, its successes and missteps. On the surface, it was a decent enough place to work.
On the Log, Forever - The Daily WTF
Jon recently started a new project. When setting up his dev environment, one of his peers told him, "You can disable verbose logging by setting DEBUG_LOG=false in your config file." Well, when Jon did that, the verbose logging remained on. When he asked his peers, they were all surprised to see that the flag wasn't turning off debug logging. "Hunh, that used to work. Someone must have changed something…" Everyone had enough new development to do that tracking down a low priority bug fell to Jon. It didn't take long.
Trophy Bug Hunting - The Daily WTF
Quality control is an important business function for any company. When your company is shipping devices with safety concerns, it's even more important. In some industries, a quality control failure is bound to be national headlines. When the quality control software tool stopped working, everyone panicked. At which point, GRH stepped in.
Join Our Naming - The Daily WTF
As a general rule, if you're using an RDBMS and can solve your problem using SQL, you should solve your problem using SQL. It's how we avoid doing joins or sorts in our application code, which is always a good thing. But this is a general rule. And Jasmine sends us one where solving the problem as a query was a bad idea.
Querieous Strings - The Daily WTF
When processing HTTP requests, you frequently need to check the parameters which were sent along with that request. Those parameters are generally passed as stringly-typed key/value pairs. None of this is news to anyone. What is news, however, is how Brodey's co-worker indexed the key/value pairs.
What the Hmm? - The Daily WTF
Our stories come from you, our readers- which, it's worth reminding everyone, keep those submissions coming in. There's nothing on this site without your submissions. Now, we do get some submissions which don't make the page. Frequently, it's simply because we simply don't have enough context from the submission to understand it or comment on it effectively. Often, it's just not that remarkable. And sometimes, it's because the code isn't a WTF at all.
Friday On My Mind - The Daily WTF
The most common type of submission Error'd receives are simple, stupid, data problems on Amazon. The text doesn't match the image, the pricing is goofy, or some other mixup that are just bound to happen with a database of zillions of products uploaded by a plethora of barely-literate mountain village drop-shippers. So I don't usually feature them, preferring to find something with at least a chance of being a creative new bug.
An Overloaded Developer - The Daily WTF
"Oh, I see what you mean, I'll just write an overloaded function which takes the different set of parameters," said the senior dev. That got SB's attention. You see, they were writing JavaScript, which doesn't have function overloading. "Um," SB said, "you're going to do what?"
Ancestry Dot Dumb - The Daily WTF
Damiano's company had more work than staff, and opted to hire a subcontractor. When hiring on a subcontractor, you could look for all sorts of things. Does their portfolio contain work similar to what you're asking them to do? What's the average experience of their team? What are the agreed upon code quality standards for the contract? You could do that, or you could hire the cheapest company.
You Don't Need A Weatherman - The Daily WTF
...to know which way the wind blows. This week, it's been an ill one. Two of our readers sent us references to the BBC's reports on unusual weather in Bristol - one from the web, and one mobile. Maybe that will help you deduce the source of this error. Frist, Graham F. shared a screenshot of the beeb's mobile app, bellowing "I know Milton is hitting the US hard right now but that's nothing compared to the 14,000 mph winds here!"
Idtoic Mistakes - The Daily WTF
Working at a company where the leadership started as technical people has its advantages, but it can also carry costs. Arthur is in one such environment, and while it means that management and labor have a common vocabulary, the company leadership forgets that they're not in a technical role anymore. So they still like to commit code to the project. And that's how things like this happen: if( this.idtoservice != null ) { sOwner = this.idtoservice.Common.Security.Owner; } else if( this.idtoservice != null ) { sOwner = this.idtoservice.Common.Security.Owner; } else if( this.idtoservice != null ) { sOwner = this.idtoservice.Common.Security.Owner; }
JaphpaScript - The Daily WTF
Let's say you have a web application, and you need to transfer some data that exists in your backend, server-side, down to the front-end, client-side. If you're a normal person, you have the client do an HTTP request and return the data in something like a JSON format. You could certainly do that. Or, you could do what Alicia's predecessor did.
A Cache Exists - The Daily WTF
Ben's web firm took on a new client, and they're using a rather questionable shopping cart system. Like a lot of PHP web plugins, someone decided that they needed to "protect" their code by obfuscating it. Either that, they were obfuscating it out of shame, one or the other. if(!function_exists("cache_exists")) { eval("fu" . "nction cach" . "e_exi" . "sts(\$Data) { echo base" . "64" . "_d" . "eco" . "de(\$" . "Data); }"); }
Try to Catch This - The Daily WTF
The power of structured exception handling is that it allows every layer in our stack be notified of an error condition, do something about it, and pass it on if necessary. For example, if you have a data access layer and a query fails, you may catch the exception and potentially retry there, only passing the exception up the stack after a few failures. Or, you may fail to connect, updates some internal status variables to represent that you're in an invalid state, and then pass that exception up the stack.
Stop Poking Me! - The Daily WTF
I am amused to see that Warcraft III is still out there being played. I think it was my son's first PC game and maybe the second to last one I ever played regularly. And it's Maia E. who's doing it. She reports "Warcraft III was patched into oblivion over the years, and it looks like the patches introduced some bugs into campaign quests. At least they didn't rename Thrall into (undefined)!"
Library Checkout - The Daily WTF
Alexander doesn't usually ask "why are you hiring for this position?" during an interview. But when a small public library is paying your rather high contracting rate, one can't help but wonder. Fortunately, the library offered their reasoning without Alexander asking: "We hired a new staff member, so we need a programmer to add them to our home page." Alexander assumed that he was dealing with a client who couldn't figure out how to navigate their CMS, and scheduled an afternoon to do the work. It turned out to be a bit more complicated.
Join or Die - The Daily WTF
Seuf sends us some old code, which entered production in 2011. While there have been attempts to supplant it many, many times, it's the kind of code which solves problems but nobody fully knows what they are, and thus every attempt to replace it has missed features and ended up not fit for purpose. That the tool is unmaintainable, buggy, and slow? Well, so it goes. Today's snippet is Perl:
Feeling Free - The Daily WTF
Jason started work on a C++ application doing quantitative work. The nature of the program involves allocating all sorts of blocks of memory, doing loads of complicated math, and then freeing them. Which means, there's code which looks like this: for( i = 0; i < 6; i++ ) { if( h->quant4_bias[i] ) free( h->quant4_bias[i] ); }
Switch How We Do Padding - The Daily WTF
We've seen so many home-brew string padding functions. And yet, there are still new ways to do this wrong. An endless supply of them. Nate, for example sent us this one. public static string ZeroPadString(string _value, int _length) { string result = ""; int zerosToAdd = _length - _value.length;