The Daily WTF: Curious Perversions in Information Technology

A Quick Escape

by Remy Porter in CodeSOD on 2020-04-30

I am old. I’m so old that, when I entered the industry, we didn’t have specializations like “frontend” and “backend” developers. You just had developers, and everybody just sort muddled about. As web browsers have migrated from “document display tool” to “enh, basically an operating system,” in terms of complexity, these two branches of development have gotten increasingly siloed.

Which creates problems, like the one Carlena found. You see, the front-end folks didn’t like the way things like quotes were displaying. A quote or a single quote should be represented as a character entity- &#39, for example.

37 comments - Last comment @ 2021-11-11

The Evil CMS

by Remy Porter in CodeSOD on 2020-04-28

Content Management Systems always end up suffering, at least a little, from the Inner Platform Effect. There’s the additional problem that, unlike say, a big ol’ enterprise HR system or similar, CMSes are useful for just about everyone. It’s a quick and easy way to put together a site which anyone can maintain. But it never has enough features for your content. So you always install plugins- plugins of wildly varying quality and compatibility.

Lucio Crusca was doing a security audit of a Joomla site, found this block inside an installed plugin:

32 comments - Last comment @ 2020-05-17

A Tern Off

by Remy Porter in CodeSOD on 2020-04-27

Jim J's co-worker showed him this little snippet in the codebase.

  foreach (ToolStripMenuItem item in documentMenuItem.DropDownItems)
  {
      item.Enabled = item.Enabled ? Document.Status == DocumentStatusConsts.New : item.Enabled;
  }

27 comments - Last comment @ 2020-06-11

WTFYou, Pay Me

by Remy Porter in CodeSOD on 2020-04-23

Julien’s employer has switched their payroll operations to a hosted solution. The hosted solution has some… interesting features. The fact that it has a “share” button, implying you can share your paystub infromation with other people is unusual (but good: keeping salaries confidential only helps management underpay their employees). More problematic is that this feature emails it, and instead of putting in an email address manually, you instead pick off a drop-down list- which contains the email of every user of the hosted system.

Seeing this, Julien had to take a peek at the code, just to see what other horrors might lurk in there.

27 comments - Last comment @ 2020-05-21

Bad Code and Taxes

by Remy Porter in CodeSOD on 2020-04-22

Here in the US, “tax season” is extended into the summer. No one likes dealing with taxes, obviously, but we agree that the social benefits outweigh the costs.

I can’t speak to how folks feel in Italy. But Riccardo B was perusing the Italian Revenue Service’s (INPS) website, and was having a bad time of it. This website was recently “modernized”, which Riccardo tells us cost €300M (I wasn’t able to track down much on this, and since I don’t speak Italian, I’ll take Riccardo’s word on it), so “having a bad time” doesn’t seem like it should be part of the process.

46 comments - Last comment @ 2020-05-13

A Leap to SQL

by Remy Porter in CodeSOD on 2020-04-16

When I was a baby programmer, I was taught that part of the power of SQL was that we had a generic, abstract language which meant we could easily change database engines out under our code without having to think about it. In short, I was taught a horrible pack of lies.

For all that SQL has a standard, every database vendor has non-standard features, especially around various built-in functions. The end result is that, if you adopt SQL Server, you’re going to be on SQL Server for the life of the application. If you adopt Oracle, you will suffer that choice for the remainder of your existence on this plane and perhaps the next.

34 comments - Last comment @ 2020-05-05

Highly Paid Entities

by Remy Porter in CodeSOD on 2020-04-15

Years ago, Samuel’s company brought in some Highly Paid Consultants. The HPCs brought with them a binder full of best practices, a dedicated Agile coach, and a slick project plan that promised to accomplish everything the company needed in half the time budgeted.

One of their “best practices” was the advice that “ORMs are considered harmful,” and while the existing codebase already made liberal use of .NET’s Entity Framework, their new code would be “optimized”.

18 comments - Last comment @ 2020-04-20

The Date Wrapper

by Remy Porter in CodeSOD on 2020-04-09

As we’ve harped upon many, many, many, many, many, many times: writing your own date functions is bad. Use the built-ins or a library or anything but your own awful string-mangling date code.

But you can and should wrap the date handling stuff in your own functions as convenient. That’s just good programming.

23 comments - Last comment @ 2020-04-29

Did You Null This?

by Remy Porter in CodeSOD on 2020-04-08

If I were to catalog my biggest failings as a developer, it’s a carelessness around defensive programming. It’s tedious, and it takes work and forethought, and honestly, I just want to get the thing working and see the results. But I recognize it’s important, and work on developing that mindset.

Today’s anonymous submitter found some Java code that is extremely defensive.

36 comments - Last comment @ 2024-04-05

To Repeat Yourself

by Remy Porter in CodeSOD on 2020-04-07

Java’s history with web applications is, well, complicated. Java, heavily focused on being the True Object Oriented language, went the route of containers and service-providing classes and runtime bindings and dynamic hooks and lookups well before anyone else.

The core layer which underpins a lot of the web interactions is the Servlet specification. Servlets are just classes which are wired up to handle HTTP requests. Do whatever you want there. Slap a bunch of annotations for JAX-RS on there, and it’s a restful web service. Drop a JSP file in there, a it runs as a servlet with a template. Start playing with Java Server Faces? It’s servlets all the way down.

21 comments - Last comment @ 2021-03-17

Now I Need an Injection

by Remy Porter in CodeSOD on 2020-04-06

Frankie was handed a pile of PHP and told, "Move this to a new host." The process didn't go well- simply copying the code to the server chucked out a 500 error. So Frankie started digging into the code.

Like a lot of PHP code, this code wasn't written. It happened. A long chain of revisions, emergency fixes, quick and dirty hacks, and "I dunno what I did, but that fixes it," meant that it was a twisty pile of spaghetti that wasn't drained properly and now is all sort of sticking together into a starch blob that only vaguely resembles the pasta it once was.

20 comments - Last comment @ 2020-05-15

Translatováno

by Remy Porter in CodeSOD on 2020-04-02

Let’s say you’re a native English speaker. Let’s say you’re writing a library which is going to be used by Czech speakers, like our submitter Jan Krynický. You’ve been told to make sure the code is usuable by them, so you decided to use C#’s annotations to provide Czech documentation of various fields.

There’s just one problem: you don’t know Czech. You know enough to know that the Czech equivalent of “-ed”, as in “uploaded” is “-ováno”, so “uploadováno” seems perfectly reasonable to you. Czech documentation, done. It might not be the best choice, but they'll get the point.

36 comments - Last comment @ 2022-02-22

Tern Java Into Python

by Remy Porter in CodeSOD on 2020-04-01

Thomas K was browsing around, trying to give folks some technical help. While doing that, he found a poor, belaguered soul who had been given a task: convert some Java code to Python.

This was the code:

23 comments - Last comment @ 2020-04-20

Recent CodeSOD