Recent Articles

Aug 2022

The Mailroom Elevator

by in Feature Articles on

Bruce W's employer was best described as The Mega Bureaucracy. It's the kind of place where it takes twenty weeks to provision web servers, because of the number of forms, checkpoints, and management sign-offs involved. The Mega Bureaucracy did all of this because it kept their environment "stable", and equally important, "secure".

Speaking of security, the Mega Bureaucracy needed to expand its offices, and went out and constructed two new fourteen story office buildings which would serve as their headquarters. These offices needed to be validated for security, and Bruce was invited to be on the team that would perform the assessment. The first area they visited was the mailroom which served both buildings.


Trees are Faster

by in Tales from the Interview on

Mindy recently had an interview. It started off quite well. The company seemed to be well run, the first few folks Mindy talked too seemed nice enough. And then she sat down with their lead developer, Davin.

"What's your experience with SQL Server stored procedures?" Davin asked.


Ungrounded Galoshes

by in Error'd on

There's no real theme to be gleaned from this week's submissions, just the usual sort of things and a tiny serving of irony courtesy of Google.

Undercover QA engineer Randy O. somehow provoked British Gas to refuse to quote him a meaningful fee. "I uploaded my meter readings to the British Gas website, and they updated my estimated bill," he explained. "When they want me to pay it I may just say NaH." And that's no lye.


Ordering Off This Menu

by in CodeSOD on

While browsing one day, Emma clicked a link on a site and nothing happened. That was annoying, but Emma wasn't about to give up. She tried to get the URL out of the link, only to discover that there wasn't a URL. Or a link. A quick trip to the DOM inspector highlighted what was going on:

<div id="I32" align="left" onclick="ItemClick(3,2)" onmouseout="RollOut(3,2,false)" onmouseover="RollOver(3,2,false)" style="position: absolute; top: 43px; left: 1px; width: 176px; height: 16px; font: bold 8pt Arial; color: rgb(1, 35, 69); background: none repeat scroll 0% 0% rgb(255, 255, 255); padding: 2px; cursor: pointer; border: 0px solid rgb(255, 255, 255);">Project Office</div>

Duplication

by in CodeSOD on

NoSQL databases frequently are designed to shard or partition across many nodes. That, of course, makes enforcing unique IDs different than you might do in a SQL database. You can't efficiently have an autoincrement sequence, and instead have to have something like a UUID.

But if you've designed your NoSQL database badly, or your input data isn't well sanitized, you might find yourself in a situation where you can't guarantee uniqueness without validating every row. That's a bad place to be, but it's probably how the code Remco found started its life.


A Tip

by in CodeSOD on

David was poking around in some code for a visualization library his team uses. It's a pretty potent tool, with good code quality. While skimming the code, though, David found this mismatched comment and code:

def get_tip(self): # Returns the position of the seventh point in the path, which is the tip. if config["renderer"] == "opengl": return self.points[34] return self.points[28] # = 7*4

Around 20 Meg

by in CodeSOD on

Michael was assigned a short, investigatory ticket. You see, their PHP application allowed file uploads. They had a rule: the files should never be larger than 20MB. But someone had uploaded files which were larger. Not much larger, but larger. Michael was tasked with figuring out what was wrong.

Given that the error was less than half a megabyte, Michael had a pretty good guess about why this was.


Movement Activated

by in Error'd on

England and the United States, according to the old witticism, are two countries separated by a common language. The first sample deposited in our inbox by Philip B. this week probably demonstrates the aphorism. "I'm all in favor of high-tech solutions but what happens if I only want (ahem) a Number One?" he asked. I read, and read again, and couldn't find the slightest thing funny about it. Then I realized that it must be a Brit thing.

We call it a Bowel MOVEMENT in North American English


Image Uploading

by in CodeSOD on

The startup life is difficult, at the best of times. It's extra hard when the startup's entire bundle of C-level executives are seniors in college. For the company Aniket Bhattacharyea worked for, they had a product, they had a plan, and they had funding from a Venture Capitalist. More than funding, the VC had their own irons in the fire, and they'd toss subcontracting work to Aniket's startup. It kept the lights on, but it also ate up their capacity to progress the startup's product.

One day, the VC had a new product to launch: a children's clothing store. The minimum viable product, in this case, was just a Magento demo with a Vue Storefront front-end. Strict tutorial-mode stuff, which the VC planned to present to stakeholders as an example of what their product could be.


Junior Reordering

by in CodeSOD on

"When inventory drops below the re-order level, we automatically order more," was how the product owner described the requirement to the junior developer. The junior toddled off to work, made their changes. They were not, however, given sufficient supervision, any additional guidance, or any code-reviews.

Dan found this in production:


The Contract Access Upgrade

by in Feature Articles on

Microsoft Access represents an "attractive nuisance". It's a powerful database and application development platform designed to enable end users to manage their own data. Empowering users is, in principle, good. But the negative side effect is that you get people who aren't application developers developing applications, which inevitably become business critical.

A small company developed an Access Database thirty years ago. It grew, it mutated, it got ported from each Access version to the next. Its tendrils extended outwards, taking over more and more of the business's processes. The ability to maintain and modify the database decayed, updates and bugfixes got slower to make, the whole system got slower. But it limped along roughly at the speed the business required… and then Larry, the user who developed, retired.


A Sniff

by in CodeSOD on

In November of 2020, the last IE release happened, and on June 15th of this year, the desktop app officially lost support on Windows 10. But IE never truly dies.

Eleanor inherited a web application for a news service. And, you won't be shocked that it's still doing user-agent sniffing to identify the browser. That's just plain bad, but by the standards of user-agent sniffing, it's not terrible code.