|
Below code help you get database backup simple ____________________/
|
# ? Apr 19, 2010 08:00 |
|
|
# ? May 14, 2024 20:18 |
|
Monkeyseesaw posted:This is largely moot anyway. He's not writing unit tests for a drat school assignment. I ended up overloading the method and doing both. code:
|
# ? Apr 20, 2010 00:01 |
|
abiogenesis posted:I ended up overloading the method and doing both. I'm not really sure those qualify as horrors per se. Good coding practices taken to their extreme, sure, but when dealing with students you can't expect them to understand the difference between a 30-line method that really just needs to be 30 lines and a 30 line method that needs to be broken into pieces.
|
# ? Apr 20, 2010 00:27 |
|
Ryouga Inverse posted:I'm not really sure those qualify as horrors per se. Good coding practices taken to their extreme, sure, but when dealing with students you can't expect them to understand the difference between a 30-line method that really just needs to be 30 lines and a 30 line method that needs to be broken into pieces. Seriously? When I was in school it seemed that every CS major knew without being told to make a function when you're going to re-use the same code in several places. Doing it arbitrarily is just confusing and stupid.
|
# ? Apr 20, 2010 00:30 |
|
rt4 posted:Seriously? You must have gone to a pretty high-grade school, then, because I work with CS grads that think copypasta is a valid development strategy.
|
# ? Apr 20, 2010 00:35 |
|
abiogenesis posted:I ended up overloading the method and doing both. This requirement is actually very good as long as the functions are doing small things. Calling functions isn't just about code reuse. They are also for defining simple concise behaviors/operations. If it is a coding horror, then I am a coding horror since I don't tend to write more then 5-10 lines in a function without breaking it down (declarations or exception catching are an exception). They also make more sense once you learn a functional languages or languages which allow functional like operations Edit: I added the concise behaviors part and the part of where you should learn this. Edit 2: You'll wish everyone used such a rule when on the first project you get assigned to is to maintain your coworkers code who believed in copy/paste and 50+ line functions. HFX fucked around with this message at 04:03 on Apr 20, 2010 |
# ? Apr 20, 2010 03:49 |
|
HFX posted:This requirement is actually very good as long as the functions are doing small things. Calling functions isn't just about code reuse. They are also for defining simple concise behaviors/operations. If it is a coding horror, then I am a coding horror since I don't tend to write more then 5-10 lines in a function without breaking it down. Obviously the problem is having overly strict rules with no room for exceptions. It's fine as a general guideline, not as a hard and fast rule that everyone must follow at all times.
|
# ? Apr 20, 2010 04:08 |
|
ColdPie posted:Obviously the problem is having overly strict rules with no room for exceptions. It's fine as a general guideline, not as a hard and fast rule that everyone must follow at all times. However, for most students if you give them a chance to ignore the rule, they will do it constantly.
|
# ? Apr 20, 2010 04:15 |
|
HFX posted:However, for most students if you give them a chance to ignore the rule, they will do it constantly. Yes, it's exactly like goto. Students have not yet learned the judgment necessary to determine when breaking the rules is warranted.
|
# ? Apr 20, 2010 04:31 |
|
I saw this today:code:
Edit: added hardwrapping to be less annoying shrughes fucked around with this message at 05:42 on Apr 20, 2010 |
# ? Apr 20, 2010 04:53 |
|
The best coding horrors are the ones you yourself implement. Especially when you know you're implementing a coding horror as you do it.
|
# ? Apr 20, 2010 05:04 |
|
This is probably a horror, right?code:
|
# ? Apr 20, 2010 05:53 |
|
Clearly somebody decided recursion was the BEST THING EVER.
|
# ? Apr 20, 2010 06:08 |
|
evensevenone posted:This is probably a horror, right? Someone read the first few pages of the little schemer and decided to try something harder?
|
# ? Apr 20, 2010 06:09 |
|
Plorkyeran posted:Why? I wrote unit tests for nearly every school assignment I did. Things have changed since I was in school. To be fair unit tests were some weird obscure thing the Smalltalk community was pushing at the time.
|
# ? Apr 20, 2010 06:12 |
|
code:
|
# ? Apr 20, 2010 09:40 |
|
Dijkstracula posted:
|
# ? Apr 20, 2010 16:26 |
|
PrBacterio posted:Now if only the C++ compiler optimized tail calls not to use any stack space Uhh, most do.
|
# ? Apr 20, 2010 16:27 |
|
king_kilr posted:Uhh, most do. You sure about this? Last I heard C and C++ compilers were generally "loving terrible" at tco and trampolining
|
# ? Apr 20, 2010 17:06 |
|
Otto Skorzeny posted:You sure about this? Last I heard C and C++ compilers were generally "loving terrible" at tco and trampolining http://www.linux-kongress.org/2009/slides/compiler_survey_felix_von_leitner.pdf posted:gcc has removed tail recursion for years. icc, suncc and msvc don’t.
|
# ? Apr 20, 2010 20:27 |
|
Ugg boots posted:http://www.linux-kongress.org/2009/slides/compiler_survey_felix_von_leitner.pdf posted: That paper talks about C, though. I'd imagine the situation would be pretty different in C++ when you have objects on the stack that needs destruction.
|
# ? Apr 20, 2010 21:03 |
|
I wondered whether clang would perform TCO, and was pleasantly surprised:The LLVM Docs posted:Tail call optimization
|
# ? Apr 20, 2010 21:21 |
|
LLVM actually does two kinds of TCO: an IR-level optimization which rewrites recursive tail calls into loops, and a machine-level optimization which turns tail calls into jumps. That page is only talking about the latter; the former is target-independent and done at -O1 and higher.
|
# ? Apr 20, 2010 22:05 |
|
Exxxxxtreeeeeeme MUMPS!
|
# ? Apr 20, 2010 22:41 |
|
|
# ? Apr 20, 2010 23:10 |
|
Mustach posted:Exxxxxtreeeeeeme MUMPS! Example challenge: Convince your coworkers that the following is not an appropriate response to "I found a security vulnerability that allows a user to execute arbitrary code on the database server": quote:This is a known issue. There are few ways to avoid this:
|
# ? Apr 20, 2010 23:14 |
|
Shouldn't you be cleaning the input as close to where it gets input as possible? Not right before it gets to the database?
|
# ? Apr 21, 2010 01:12 |
|
evensevenone posted:Shouldn't you be cleaning the input as close to where it gets input as possible? Not right before it gets to the database? If you sanitize input on a client application but not at the server layer, you're only going to prevent honest mistakes. It doesn't hurt to sanity check on several layers, but anything that touches the database is the most important link in the chain.
|
# ? Apr 21, 2010 01:17 |
|
Basically the library required you to know its internal implementation in order to be safe, since you called it likecode:
code:
Avenging Dentist fucked around with this message at 01:34 on Apr 21, 2010 |
# ? Apr 21, 2010 01:32 |
|
evensevenone posted:Shouldn't you be cleaning the input as close to where it gets input as possible? Not right before it gets to the database?
|
# ? Apr 21, 2010 01:44 |
|
Plorkyeran posted:There's a difference between invalid input and input that has to be escaped. "gently caress you" in a phone number field should probably be rejected by the UI, but "O'Connor" in a name field certainly shouldn't be rejected. It might need to be escaped prior to being sent to the database, but that should be handled by the code that actually calls the database, not some higher level module. Sanitizing DB inputs is a coding horror. Prepared statements guys, or are you all 12 year old PHP script kiddies.
|
# ? Apr 21, 2010 02:19 |
|
Plorkyeran posted:There's a difference between invalid input and input that has to be escaped. "gently caress you" in a phone number field should probably be rejected by the UI, but "O'Connor" in a name field certainly shouldn't be rejected. It might need to be escaped prior to being sent to the database, but that should be handled by the code that actually calls the database, not some higher level module. There's also the small matter of free text comment fields, where there essentially is no invalid input; someone can enter "Comment' DROP TABLE TRANSACTIONS" if they want to, and there shouldn't be anything wrong with that. Edit: Avenging Dentist posted:with no indication in any of the documentation that that's how it actually worked. Zhentar fucked around with this message at 02:35 on Apr 21, 2010 |
# ? Apr 21, 2010 02:28 |
|
king_kilr posted:Sanitizing DB inputs is a coding horror. Prepared statements guys, or are you all 12 year old PHP script kiddies.
|
# ? Apr 21, 2010 02:39 |
|
king_kilr posted:Sanitizing DB inputs is a coding horror. Prepared statements guys, or are you all 12 year old PHP script kiddies. Yes but you see the mysql() functions are so fast and those database libraries are so bloated and I am designing my application for speed and I am a genius and I will ignore all of your suggestions and/or build my own DB library Hey guys I don't understand why this nested loop is taking so long
|
# ? Apr 21, 2010 04:12 |
|
Ryouga Inverse posted:The best coding horrors are the ones you yourself implement. Especially when you know you're implementing a coding horror as you do it. Case in point. code:
|
# ? Apr 21, 2010 14:48 |
|
Code that actually apologizes for existing is the cutest thing ever. Until you have to do something about it, then it's like taking a kitten out the back with a shotgun.
|
# ? Apr 21, 2010 17:13 |
|
I have a friend that has been using the same SQL class he made for .Net for years. I feel dirty having used it, but I was a brand new programmer and didn't know any better at the time. Basically, in order to prevent SQL injections, he does the following for string values: -Replaces " with " -Replaces ? with &quest -Replaces ' with &apost And then he has to replace those back and forth each time. He does this for all strings, not just encoding html strings or something(which wouldn't work anyway since he doesn't use the correct format).
|
# ? Apr 21, 2010 18:55 |
|
rt4 posted:Yes but you see the mysql() functions are so fast and those database libraries are so bloated and I am designing my application for speed and I am a genius and I will ignore all of your suggestions and/or build my own DB library
|
# ? Apr 21, 2010 19:02 |
|
PhonyMcRingRing posted:-Replaces " with "
|
# ? Apr 21, 2010 21:09 |
|
|
# ? May 14, 2024 20:18 |
|
Isn't the only thing you need to do to prevent SQL injection is to just use compiled statements?
|
# ? Apr 21, 2010 23:50 |