|
quote:For all the folks getting excited about my quotes. Here is another - Yes, I am a terrible coder, but I am probably still better than you This is false, even the worst coders know when to quit. Edit: Or should I say, in PHP this is something `like` false.
|
# ? Jun 12, 2013 07:43 |
|
|
# ? Jun 8, 2024 08:36 |
|
Tiny Bug Child posted:Having heterodox opinions on type systems doesn't make you a "troll". And if you're going to go quote mining, you might as well include what I had to say about this when Hacker News got their panties a-twist about this three months ago: And yet that post is still as stupid today as it was 3 months ago.
|
# ? Jun 12, 2013 07:51 |
|
hackbunny posted:Oh gently caress PHP, gently caress it hard. Is there a saner language that compiles to PHP, like CoffeScript compiles to Javascript? This poo poo is un-loving-believable Are you using an IDE? Those usually have some inspection tools to help find problematic code. == vs === isn't really that big of a deal.
|
# ? Jun 12, 2013 09:20 |
|
hackbunny posted:I want to punch this page in the ear and you too for suggesting it. We get it Joel, you're an IT entrepreneur who was the youngest PM at Microsoft and held his own against Bill loving Gates, jesus christ stop fellating yourself for two seconds. And I used to admire the guy and follow his blog religiously I even remember this particular entry and used to remember it fondly Thanks for making me realize what kind of idiot I was, I guess? Some people are on a very high horse.
|
# ? Jun 12, 2013 09:30 |
|
Pilsner posted:It was written 8 years ago. You used to love the article, Joel probably wrote it with confidence back then. Why do you assume that Joel (not that I know him personally or anything) still thinks that article is great and holds water? Everyone in software thinks their own work and opinions from 8 years ago stink. It's more the fact that Joel comes across as a complete tool
|
# ? Jun 12, 2013 09:42 |
|
Jewel posted:
For the punchline, click http://msdn.microsoft.com/en-us/library/aa260976(v=vs.60).aspx and scroll to the code sample.
|
# ? Jun 12, 2013 10:06 |
|
hieronymus posted:For the punchline, click http://msdn.microsoft.com/en-us/library/aa260976(v=vs.60).aspx and scroll to the code sample. "In closing, it is evident that the conventions participated in making the code more correct, easier to write, and easier to read. Naming conventions cannot guarantee good code, however; only the skill of the programmer can. "
|
# ? Jun 12, 2013 10:09 |
|
quote:PsyCreate is a good procedure name; PsyCreateCw would have been even better. I don't even
|
# ? Jun 12, 2013 10:44 |
|
Innocent Bystander posted:This is false, even the worst coders know when to quit. If you believe that then you've certainly had a charmed career.
|
# ? Jun 12, 2013 12:38 |
|
Wheany posted:Are you using an IDE? Those usually have some inspection tools to help find problematic code. However, this particular PHP discussion got started by the fact that PHP's switch construct uses == comparison. Having to work around that isn't very convenient, and it is a potential source of bugs.
|
# ? Jun 12, 2013 14:15 |
|
hackbunny posted:I don't even oppan coding style
|
# ? Jun 12, 2013 16:25 |
|
Hammerite posted:However, this particular PHP discussion got started by the fact that PHP's switch construct uses == comparison. Having to work around that isn't very convenient, and it is a potential source of bugs. Cast the input of the switch to a string. Problem solved. Edit: Also the cases. Strong Sauce fucked around with this message at 17:59 on Jun 12, 2013 |
# ? Jun 12, 2013 17:39 |
|
Strong Sauce posted:Cast the input of the switch to a string. Problem solved. code:
|
# ? Jun 12, 2013 17:59 |
|
Deus Rex posted:In our case, the strings to be compared were HMAC-MD5 hashes. The 'final fix' which almost certainly leaks the correct signature through the timing side channel?
|
# ? Jun 12, 2013 20:45 |
|
ctz posted:The 'final fix' which almost certainly leaks the correct signature through the timing side channel? non-constant time string comparison
|
# ? Jun 12, 2013 21:41 |
|
Hammerite posted:
touché
|
# ? Jun 12, 2013 22:11 |
|
Hammerite posted:
The fact that the default block gets executed is the coup de grâce. What the gently caress? edit: Wait, this isn't as bad as it appears. PHP has fallthrough, so of course it does. Dessert Rose fucked around with this message at 00:34 on Jun 13, 2013 |
# ? Jun 13, 2013 00:32 |
|
Dessert Rose posted:The fact that the default block gets executed is the coup de grâce. What the gently caress? PHP switch statements fall through intentionally. It's not that unusual, C and others do as well. Whether or not fallthrough is worthwhile is a whole different argument. e: I am a really slow poster. zeekner fucked around with this message at 00:40 on Jun 13, 2013 |
# ? Jun 13, 2013 00:37 |
|
However, if you add in the breaks yourself it still executes the first statement rather than the second.
|
# ? Jun 13, 2013 00:46 |
|
I'll let you absorb this for a little while.php:<? while ($row = mysql_fetch_row($resultAlerts)) { list($alertID, $alertSQL, $databaseLink, $alertLink, $alertName, $sort) = $row; //be sure to make sure the vars are set eval('$alertSQL = "' . $alertSQL . '";'); if ($databaseLink == null) { $databaseLink = null; } else { $databaseLink = '_' . $databaseLink; $databaseLink = $this->$databaseLink; } $resultAlert = ConnectToDatabaseWithLink($alertSQL, $databaseLink); $alertCount = mysql_num_rows($resultAlert); if ($alertCount > 0) { //set some text vars based on the count if ($alertCount == 1) { $s = ''; $es = ''; $hasHave = 'has'; $doDoes = 'does'; } else { $s = 's'; $es = 'es'; $hasHave = 'have'; $doDoes = 'do'; } //update the text with the link and replace the vars eval('$alertName="' . $alertName . '";'); //show the alert to users $returnVal .= '<div class="pinkBox"> <p class="warningTitle">' . $alertName . '</p> <p class="warningText"><span class="warningLink"><a href="' . $alertLink . '">' . $alertCount . '</a></span><br /></p> </div>'; } } ?> It's evaling and then executing SQL code that it pulls out of the loving database. It gets worse... code:
|
# ? Jun 13, 2013 01:48 |
|
code:
|
# ? Jun 13, 2013 01:59 |
|
Suspicious Dish posted:
Not exactly, but pretty close to (actually it used to use SQL injection as a feature elsewhere in the code with the justification "but the script is private!". I fixed it and shouted at people.) To be fair, the code is quite old for a PHP project (the oldest code that's still in use was written, at best guess, in '99). A lot of it was also written by someone who, although a nice guy, had no loving idea what he was doing, and the boss eventually let him go because his code was dangerously bad, and has now hired better people to drag this thing kicking-and-screaming into a secure system. bobthecheese fucked around with this message at 02:05 on Jun 13, 2013 |
# ? Jun 13, 2013 02:02 |
|
What's the most indented line of code you've ever seen? I've got one that's 19 levels deep, which with 4 spaces per tab means that the line in question begins at column 77. I don't really care about the old 79-chars-per-line rule when doing C#, but you know something is wrong when you're practically already there before you've even written anything. I won't show the actual method since it's 777 lines long, but here's what the hierarchy looks like: code:
C# code:
|
# ? Jun 13, 2013 07:42 |
|
More adventures in legacy code. Today I found this in the entry point of one of our web scripts:code:
|
# ? Jun 13, 2013 08:35 |
|
Ephphatha posted:More adventures in legacy code. Today I found this in the entry point of one of our web scripts: Well now you know what caused those weird Heisenbugs in other projects.
|
# ? Jun 13, 2013 10:13 |
|
My advisor in grad school (physics) suggested indenting as much as possible in Python in order to help with flow control. So while I was writing stuff like this:Python code:
Python code:
|
# ? Jun 13, 2013 10:39 |
|
QuarkJets posted:My advisor in grad school (physics) suggested indenting as much as possible in Python in order to help with flow control. So while I was writing stuff like this: Python code:
|
# ? Jun 13, 2013 11:08 |
|
Ephphatha posted:or why those particular PIDs were being killed (especially since PIDs are assigned on process spawn, they can't have been targetting a specific process...). At a job I used to have, before I took over system administration, the only way that my boss knew to reload the DNS configuration was "kill -1 81" or reboot the machine so that the pid was right again.
|
# ? Jun 13, 2013 12:39 |
|
Civil Twilight posted:At a job I used to have, before I took over system administration, the only way that my boss knew to reload the DNS configuration was "kill -1 81" or reboot the machine so that the pid was right again. cargo culting at its best
|
# ? Jun 13, 2013 13:43 |
|
Suspicious Dish posted:I love corporate open-source dumps. This is actually a pretty normal diffuse-only pixel shader. It might be a horror that you need one in the first place, if all you want to do is return the input color, but that's hardly Sony's fault
|
# ? Jun 13, 2013 13:44 |
|
Sagacity posted:This is actually a pretty normal diffuse-only pixel shader. It might be a horror that you need one in the first place, if all you want to do is return the input color, but that's hardly Sony's fault Could you give us (me) a capsule explanation of why you'd need this? I'm curious to get an actual understanding.
|
# ? Jun 13, 2013 13:50 |
|
The Gripper posted:Your advisor is a pretty terrible person Bad code => bad person, yeah no problems with that worldview especially when applied to people whose actual job isn't programming. I'd imagine a physics professor employing Python for number-crunching doesn't have much need for a distinction between "development" and "production" code, either.
|
# ? Jun 13, 2013 13:54 |
|
Sagacity posted:This is actually a pretty normal diffuse-only pixel shader. It might be a horror that you need one in the first place, if all you want to do is return the input color, but that's hardly Sony's fault Of course that only works if the unquoted rest of the pass is equally trivial and it's not just an auto-generated file header.
|
# ? Jun 13, 2013 13:56 |
|
prefect posted:Could you give us (me) a capsule explanation of why you'd need this? I'm curious to get an actual understanding. Although, yes, maybe I should've followed RoadCrewWorker's cue and laughed at the CONFIDENTIAL message.
|
# ? Jun 13, 2013 15:09 |
|
prefect posted:Could you give us (me) a capsule explanation of why you'd need this? I'm curious to get an actual understanding. If your vertex shader provides a colour directly you still need to provide a pixel shader to link that to the output stage.
|
# ? Jun 13, 2013 15:35 |
|
Note that such shaders are extremely common to the point where it's one of the few shaders drivers usually detect and have a special fast path for. I was laughing at the SONY CONFIDENTIAL header, which they also slapped on a few other no-op shaders, a blank header file, and a copy of malloc.c from an old glibc.
|
# ? Jun 13, 2013 15:44 |
|
But writing a sed script to remove the SONY CONFIDENTIAL header before doing the open source dump would have been haaaaaaaaaarrrrrrrrrddddddd.
|
# ? Jun 13, 2013 16:07 |
|
I'm used to these 30-line copyright notices at the top of C++ projects in our company. I have no idea why they are on there since the source code's for internal use only. Maybe they enjoy scrolling down after opening a file.
|
# ? Jun 13, 2013 16:14 |
|
You should have copyright notices on code for internal use, thought I struggle to imagine how you get one to 30 lines. The one I usually paste in iscode:
|
# ? Jun 13, 2013 16:23 |
|
|
# ? Jun 8, 2024 08:36 |
|
We just havecode:
|
# ? Jun 13, 2013 16:53 |