|
Oh God Forbid someone mock a dumb teenager When it comes to coding horror, the coding gods do not care for your age, race, gender, or anything else. If you are writing code then they will ensure that your code is bad. Hallelujah
|
#
?
Sep 15, 2021 16:55
|
|
|
|
| # ? Jun 7, 2024 08:34 |
|
|
I love code like this because it's a testament to what you can get done if you free yourself from the shackles of aesthetic judgment and best practices and so on. If anything I envy people who can work like this.
|
|
#
?
Sep 15, 2021 16:58
|
|
|
Dehumanize yourself and face to ten levels of indent
|
|
#
?
Sep 15, 2021 18:11
|
|
|
QuarkJets posted:Oh God Forbid someone mock a dumb teenager hahaha.. this is true too. Hallelujah
|
|
#
?
Sep 16, 2021 08:01
|
|
|
It's a spambot, they deserve it.
|
|
#
?
Sep 16, 2021 08:35
|
|
|
Hammerite posted:SQL Server has always seemed more gratuitously complicated. I used it a few months ago and I think I just clicked Next until the progress bars showed? It might have required a restart which 😒 NihilCredo posted:upgrades  hah
|
|
#
?
Sep 17, 2021 16:18
|
|
|
php:<?
// SCMG, 06/30/2008: validating username first to eliminate sql injection
// characters from being passed to auth class
$valUserName = new Zend_Validate_Regex("/^([a-zA-Z0-9\.\@\-\_]{6,100})$/");
?> thankfully I joined this company in 2014 so this isn't mine
|
|
#
?
Sep 17, 2021 19:46
|
|
|
Golbez posted:
is it bad that my first thought is "at least it's not trying to ban the word select, update, where"
|
|
#
?
Sep 17, 2021 19:59
|
|
|
Golbez posted:
PHP with a closing tag suggests further horrors, such as this code being in the middle of some HTML
|
|
#
?
Sep 18, 2021 00:42
|
|
|
rt4 posted:PHP FTFY
|
|
#
?
Sep 18, 2021 01:53
|
|
|
rt4 posted:PHP with a closing tag suggests further horrors, such as this code being in the middle of some HTML Horrors abound, but in this case those are just added by the bbcode php tag.
|
|
#
?
Sep 18, 2021 02:08
|
|
|
My horror is looking at coding jobs and every one being JavaScript
|
|
#
?
Sep 18, 2021 14:52
|
|
|
hyphz posted:My horror is looking at coding jobs and every one being JavaScript why? JS is pretty good
|
|
#
?
Sep 18, 2021 20:10
|
|
|
lol the horror is coming from inside the thread!!
|
|
#
?
Sep 18, 2021 20:17
|
|
|
Biowarfare posted:why? JS is pretty good QuarkJets posted:lol the horror is coming from inside the thread!!
|
|
#
?
Sep 18, 2021 20:21
|
|
|
js is legit trash
|
|
#
?
Sep 18, 2021 21:02
|
|
|
Biowarfare posted:why? JS is pretty good lol
|
|
#
?
Sep 18, 2021 22:57
|
|
|
Scaevolus posted:https://github.com/maleesha2005/smsspammer/blob/050ab98191e9b64e470c02d0043697dd5c3b1649/smsspammer.py#L19 I feel like the real horror here is how most of those apis work. Just a quick look through how those requests are constructed and these organisations presumably had teams or at least hired "real" developers that thought it was fine to expose public apis like this. Some are unauthenticated, some use basic auth with what appear to be hardcoded service accounts credential shipped with the front end. Most seem to not require verification of other account information before sending messages to their users phone etc.
|
|
#
?
Sep 18, 2021 23:53
|
|
|
I am a huge fan of JS, but eh. - Is prototype based instead of class based. The average programmer only understand class so is like giving a monkey a gun. - Is single threaded - Bad float pointer math - Using + for concatenation (and this triggering hilarious conversions) - Theres more than 100 ways to do one thing - Lack of a import system to write modular (this has ben solved in modern versions) - Lack of a strict mode that required strong typing. - == triggering the hilarious conversion system Is a fun language and I love it to bits, but is setup to create a lot of problems for the average programmer. Tei fucked around with this message at 08:12 on Sep 19, 2021 |
|
#
?
Sep 19, 2021 00:16
|
|
|
All of the mandatory async in the browser APIs is the worst part
|
|
#
?
Sep 19, 2021 00:42
|
|
|
javascript, or ecmascript whatever hair you want to split there, as a language is a normal and fine language that can do impressive things given the amount of work and intelligence put into its most popular interpreter and execution stacks. The concept of just-in-time javascript rendering of everything on the internet, the dev-side ecosystem that has sprung up around it, the design practices it has enabled, etc etc are loving dog poo poo though
|
|
#
?
Sep 19, 2021 00:59
|
|
|
These days the language isn’t the problem, it’s the people who use it.
|
|
#
?
Sep 19, 2021 01:13
|
|
|
Xik posted:I feel like the real horror here is how most of those apis work. (…) some use basic auth with what appear to be hardcoded service accounts credential shipped with the front end. I actually just fixed this at a job not too long ago. I found out we were putting a token in plain text in the html doc and that token could be used in a few of our apis to change some data.
|
|
#
?
Sep 19, 2021 04:19
|
|
|
Xik posted:I feel like the real horror here is how most of those apis work. Just a quick look through how those requests are constructed and these organisations presumably had teams or at least hired "real" developers that thought it was fine to expose public apis like this. Some are unauthenticated, some use basic auth with what appear to be hardcoded service accounts credential shipped with the front end. Most seem to not require verification of other account information before sending messages to their users phone etc. Buddy, I've got some very bad news about the vast majority of people in nearly all businesses.
|
|
#
?
Sep 19, 2021 19:30
|
|
|
Volmarias posted:Buddy, I've got some very bad news about the vast majority of people in nearly all businesses.
|
|
#
?
Sep 20, 2021 02:55
|
|
|
Volmarias posted:Buddy, I've got some very bad news about the vast majority of people in nearly all businesses. I've worked as a software dev in the medical insurance and finance industry so I'm unfortunately already painfully aware...
|
|
#
?
Sep 20, 2021 09:07
|
|
|
Vanadium posted:I love code like this because it's a testament to what you can get done if you free yourself from the shackles of aesthetic judgment and best practices and so on. If anything I envy people who can work like this. I used to be one of those people. My first real coding project (hobby project) was writing a PHP site from scratch without even using a framework because I didn't even know enough to realise that frameworks existed. The code was dogshit but it worked... poorly. Now I have a better idea of how to write decent quality code, and yet I am so much less productive than I was then when I was just typing garbage PHP into a text editor and debugging it on the live site. Not knowing you are doing it wrong is in a way the absence of a constraint.
|
|
#
?
Sep 21, 2021 10:28
|
|
|
Writing bad code is like spitting straight up. It may feel good for a second, but then the spit lands on your face again. Writing bad code would be like get asked to wear adult diapers with poo poo in it, and then travel like that from New York to San Francisco. Is real bad for your mental health. Tei fucked around with this message at 12:24 on Sep 21, 2021 |
|
#
?
Sep 21, 2021 12:21
|
|
|
Everyone has a certain number of lines of bad code in them that they have to write before they can write good code For some people it is more and for some people it is less but everyone has to get the bad code out of their system before they can start producing good code. I sincerely believe it
|
|
#
?
Sep 21, 2021 12:36
|
|
|
Hammerite posted:Everyone has a certain number of lines of bad code in them that they have to write before they can write good code I sincerely believe that if you don't look at the code you wrote two years ago and go 'ugh', it's a sign you're not learning anything.
|
|
#
?
Sep 21, 2021 12:50
|
|
|
UraniumAnchor posted:I sincerely believe that if you don't look at the code you wrote
|
|
#
?
Sep 21, 2021 13:24
|
|
|
UraniumAnchor posted:I sincerely believe that if you don't look at the code you wrote two days ago and go 'ugh', it's a sign you're not learning anything. Fixed that for you. Edit, too slow
|
|
#
?
Sep 21, 2021 13:28
|
|
|
If you don't hate yourself as soon as you've thought of something you want to do in the future, what are you even etc.
|
|
#
?
Sep 21, 2021 13:42
|
|
|
I'm integrating with a third party API. They use OAuth2! Good! They don't have any way for me to get a client ID and secret. Bad. Emailed their tech support, they can help! Good! Except they actually sent me a token, and it's just a base64 representation of literally "client:secret". The client ID is "client" and the secret is "secret". Uhhh, I'm no OAuth2 expert, but that doesn't seem right...?  Aren't you typically supposed to be able to generate your own client and secret as a developer?
|
|
#
?
Sep 21, 2021 15:33
|
|
|
Protocol7 posted:I'm integrating with a third party API. Problem found.
|
|
#
?
Sep 21, 2021 15:39
|
|
|
Protocol7 posted:Aren't you typically supposed to be able to generate your own client and secret as a developer?
|
|
#
?
Sep 21, 2021 15:52
|
|
|
Sagacity posted:I guess, but this is basically the same as them sending you an API key. It's not great, but it's also not unheard of. Except from the sounds of it everyone is getting the same API key?
|
|
#
?
Sep 21, 2021 16:02
|
|
|
Sagacity posted:I guess, but this is basically the same as them sending you an API key. It's not great, but it's also not unheard of. Yeah I think it would be normal for a well-built system, intended for third-party devs to interface with, that they give you some kind of API for registering your client. It's not essential* for all use cases for OAuth but I would be asking myself the same questions in the situation you describe (even if the "secret" was something halfway appropriate) * for example, we created an OAuth provider for our various web resources to use for authentication to a central store of users. There was no need to provide an API for registering clients there, because they can be hardcoded - if we need to add, change or remove a client we can just deploy a new version with the relevant changes made.
|
|
#
?
Sep 21, 2021 16:04
|
|
|
NtotheTC posted:Except from the sounds of it everyone is getting the same API key? But isn't it the same when you use a key for accessing the Google Maps API from your website?
|
|
#
?
Sep 21, 2021 20:11
|
|
|
|
| # ? Jun 7, 2024 08:34 |
|
|
Sagacity posted:Well, I assume it's not literally the text "client" and "secret"?
|
|
#
?
Sep 21, 2021 20:18
|
|
