|
Gazpacho posted:Just found this test case in my project, recently added by a dev who had given notice and is gone now. Does it at least test the thingy?
|
# ? Mar 4, 2014 01:05 |
|
|
# ? Jun 6, 2024 20:59 |
|
IDK, he wrote a failing test first-thing, seems very TDD to me. (e: joking, obvi)
ManoliIsFat fucked around with this message at 20:38 on Mar 4, 2014 |
# ? Mar 4, 2014 01:16 |
|
"Thingy" isn't something I substituted, that's from the actual test case name. As to whether it tests the thingy, whatever it may be, your guess is as good as mine.
|
# ? Mar 4, 2014 01:21 |
|
ohgodwhat posted:Ah, but what about X tunneling over SSH to Windows, where you then have to copy and paste text into gedit if you wanted to transfer something to the server? Oh and then you need to transfer binary files this way because SCP and its ilk are a security risk? You still didn't have to use any Cirtix software so it's a marginally less lovely experience.
|
# ? Mar 4, 2014 20:27 |
|
http://www.php.net/manual/en/function.debug-backtrace.php#110066 hi
|
# ? Mar 4, 2014 22:18 |
|
diyism indeed
|
# ? Mar 4, 2014 22:42 |
|
So a couple pages back I posted some code from a plugin app that output a .doc file by way of utilizing an implementation of a PHP Word file generator library on a random other website (that was evidently not under the dev's control despite him insisting it was, seeing as how he never did manage to correct the 404 when the script he was relying on was deleted/moved/renamed). Anyways, the problem has been solved in the new update:PHP code:
The best part is that the guy running the show is either unaware that his thing no longer produces .docs, or he's chosen to just not tell anyone. Either way it's pretty bad.
|
# ? Mar 5, 2014 01:20 |
|
One of our apps is going to be collecting seriously confidential data and as such requires a very long and very arduous audit process. To make the process smoother, we're testing the app right now to make sure that the code the subcontractor delivered is up to snuff. The first red flag that this was going to be an awful experience was when we found that the deliverable had the index.php file and the application folder both in the project root. Turns out that no one bothered to secure routes against requests to the folder structure so by going to site.com/application/config/db.ini you can get the database credentials. Thanks lovely dev shop!
|
# ? Mar 5, 2014 03:09 |
|
Blinkz0rz posted:One of our apps is going to be collecting seriously confidential data and as such requires a very long and very arduous audit process.
|
# ? Mar 5, 2014 04:02 |
|
Scaevolus posted:I experienced a payroll company with a world-readable W-2 directory filled with thousands of PDFs. This site involves collecting data on prison rape incidents.
|
# ? Mar 5, 2014 04:15 |
|
Here's the thing making me cry: Client's Developer: How do I test your new component that's not merged into production yet? When I go to the production site your component has some issues. Can you provide an ETA for the fix? Me: It's not merged into production yet, so you'll need to test on a build that includes the component. Client's Developer: I tested on our dev site and there's a whole bunch of issues. What's the ETA for when this will be fixed? Me: You need to test on a site that actually has pages upon which to test. Client's Developer: I pulled some pages over to our dev site and there's still some issues. Per my previous request, can we get an ETA for when this issue will be fixed? There's still at least 3 issues with the most recent "testing" set up. It takes 100% of my willpower to contain the mocking, which leaves me with no energy to provide an ETA.
|
# ? Mar 5, 2014 05:24 |
|
Blinkz0rz posted:This site involves collecting data on prison rape incidents. Welp, gonna have to say you win "whose site's private info is worse to leak" here
|
# ? Mar 5, 2014 05:34 |
|
Volmarias posted:Welp, gonna have to say you win "whose site's private info is worse to leak" here Australia had a hell of a leak recently. Full details of 10,000 or so refugees on a public facing site. Imagine their fear of persecution just got a lot higher if intelligence agencies of the country they fled got a hold of the information.
|
# ? Mar 5, 2014 08:30 |
|
Volmarias posted:Welp, gonna have to say you win "whose site's private info is worse to leak" here I mean, the good news is we caught it before it went into production, but Jesus Christ, what kind of idiot subcontractor does something like this? Although it should have been pretty clear when they delivered a product built on Zend 1...
|
# ? Mar 5, 2014 12:41 |
|
More fun with PHP, as per here.code:
code:
|
# ? Mar 5, 2014 12:51 |
|
Presumably because they are coerced to int 0 before the comparison?
|
# ? Mar 5, 2014 12:55 |
|
..btt posted:Presumably because they are coerced to int 0 before the comparison? ...and that's why strcmp exists!
|
# ? Mar 5, 2014 12:56 |
..btt posted:Presumably because they are coerced to int 0 before the comparison? And only because the == operator is used, if you use === the comparison fails as you'd expect. PHP still assumes the programmer is stupid. "Sure that's a string, but it looks like a number! Here I'll make it a number for you."
|
|
# ? Mar 5, 2014 12:58 |
|
Blinkz0rz posted:I mean, the good news is we caught it before it went into production, but Jesus Christ, what kind of idiot subcontractor does something like this? I hope you had a competent security contractor review everything in addition to yourself.
|
# ? Mar 5, 2014 13:14 |
|
Volmarias posted:I hope you had a competent security contractor review everything in addition to yourself. His review starts next Monday, thank god.
|
# ? Mar 5, 2014 13:22 |
|
code:
|
# ? Mar 5, 2014 13:26 |
|
eithedog posted:
I'm going to guess that the page isn't on a timer and everything falls to its knees when you resize it.
|
# ? Mar 5, 2014 13:38 |
|
EntranceJew posted:I'm going to guess that the page isn't on a timer and everything falls to its knees when you resize it. Yup - that's the thing that's most inherently wrong here. How many more wrong things can you spot?
|
# ? Mar 5, 2014 14:19 |
|
eithedog posted:
I didn't even know that it's possible to declare a variable twice like that, but I just tried it out in a console and it worked.
|
# ? Mar 5, 2014 14:35 |
|
A week of my own time and a week of the team lead's time has made it clear that we can't figure out how to properly have one $.ajax call trigger another in all cases. What we were doing was POSTing up a picture then a view model of form data. It worked but not if we had to go back to the page for validation reasons. The workaround is to just do one big ajax of a huge view model, which includes a base64 encoded jpg picture now. The real fun in this is that our idiom for validation is "send back the whole view model as json if it works out correct" and "send the view back and reload the page with that new view, which includes red text for yo fill this in right before you click save again." While the former worked with one ajax calling another, the latter didn't; it did all kinds of undefined behavior that ~NOBODY UNDERSTANDS~. When I asked senior devs before doing this I thought that base64 encoding a picture and throwing it into a view model was an anti pattern - is it? Bleh. Management just wants us to keep pushing out new things, so the clear problem we have with JS events going on right now is just left to smolder and fester. We have a tab control system we've made ourselves using jQuery and knockout, that also sort of has 'state' in a sense in it, which is probably to blame, but no time to commit to finding out what's up yet. I am now at least going back to clean some stuff up, though - we have had so much bike shedding for so long our project's CSS is all but a Polish Plait, so I get to rip poo poo up and show people how less works. We also managed to get the team lead and management to put a stop to the constant bike shedding. I'm just in a permanent state of WTF right now.
|
# ? Mar 5, 2014 21:06 |
|
Optimus Prime Ribs posted:I didn't even know that it's possible to declare a variable twice like that, but I just tried it out in a console and it worked. I would've thought 'use strict' would have something to say about it, but it does not. Can't say I'm surprised about that as default behavior with scoping of JS.
|
# ? Mar 5, 2014 21:13 |
|
Coding horrors: well, at least I'm not being raped in prison
|
# ? Mar 5, 2014 22:36 |
|
2banks1swap.avi posted:A week of my own time and a week of the team lead's time has made it clear that we can't figure out how to properly have one $.ajax call trigger another in all cases. What we were doing was POSTing up a picture then a view model of form data. It worked but not if we had to go back to the page for validation reasons. There's a good chance I'm not understanding your ajax problem fully, but couldn't you just chain promises?
|
# ? Mar 6, 2014 00:29 |
|
necrotic posted:I would've thought 'use strict' would have something to say about it, but it does not. Can't say I'm surprised about that as default behavior with scoping of JS.
|
# ? Mar 6, 2014 00:35 |
|
Gazpacho posted:It's well-established from experience with old C++ compilers that developers don't want their toolset to bark at them for declaring a loop variable named "i" twice in the same function. Yeah, but this is JavaScript.
|
# ? Mar 6, 2014 05:15 |
necrotic posted:Yeah, but this is JavaScript. So what's the huge problem with being able to declare a variable twice exactly? Isn't that what you would expect in JS?
|
|
# ? Mar 6, 2014 05:57 |
|
down with slavery posted:So what's the huge problem with being able to declare a variable twice exactly? Isn't that what you would expect in JS? JavaScript code:
|
# ? Mar 6, 2014 10:05 |
|
Westie posted:
I don't get what you're trying to point out here... unless you're saying that Crockford doesn't do it that way?
|
# ? Mar 6, 2014 10:40 |
|
You don't think of initialization of variables in loops and you just keep doing it over and over, as:code:
code:
edit: vvv dunno what you're trying to say there mate - yes, it stems to that, but why would you want to initialize the same variable twice? (I like to think that author of my initial horror wanted to be double sure that the variable was initialized). and a false edit: Have you kind folks talked about Wordpress yet? For example, if I want to get all the posts of specific type and echo their id I have to do this: code:
canis minor fucked around with this message at 13:27 on Mar 6, 2014 |
# ? Mar 6, 2014 11:17 |
|
eithedog posted:You won't write the second loop without `var`. Unless you're pretty pedantic, idk. While such way of writing doesn't seem incorrect, writing: Without saying that this is a good thing, doesn't the idiot splendour of var hoisting turn it into: code:
|
# ? Mar 6, 2014 12:32 |
eithedog posted:just screams wrong wrong wrong. Why? Why should the interpreter prevent you from setting the value of the variable twice?
|
|
# ? Mar 6, 2014 14:23 |
|
Fullets posted:Without saying that this is a good thing, doesn't the idiot splendour of var hoisting turn it into: No, you don't understand. It just looks wrong. Ok? IT IS WRONG GOSH
|
# ? Mar 6, 2014 14:29 |
|
down with slavery posted:Why? Why should the interpreter prevent you from setting the value of the variable twice? Um... I didn't say that. You can do whatever you want with your variables, but it doesn't mean that certain things won't be awkward or unnecessary.
|
# ? Mar 6, 2014 14:33 |
eithedog posted:Um... I didn't say that. You can do whatever you want with your variables, but it doesn't mean that certain things won't be awkward or unnecessary. You said that it "just screams wrong wrong wrong". I'm asking why. Because of the way variable scoping works in Javascript, there is a benefit (slash it is necessary) of being able to type var to redefine variables.
|
|
# ? Mar 6, 2014 14:34 |
|
|
# ? Jun 6, 2024 20:59 |
|
JavaScript code:
JavaScript code:
|
# ? Mar 6, 2014 14:37 |