Most of the WTFs we get are like light snacks. Some programmer didn't know better, screwed something up, we laugh at it, and hopefully everyone learns something. Other times WTFs are Homerian epics. Today's story is one of those.

Jared L. is our Odysseus in this story. As a fresh college graduate, he landed a good position as a Java webmaster in charge of about 25 web sites. He'd never written a single line of JSP code in his life, but he figured he could pick it up pretty quickly. And during his interview he mentioned that he didn't have any JSP experience, but they made him an offer anyway — it wasn't like he'd lied about his experience level.

What's the Worst...

Jared spent his first four months reading. He read through two thick, dry Java books, and made almost a dozen practice sites to get his feet wet. He didn't have any significant difficulty, but the company still took it upon themselves to hire a consultant to help out, as well as an intern to build a site that had to be done ASAP.

The intern started working on the site immediately, and though Jared wanted to help, he wasn't totally comfortable with Java yet. As months passed and Jared got better at what he was doing, he approached the intern and asked to see what he'd been working on. Not much, apparently.

The intern would play Everquest II for about six hours each day at work, leaving two hours for programming. Still, he told Jared "dude, it's cool, don't worry about anything. It works perfectly! Plus, even in the unlikely event that something goes wrong, they've got my number and I'll be around." Jared was always a little suspicious of any sentence that starts with "dude, it's cool," but didn't press further. After all, Jared had no responsibility over him, and he was the boss's neighbor's kid. Plus they'd probably only be using the site for like a month. What's the worst that could happen?

A few days after launch, Jared had to install Bugzilla specifically to track bugs for the intern's site. At first, he recorded all reported bugs, but that became impractical, so he started to only track showstoppers. The site became the most important site the company had and would be used for years to come.

While Jared could share countless tales of why the site was broken, he felt it was well represented in a code snippet. The intern had a strange way of preventing users from accessing pages that displayed sensitive data:

<%if (!userIsExec)out.println("<!--");%>
      <tr class="defaultstyle">
        <td><a href="peoplecontactinfo.jsp">All People's Contact Data </a></td>
        <td><a href="peopleactionsinfo.jsp">All People In Actions Database </a></td>
       </tr>
<%if (!userIsExec)out.println("-->");%>

So there it is; rather than not writing out the links in the first place, it just comments them out in HTML. Page security that can be defeated by someone clicking "View Source." The admin pages didn't bother to check the user was an executive, either.

In Lieu of a Raise

That was two years ago. Last year, Jared was still at the company, working to fix the intern's application. He was putting in tons of extra hours, but as a salaried employee, didn't reap any benefits other than not being fired. He heard some rumblings that raises were finally coming, and was excited when he was called in to his boss's office to discuss a reward for his contributions.

Jared deserved it, too. He was still finding major errors in the system and had been working 10-12 hour days for months. And all without playing any Everquest II at work! His boss, with a smile, said "you've really been helping out a lot lately. You're always here when I get in at 9:00, and you're still here when I leave at 4:30. I'm really happy to give you this," he said, sliding an envelope across the table.

Finally, Jared thought, some real recognition! Now I can get the muffler fixed on my piece of sh-

His thoughts were interrupted when he saw what was in the envelope.

...Assuming I win on one of these scratch-off lottery tickets. "Th... thank you, sir," Jared replied through clenched teeth. He gripped his lottery tickets in a tight fist and left the office.

"I won $50! What'd you get, Jared?" asked an unnervingly happy coworker.

"Four dollars."

"Oh well, better luck next time!"

Jared later found out that the company intended the lottery tickets as a holdover until the accountants figured out if the company could afford raises.

Anothfr Showstoppfr

Meanwhile, the system was becoming more and more of a nightmare. Not having time to catch his breath between bugs, Jared was often introducing problems at the rate they were being resolved. He finally got approval to just recreate the whole thing from scratch. In four months, the new site was ready and working pretty well.

The intern came back when the new site was done to pick up some of his old stuff. Upon learning that his old stuff wasn't there anymore, and that his hard drive had been wiped, he was upset. Mysteriously, that was the day that every "e" in the user table was changed to an "f".

No, seriously. How the hell does something like that happen? All "Henry"s became "Hfnry"s. "Eileen"s became "filffn"s. And bfcausf thf backup sfrvfr apparfntly wasn't working, fvfry fntry had to bf fixfd by hand. Since "f"s were untouched, "Felicia" would be "Fflicia," and Felicia probably wouldn't be pleased with being addressed as "eelicia."

The Last Straws

Jared had put up with a lot. With the reckless development practices (that Jared admittedly followed), he was fixing critical issues daily. In the shuffle, he found that it was faster and easier to create a user account for himself on the live site that he could use to create and change his own data. He never touched anyone else's data and knew he shouldn't be playing around in production, but it never hurt anything.

Still, when one of his superiors found out, he was furious. He assumed that Jared was responsible for changing all the "e"s to "f"s. The higher ups were getting suspicious. A week later, screen capturing software was installed on everyone's systems, and a secretary was fired for spending an entire day playing Space Cadet Pinball. Everyone treated it as a warning.

Later, everyone's passwords were changed to one password. One password common to everyone. Users weren't allowed to change their passwords, either. They also stripped Jared of his ability to work on any of the sites by revoking access to the servers, disabling all of the nightly batch jobs that he'd created, and deleting his user account from the production site. He wasn't even given read-only access to the code. And that's how Jared could no longer do his job.

Finally, Jared submitted his two weeks' notice and found another position. Thf mystfry of thf "e"s and "f"s was nfvfr rfsolvfd. He didn't tell us how his new job is going so far, but Jared, if you're out there reading this, I really hope they're paying you with something better than lottery tickets.