Some time ago when Michael was tasked with updating some of code on an old website, one file on the server caught his eye.

Amid an ocean of static HTML files, it turned out that there was exactly one PHP script. Not sure what to expect, he was surprised when he discovered that the script was entirely comprised of vanilla HTML save for one line.

<script type="text/javascript"> 
  // <![CDATA[                
  var so = new SWFObject(
      "../theswf.swf?rand=<?php echo rand(100,999); ?>", 
      "theswf", "100%", "100%", "8", "#FFFFFF");

  so.addParam("menu", "false"); 
  so.addParam("base", "../"); 
  if( so.write('flashcontent') ) 
                        { 
    var macmousewheel = new SWFMacMouseWheel( so ); 
  } 
// ]]></script> 

That’s right – the only reason this particular page was rendered via a script was to use PHP’s rand() function, which was obviously superior to Javascript's Math.random() 

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!