Peter B’s company didn’t have the resource availability to develop their new PHP application entirely in-house, and thus brought in a Highly Paid Contractor™ to oversee that project. This story could end here, and you could fill in the rest, but Peter found an… interesting block of code during the autopsy on this disaster.

Now, I want you to imagine that someone has handed you an integer. You need to know if that integer constitutes a valid HTTP status code. Now, this could get difficult, as just because a number falls between 100 and 599 doesn’t mean that it’s actually a defined status code. Then again, services may define their own status codes, and clients should understand the class of a status code, even if they don’t understand the number, so getting a 147 code isn’t wrong, so we can just probably assume any n where 100 <= n < 600 is valid enough.

Sorry, I’ve gotten off track, because I really just can’t believe this code is the solution someone came up with.

function isValidHttpCode($code)
{
    return in_array(substr($code, 0, 1), [1,2,3,4,5]) && strlen($code) == 3;
}

At least it’s not a regular expression, but keep in mind, the $code variable was an integer in the calling code. For this code we have to coerce it to string not once, but twice. This was a Highly Paid Contractor™, so I wouldn’t be surprised if it was pointlessly cryptic, or overly complicated and 300 lines long, but that’s not the case. I don’t even think this was a case of blind copy/paste from a library of bad code used by the contracting firm, because those usually have pointless, uninformative, and confusing comments.

This is just… dumb.

[Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.