- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
It's always funny when a program goes through all the trouble of detecting an "error" when it could just deduce the answer with same or simpler logic.
I mean, if it was a human being talking like this, we would probably smack him in the head.
Admin
return("You must express the magnitude of the dollar amount using modern, Arabic-derived numerals formatted according to base-10 (decimal) convention, most significant digit first.")
Admin
ROFLAMO!
Admin
Time to go enter $-%
Admin
Hee
Admin
I wonder if this is really a WTF and not the request from some crazy client. I had a project recently where the client was not satisfied with generic error messages and we needed to get much more in depth with what errors were being generated.
Admin
^$-?[:digit:]*.[:digit:]{2}$ anyone?
What language doesn't has a regex library available these days?
Admin
Admin
Rolling On Floor, Lusting After Marie Osmond?
Admin
The real WTF is the name of the function - validInt(). The function does not valid integers, it validates currency. Currency is mostly never integer based, but decimal based, even if you want to ignore formatting (which this function does not).
This is first grade programming at it's best. You should allow your users to enter data in flexible formats and your code should adjust.
Admin
Agreed. This looks more like a case of runaway requirements more than an overzealous coder.
Admin
http://en.wikipedia.org/wiki/Category:Esoteric_programming_languages
Admin
that snippet is more or less what we were told to do in first year of computer sciences...
Admin
Whether the WTF originated with the coder or the client, it's still a WTF. It's just not necessarily becuase the coder was an anal-retentive idiot. Perhaps he even avoided a regex because it made him feel better to express his frustration through a function like this one.
But it's still a WTF.
Admin
There comes a time when you have to force your user to grow up and accept some responsibility. Regex validation is needed here, with a single error message: "Please re-enter the amount using this format: $9999.99".
Admin
I guess I will be the first one to say that I don't think this is a WTF. Just because there may be an easier way to accomplish the validation doesn't make this a WTF. Is it overly verbose? Maybe...but even that is open to opinion.
If I saw this in code I was maintaining I wouldn't say "WTF!?!", I would probably just change it to use a regex or something. Or since it appears to accomplish what it set out to accomplish I might just leave it alone.
Admin
While this might not be the best way to actually implement the input validation, wrt the messages, I think you underestimate how obtuse end users can be.
captcha: tastey (spellcheck, anyone?)
Admin
The thing is, it doesn't accomplish it's objective very well. Unless $-. is a valid currency.
Admin
The readable, maintainable ones.
Admin
CAPTCHA: 'tastey' they are not.
Admin
No, you ninny! It means "Rolling On the Floor, Laughing Ass My Off"!
Admin
I feel funny admitted this but I have a similar piece of code that I use to validate emails.
It has messages like... "the tld must be more then 1 character."
I don't get crappy email values though.... just fake ones;)
captcha: sanitarium
Admin
The only things I'd change would be to do a really simple regex right at the top, and only THEN go through all that garbage to say what's wrong if it failed the first test - with all that code, you're gonna let some cases slip through (like what people above me pointed out).
Admin
Admin
Admin
You should write one.
Admin
Apart from the high verbosity and the wrong naming, this code is broken (does not check the input correctly in all cases) and not culture-independent.
Admin
So, wait... -10.00 is valid, $10.00 is valid, $-10.00 is valid, 10.00% is valid.. what sort of field is this? It takes unitless floats, dollars, and percentages?
Admin
So Brainf*ck is a readable, maintainable language, isn't it?
Admin
They actually used a regex. To strip off blanks. Sigh.
Admin
A project or so back I had a requirement from the end user to recalc an entire series of fields on a keystroke by keystroke basis. For example, as they entered a price of 123.45, it would recalc the entire form for: 1, 12, 123, 123.4, 123.45, with appropriate range-check errors spewing into an error-status scrolling window. Sort of rediculous, and a cpu-pig, but the user wanted it, he agreed that it might be wasteful, but was willing to pay for it, so we did it.
Admin
i once wrote an overly complicated email validator aswell.
mine even did a reverse lookup on the domain to see if it existed, then tryed to open a connection on port 25.
Admin
Well, I guess tou can't enter French formatted currency (might be Quebec only, not sure) where the dollar sign is after the numbers which actually makes sense: you say ten dollars not dollar ten for 10$.
Bonus for redunant ifs and the fact that it fails to notice having a dollar percentage. Definately not "^.^,^-^".
Admin
$-23.26% ??
Yeah, we're deploying a version of the software for the U.K., and I'm gonna need you to come in on saturday and localize this, mmmkay?
captcha: Run outta funny letters, lamo?
Admin
Actually, $-10.00 is invalid as well:
if (fdollar > -1 && fminus > -1) { //return("You cannot use both a dollar($) sign and a minus(-) sign") }and yet ... they follow up with this??
if (fminus > 0) { if (fdollar == 0 && fminus == 1) { if (str.length==2) { return("You must have a value after a $- sign") } } else { return("You must have a minus sign in the 1st position or immediately after a $ sign") } }.. ok . I'm confused ... :\
so .. are you allowed: $- or not?? seems like it's both ..
Admin
hehe ... ok .. never mind ... did my own WTF ... missed the comment: "//" of that return .. sigh
(note to self: clean glasses ... ) ;)
Admin
And are any of those ints?
My brain is now sore. IHTFP. It makes me angry some times. But, some times it makes me laugh.
Admin
Not only is currency rarely integer-based, but this "validInt" function actually ALLOWS a floating-point number (look at the "fdot" variable). I actually read the comments to see if anyone had noticed this. Glad I wasn't the only one.
Admin
YES, THIS CODE SNIPPET IS WORSE THAN FAILURE.
IT'S -WORSE- THAN -FAILURE-.
I hold a grudge indefinitely.
Anonymous does not forgive.
Admin
And I'm aware that I have my name in the user field, by the way.
Admin
You must use the percent sign. You must use the minus sign. Please use them. Now.
(I'm still waiting.)
Admin
Which is more important than people probably think, in general. How many flat-pack resistors do you get for a penny? The MRP package I'm working with right now supports 4 decimal places for monetary values.
Admin
Agreed. My approach to validating fields like this is to strip out non-numeric characters (possibly excepting ".") and then use built-in functionality for validating that the numeric characters left form a valid number. If it doesn't, output a single error message saying something like, "This field is required, and the format should be $xxx.xx."
Anything wrong with that?
Sure, a clever user can enter something like hi100my234name567max980powers and it validates okay...but is that behavior that the developer has to prevent?
Admin
Goes to far? You apparently haven't dealt with some of the incredibly stupid users I have over the years... It would have been perfectly appropriate to have an error message that said:
"You haven't typed anything in this field, and something is required in this field. Please use the keyboard, which is likely in front of you (it'll be the thing with a bunch of squares with letters, number and symbols on it). Please ball your hand up, then extend your index (pointer) finger out, and use it, in conjunction (read: together with) an up and down movement of your arm (the one that is attached to the hand you've balled up) and try and target the squares with letters on the keyboard in a pattern that forms a word that makes sense in this field. For example, this field is labeled First Name, so an appropriate entry might be 'bill' or 'jeff', but '12345' is most likely not an appropriate response. In addition to this activity, please remember to expand and contract your diaphram, thereby getting air into your lungs and oxygen into your blood stream for distribution throughout your body. If you are still having difficulty achieving the goal of proper data entry into this field, please contact the technical support emergency hotline at 123-456-7899 (please click HERE for details on how to use the device next to you which sends and recieves sounds between yourself and another human being, commonly referred to as a telephone)."
Yes, that would be an absolutely appropriate error message, considering some of the users I've dealt with over the years. It would be even MORE appropriate accompanied by animated graphics demonstrating what to do, hand-drawn with bright Crayola-esque colors.
Admin
I recall in the chapters in Patterns of Enterprise Application Architecture that dealt with currency, they explicitly advised using an integer-based storage mechanism. Treat currency as an integral number of the smallest unit (e.g., cents for US currency). This helps prevent floating point math funniness, and ensures that you don't lose a penny here or a penny there due to rounding.
It gets hairier when you have to do currency conversions, but I think I recall that you want to still store in the denominations of one of the languages.
Admin
Well, the coder's heart was in the right place. This definitely could have been implemented much better, and I'm confused as to why this field seems to be able to accept so many formats, but if anything there isn't enough input validation IMO (there are still incorrect values that can get through).
My daddy always taught me: "Son, the user should be able to mash the keys with their fist and not break anything."
Admin
User: But I need to enter $1234.56! What should I do?
Admin
Why is it OK for a ValidInt to have a decimal point? I guess if he checked that all digits to the right of it were 0, but he's not doing that...
Admin
You did notice that that return statement is commented out, right? :)
Admin
This is QA driven code. The first validation was very simple and then snowballed as the QA department tried every goofy combination under the sun and insisted on a specific, new error message for each case.