- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Bang On!
As far as I can see, perl is designed for quick_n_dirty on-off fixes.
The WTF is that it's a WTF
The derivative of the WTF is that too many commenters don't get it.
1. It's not Windows. Windows would had required date /t > some.file.name
otherwise, you'd be looking at a screen, with a "huh"
2. The Guy (maybe a "Babe") is a genius.
A quick-and-dirty solution to a problem. I wish I had the intuition to come up with a solution like that.
I'd bet that most of the commenters wouldn't know that 2038 was a really significant number.
Earth calling Alex: We need some real TWFs
Old-Not-Quite-Rich-Curmugeon-Somewhat-Saner-Than-Richard-Nixon.
"I am not a crook"
Admin
Hopefully, I'm not a crock.
I meant to say,
Alex: We need some real WTFs.
ps. This one's pretty lame.
Admin
But you see, that's not Unix's fault. Unix has this function called tmpfile() which returns - guess what - an available temporary file name. If the programmer chooses to ignore it and hardcode the file name, that's his problem entirely.
Admin
Was this found in a mission-critical application, or in some shell script found in ~root/bin?
The standards for excellence when writing mission-critical, application code are quite different than for some random sysadmin function run rarely and non-critical if it fails.
I've produced (and still produce) my share of crap code, when I "know" that whatever I write will be thrown away soon, or at least, not used outside a narrowly defined context. Sometimes, it's better to get something done fast than done right, if it works "this one time" or in "this particular case".
There's nothing wrong with that. 10 minutes of research isn't justified when you have a 5-minute hack that will be used once or twice and then tossed. In these cases, performance isn't much of a concern, and "the right thing" is whatever you can slap together the fastest.
Admin
Amen
Admin
Stupid code like today's WTF allows symlink attacks. It's not only slow and complicated, but also extremely insecure.
Admin
Well, ignoring the fact that the whole thing is pretty silly when we have localtime and DateTime stuff, but still:
* raw shell system() makes me wince, even when the argument is a string with no variable expansions.
* Temporary file is same for every invocation. Most people have the sense to use something like $tempfile = "/tmp/$0.$$"; or something (ie, program name and process id).
* Perl 101: The recommeded syntax is open(...) or die(...); (Same for people who don't know Perl: A classic example of not handling errors. At all.) Hell, writing that is kind of automatic for me. I think I once forgot that. At four am in the morning when I woke up to write some Perl for that cool idea I had once.
* chop; used instead of chomp;.
* Doesn't unlink() the temp file, which is kind of silly if someone else uses the program and the temporary file isn't writable.
Admin
Come on.
1) The guy that submitted this wouldn't have seen it if it was truly throw away, one-time-use code.
2) This code is embarassingly bad even if it's to be run only one time or only under limited circumstances.
3) 10 minutes of research leads to a lifetime of not shelling to get the date. We'd all still be cavemen using your philosophy.
Admin
You don't know perl, do you?
my @datevals = split / /,
date
;though the correct way would be...
my @datevals = localtime;
Admin
You think this is a joke. Check out the IRC client X-Chat. It has a built-in command that lets you perform a DNS lookup on an arbitrary name. Until very recently (within the past few versions), it performed this lookup by shelling out to the 'host' command found on Linux systems. And when it didn't work on Windows, it was "Windows fault for not having obvious commands like `host`'. :x
--Mike
Admin
There are better ways to do this, yes.
Race conditions and other bad stuff are here, yes.
Using standard modules are a must when you can, yes.
Sometimes you have a job where the admins don't let you install anything except for your one little script (not even modules) on their box. I am ashamed of the code that I was forced to write.
Admin
Damn you! Where did you hijack my code?!!
This is merely #273 of the 5000 different ways you can do the same thing in perl. I'm not saying it's the BEST way...or the RIGHT way...
(and yes, I've since discovered the timedate module...)
Admin
great minds think differently, it's all about that.
but does this mind thought about changed locale? that is the question!
anyway, pure wtf...
Admin
I must admit. I have done almost that exact code back in the DOS batch file days. There was no other way to get the information I wanted to use. I don't remember the program I wrote, I just remember the triumphant feeling of solving the problem.
Now, only shame. :-)
Admin
... and what's wrong with caves?
Admin
I've done some things in less than ideal ways also.
However, when the hack that this guy came up with is harder to code than implementing any kind of normal solution, it kind of leaves you scratching your head.
It's almost like he was struggling to find the worst possible way of doing this.
I wouldn't be surprised if he sat for hours trying to figure out how to do this using only the knowledge he already had (and it doesn't appear that he knew a whole lot).
It doesn't look to me like one of those cases where a hack is justified because it will save time.
It's more like sheer stupidity.
Admin
If you don't need the timezone you can just do this:
@datevals = split / /, scalar localtime
easy!
Admin
Wouldn't that require user1 to have root privileges already?
Admin
They're infested with cavemen.
Admin
You really don't get the point of this site, do you?
Admin
The real WTF is that this was submitted at all... or maybe that Alex thought it worthy of posting.
Perl is a language for quick hacks, and for scripts which get run once. If this is such a script, what's the problem?
Admin
Agreed on most points. I do use the date command from the shell in my perl scripts mostly because localtime can be a real pita when I just need the current hour/day/etc... and using date from the shell is more portable than including a perl module on all of my servers. Of course, this all depends on useage, if I was writing something to distribute to someone else I wouldn't do that, and I've went to writing bash scripts for most of my internal stuff. Figured if I was just going to use shell commands, why use perl.
Admin
Date/time modules have been available on every Perl install I've seen on every platform in the last 15 years at least. Yet
system("date");
and
system("chmod 777 file");
are common despite built-ins that are faster and more portable.
Admin
So why was it still available to send to this site? I write one-shots, too. I also delete them when they are finished.
Sincerely,
Gene Wirchenko
Admin
No /etc/passwd is world readable
Admin
Admin
Perhaps the programmer wasn't after the date, but rather what the Operating System 'DATE' command returned -- this could be handy in determining localization (in EMEA its "mm/dd/yyyy" not "dd/mm/yyyy"). And on Windows systems you can several things about the environment in which you're running based on the return from the 'DATE' command.
Ciao
Admin
You don't need the privileges to soft link to a file - hence the race condition... I like this - as long as we still have stupid programmers I remain in a job :-)
Admin
If you're using perl and time related things, and you only need specific values, use an array slice to get the value you need. For instance, if you just need the current hour, use (localtime())[2].
Admin
you have to be carefull with using temp files as a high privilage user though. if not you can end up with security holes depending on what you do with the file content.
Admin
Unless of course, this is part of a system that works with all sorts of scripting languages and they need to know what date/time this started and it was created with the assumption (I know it's bad) that it will fire off with a cron job or something like it once an hour or so. Having that written in a file makes it easy to see if it's running - you can easily just cat the file to see when the last time it ran. You can also easily read it if with python, ksh, bash, etc...
Without seeing the full picture, I can't see this as a WTF.