- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
IMHO more readable than the "magic prefix" pattern.
Admin
if (strpos($haystack, $needle)) { ... }and the execution would enter the if block even if $needle isn't found in $haystack. That would surely be confusing.As is now, there is only one confusing case: when $haystack starts with $needle.
The best way would be to add a function in_str() that returns either true och false. Checking containment is probably the most common usage of strpos().
Admin
A failure in a common case that will be tested and identified quickly is superior to a failure in a rare case that will take forever to surface, in my opinion.
Admin
I coded similar statements once upon a time. There were two different reasons.
(1) On one system, it was necessary to defeat a bug in the compiler's code optimizer. The optimizer attempted to move code forward and out of loops. Sometimes it moved a computation too far forward, so result had the wrong value when it was used. A statement of the form x = x * 1.0 stopped the movement of expressions using x.
(2) The other reason was that, on one computer (CDC 3600), floating point 1 was not a multiplicative identity. That is, for some numbers, x * 1.0 != x. The reason was that this processor truncated before normalizing and, when multiplying by 1.0, this had the effect of forcing the low bit of the product to be zero.
Why did this matter? It's been a long time and I don't recall the details, but I was doing something with complex numbers and needed to check whether the real or imaginary part was the same as the scalar value I started with. Because the scalar value was multiplied by (1.0,0) or (0,1.0), I didn't always get equality until I replaced the original value by val = val * 1.0.
Admin
-1 is a valid position in that if you pass it to substr it goes 1 character back from the end of the string (i.e., the character in position -1 in "Cabbage" is 'e'). However, strpos doesn't return negative values, but from a strictly semantic point of view, returning the index (an integer) or false (a boolean) makes more sense. Any competant PHP programmer (which, sadly, there are very few of) is well aware of problems that arise with the incorrect number of = signs. (I have seen an authentication module with the line "if ($username = 'wyang')"; needless to say it was a horribly written system as it checked if people were administrators by checking their username through a series of if statements), but PHP isn't that bad a language.
Admin
This is actually sane. strpos usually returns an integer; if this is 0, it means "found it; it's at the beginning". However, strpos can also return falss, meaning "not found". You have to distinguish the two cases.
Admin
And in case he somehow thought that if you assigned to an empty-string key to an empty array (a WTF here: PHP might call them arrays, but I think real programmers call them hashes), that you could also use it with [0], that's also wrong:
php > $array[''] = "paula"; php > var_dump($array); array(1) { [""]=> string(5) "paula" } php > var_dump($array[0]); NULLHe might have been going for this:
php > $array[] = "wooden table"; php > var_dump($array); array(1) { [0]=> string(12) "wooden table" } php > var_dump($array[0]); string(12) "wooden table"This only happens to an empty array though, and it is a nice way to allow array appending, as opposed to having to actually write out 1 + last index (which for PHP is != length - then again, anyone who mixes numeric indices and string indicies should be locked away, and then shot 47 times).
Admin
Admin
This is the best code snippet WTF I've seen yet. I had this great mental image of a giant, complicated machine that just has a cabbage sitting somewhere in the middle for no apparent reason, but if you ever take it out the whole thing stops working. Very Terry Pratchett-esque.
Admin
Actually, from what i read there, "Cabbage" can be replaced with any string of at least 1 char, ir you could move the admin directory on the server to inside another folder so that "/admin" will not be at strpos 0, which evaluates to false.
So, in short, the real wtf is that strpos is not supposed to return a boolean, so don't use it's return value as one.
Admin
Maybe she's French? "Gabrielle" is pronounced (minus the lovely french accent) in the same way as "Gabriel"...
captcha: dubya (wtf?)
Admin
No, you dont need to, but you can.
You see in php if("0" == 0) is true and if("0" === 0) is false
So you can decide on your own, if you want to check the type or just the content. Of course you should know what you are doing and most PHP "developers" (read: Script kiddies) dont even know what the difference is. My last boss wrote something like if($int == "0") and didnt even get why i LOLed.
In PHP everything is easy and that is why nobody gets what is really going on, they shoot their foot, and dont feel the pain.
The "Programmer" of the original WTF would have said "Whats wrong with it? Its working!" and thats the problem with all the PHP guys out there.
Tyler
Captcha: atari, noooo i had a C64, atari suxx
Admin
Too bad it will fail once something in the system triggers the cabbage collector routine.
Admin
This girl is getting a harder time than she deserves.
We don't know if she's worked with PHP before and I know that I don't check the reference manual on every single library call when maintaining code. Afterall, this is an incredibly bizarre thing to do in almost any language.
No wonder people want to hire developers which are in a country as far away from them as possible....
So, to use a famous quote, the real wtf here is not silly PHP behaviour, it's not inserting random words into a string, it's yet another example of a developer using comments to tell us what is going on rather than why. Another WTF which could have been avoided with good comments.
(Someone needs to test this software on Konqueror)
Admin
The "ADMIM" typo reminds me of a content management system... There was a component called "<something>-manager", but in code it was often spelled "<something>-manger". I guess the german developer was fond of this typo or something. Of course, it was eventually noticed, fixed and committed to SVN, which was trivial to do.
Some of these mispelled lines were saving stuff to database with the wrongly spelled component name. Meaning that any old version of the CMS would use "manger", while newer versions use "manager". It took quite a while to figure out why some stuff broke during a routine update.
Admin
i don't remember what language i had to pull that crap in, but it was a way to tell the compiler that "HEY WE'RE USING FLOATING POINT NUMBERS NOW INSTEAD OF INTEGERS" as in you'd kick a compiler warning for this
int i = 10 float d = 2.5
d = i/d //error However, for some asinine reason i = i + 0.0 //i swear to god d = i/d // no longer an error.
Or even better (and looks STUPID) d = (i + 0.0)/d
heh. stupid hacks to get around non-strongly typed variables.
Admin
No. The real legendary "WTF" is that PHP can return either a numeric or a boolean value from a call to strpos(). That's just idiotic, and whoever designed it that way should find another line of work. RTFM doesn't matter - stupidity is stupidity, even if it's documented.
Admin
So how does that make returning two different data types OK? It's still moronic.
Since it returns a numeric value if the string is found (0 based), a value less than zero would seem to be appropriate.
No. It's going to return one type of answer: the numeric index of the substring within the string. If the string is not there, it should return a numeric value to indicate that fact.
The logic you're using is similar to TRUE, FALSE, FILE_NOT_FOUND logic for boolean values.
Keep on posting, though. I like reading the real WTF s.
Admin
WTF? How can -1 be a valid character position in a string? If an index into the string is zero-based, how can string[-1] exist? And if string[-1] can somehow exist, can index -99? Even -99 would be a better return value than false.
And people say VB is a badly designed language...
Admin
Oh, good! You kept posting! We get real WTF content today!
WTF is an "integer string"?
A "language feature"? It's simply stupidity in the design.
You really are the one who designed TRUE, FALSE, FILE_NOT_FOUND, aren't you? Why didn't you 'fess up when it was posted? We all could have enjoyed the laugh then, instead of waiting until now.
It makes no sense, but it's as sensible as returning either an integer or a boolean from the same function.
No matter how you argue it, this is poor design. While dynamic typing has it's uses, the way PHP uses it is extremely moronic. "Gee, this function can return the integer index if the substring exists, the boolean false if it doesn't, or "Gedoon" if the design is stupid." I get "Gedoon" back.
Admin
Who said anything about more complicated? This discussion is about what's logical. Returning two different data types from the same function call is idiotic.
If the function returns an integer value (the index of a substring within a string if it exists), it should be consistent and return an integer value if the substring does not exist. That's logical, and avoids the need to spot the warning in the docs. (That's assuming that the designers of PHP were intelligent enough to write in the docs "WARNING! WARNING! WARNING! We made an extemely stupid design decision in this function, and you should read this section carefully! WARNING! WARNING! WARNING!" and repeated it several times in the strpos() section.
Admin
Finally! A sane voice!
I see it more like
Admin
[quote user="md2perpe"] I don't agree. Then people probably would write things like
if (strpos($haystack, $needle)) { ... }and the execution would enter the if block even if $needle isn't found in $haystack. That would surely be confusing. [/quote]
Oh, good. Another one. :-)
People should write things like
or
That is perfectly logical, and easy to read.
I agree that another possible solution would be a separate function (like the in_str() you suggested). The current method, however, is really dumb. It's about as logical as calling Dell to place this order:
PHP: "Hi, I'd like to order a 1 gig RAM chip. If you don't have that, please send two 512 meg chips. If you don't have those, send me a carpenter's hammer and a bag of potato chips." As is now, there is only one confusing case: when $haystack starts with $needle.
The best way would be to add a function in_str() that returns either true och false. Checking containment is probably the most common usage of strpos().[/quote]
Admin
Oh, goodie! Another of the TRUE, FALSE, FILE_NOT_FOUND camp joins us!
I guess I was wrong earlier - looks like T/F/FNF was a team development effort instead of just an individual.
Admin
Therefore, if -1 was returned for "substring not found" there is no special consideration necessary. It's very simply:
if(strpos($_SERVER['PHP_SELF'], "admin/") != -1) { // Stuff... }I consider === and !== to be special consideration. A single != conditional is not special consideration at all. I think NULL, false, and 0 should be considered false when evaluated as a boolean expression. All else should be considered true. In the manual for substr() the start parameter/argument can be supplied as a negative index, which would result in a returned substring beginning at the startth character from the end of the string.For example:
"string index" isn't a type. The type is integer and it's used as an offset to index the characters.Returning -1 would not muddy the waters; negative indexes muddy the waters. Simply reading the manual page would keep everybody clear on circumstance.
If it's useful to index from the end of a string that can be easily done explicitly:
Output:
ring.
Special indexing is not necessary. It's probably PHP's way of catering to NON-programmers. General users trying to program is a major WTF.
Addendum (2007-03-09 10:20): println(substr($mystring, strlen($string)-index))); // SHOULD HAVE BEEN println(substr($mystring, strlen($string)-5)));
Addendum (2007-03-09 12:49):
Sorry about the mistakes. I really do prefer being able to edit my post...
println(substr($mystring, strlen($string)-index))); // SHOULD HAVE BEEN println(substr($mystring, strlen($string)-5)));
/**** SHOULD HAVE BEEN ****/
println(substr($mystring, strlen($mystring)-index))); // SHOULD HAVE BEEN println(substr($mystring, strlen($mystring)-5)));
Admin
But you MUST in this case! How else can you distinguish between 0 and false, which are both returns and mean different things? The function design is forcing you to use either === false or !== false.
Admin
In the nation of Microsoft, where the Hungarian notation tells you the referenced object's type ("G" for "Girl") and the mnemonic part "Abriel" (sometimes shortened to "Abby").
Admin
If you don't know any girls named Gabriel, you should get out more. they know how to PARTAY!
captcha: tacos. Mmmm, tacos. Could go for a nice side of nachos.
Admin
Damn, you caught me! (Please don't tell my boss.)
Admin
(Bad form, but I don't have time to check through the remaining posts...)
I don't have an example, or a counter-exammple, but for my sins I spent 15 years programming in C on VOS ... a wonderful OS. All system calls are basically PL/1 based. PL/1 seems to have no idea of a return value (I'm not sure about this; I only used the C interface).
As a result, a VOS programmer is led to using ret-by-value parameters, rather than guessing at what the "function" might evaluate to (which is in any case a relic of ancient Fortran, pre-IV, where subroutines and functions were different things. Perfectly reasonable in those days, but still).
I have to admit, when I read other peoples' code (always a good test of a language), this seemed to work quite well on a type-safe basis.
Other than that, all I can say is that PHP is a complete heap of WTF*ery. Have these people not heard of MVC?
And have you tried to build the goddamn thing from scratch?
I have. There are not enough showers in the world.
Pass the goggles. Make sure they work, this time.
Admin
Oh no, that's just for hysteric raisins. In today's code for mksh et al. we use:
PS: This captcha thing sucks with lynx; look at how http://undeadly.org/ does it. And the textbox is horrendly(sp?) small in Lynx, but ^Xe opens up an external editor, luckily.
Admin
oO no '$VAR' - ITYW "$VAR" instead.
Try again. Point taken.
Admin
Nope. You seem to be confusing the return value with the optional third parameter, the start position. In order to allow efficient searching when a string is expected near the end of a string, PHP allows setting the start position in terms of distance from the end by using a negative integer. That does not mean it allows negative return values. PHP strings are not C char pointers.
Admin
Admin
I hate scripting languages. I didn't want to start a new forum thread for this so I thought I would post it here.
I just came across this code in an ASP/VBScript application.
(Note: that the HTML <input> element is in another script and the ASP/VBScript is in a server-side script; not that it matters)
... <input type=</span>"checkbox" name="chkMyCheckBox" ... value="1" /> ...I came across this code thinking "WTF..."Then a co-worker tested it and said that it worked so I started outputting to confirm why it worked. Google confirmed my assumptions.
Oh yeah, scripting langauges are evil.
Interestingly enough, I recently found out that in JavaScript a NaN doesn't equal itself. For example:
Output:Not equal!
(Tried to highlight things and move things down on new lines so it was easier to read... I don't prefer these highlighting schemes, however, nor do I prefer these languages...)
Addendum (2007-03-13 11:31): Inevitably, I messed up the highlighting a bit... It should still be readable... :(
Admin
Actually, the NaN-inequality follows from the IEEE floating point specification, that requires any comparison involving a NaN operand to return false (so NaN == NaN and NaN != NaN are both false).
All programming languages that support IEEE floating point arithmetic (and almost all do to some extend) exhibit the same behaviour; it's not limited to JavaScript.
Admin
Admin
Admin
QED.
So what if PHP allows people to shoot themselves in the foot? A lot of us out here DO know what we are doing, and we DO understand static typing, dynamic typing, etc. All the ad hominem attacks in the world won't change that. PHP provides for me and mine and I'm damn good at it, and I'm also thankful there are a lot of people out there that aren't, because I get the biggest kick out of the WTFs that involve PHP.
QED.
Admin
Well, that's depressing. So why do we even need NaN? Before attempting to convert to a number shouldn't a programmer check that the value is numeric? If the programmer tries the conversion on a value that can't be evaluated as a number the system should throw an exception. What would be wrong with that?
Admin
I'm sure that this is an obfuscated function name. The actual name was probably
CheckAndVerifyTheCurrentUsersRightsOnTheCurrentPage
Admin
Why do I see so many password crypt examples that use a static string for a salt. By definition, salt has to be random or changing, otherwise matching passwords would still appear the same.
http://en.wikipedia.org/wiki/Salt_(cryptography)
Admin
"A language where array[''] == array[0] is not for serious work."
it's your responsibility to use a language in a serious way. crap in, crap out!
you don't like implicit casting? don't use it then. instead, rely on the === operator and distinctive identifiers (certainly not "" as an array index).
why comply if a tool is more powerful than suits your purposes? use it the way(s) you like, ignore the other ways.
Admin
sorry, the word is "complain", not comply. stupid english language! it's got far too many words!!
Admin
Hi there...
I'm Gabriel... and of course it was a little misunderstanding or I typed in wrong... one should not refer to me as "she" but rather "he"... No offence taken... WTF makes some of my days happier...
About the "Cabbage Based Authentication"...
I laughed my ass those days, when I had to modify that app., so much that I gained some kg... any way it kept me going on and I delivered the modifications on time...
I'm pretty sure that if I wasn't that amused by the authentication method... I would have never completed those modifications...