• tharfagreinir (cs)

    The mind boggles.

    This is really a huge, successful company?

    Faith in humanity ... falling.

  • Cyrus (unregistered)

    Parsing config files is for chumps, real men hard code everything right into the code.

    "Why's the exe 3 GB?"

  • KattMan (cs) in reply to Cyrus

    This isn't a WTF, this is an OMFG!

    I've worked for a document management company and aside from the custom issues the log-in process would have been caught by our clients in a heartbeat. and if it weren't fixed in 72 hours or less we would have been fined and the customer would have left.

    I just hope these guys are not dealing with banking and or medical documents, Europe is even more strict about privacy then the US.

  • jderikse (unregistered)

    ^_^

  • Richard Smith (unregistered)

    I wonder if the guys at Ektron (a cms / document management product) are going to be pleased that their cms400 product is being advertised inside this story on the home page???

  • So..... (unregistered)

    What they should have done is obsfucate the configuration so that they can easily change the config for a client, but not let the client do it themselves, therefore protecting the £££'s. I did something similar once where whe have an automatic form generator that is driven by the data model, we just never gave them the toolkit to change it and so charged huge ammounts for very little work. Those were the days...

  • Anonymous (unregistered)

    This is what you get when you outsource.

    The company I work for outsourced some development. Reviewing the code, I found code where it was doing an if statement based on the result of a string comparison to the text value of a Label object.

    We've since re-written about 95% of everything the outsourcing effort produced.

  • cmccorvey (cs) in reply to KattMan
    KattMan:
    This isn't a WTF, this is an OMFG!

    I've worked for a document management company and aside from the custom issues the log-in process would have been caught by our clients in a heartbeat. and if it weren't fixed in 72 hours or less we would have been fined and the customer would have left.

    I just hope these guys are not dealing with banking and or medical documents, Europe is even more strict about privacy then the US.

    Perhaps I missed something, but I don't think the idiotic use of customer number as serial number and the ability to use some other client's number poses any kind of privacy issue. So you could see how XYZ, Ltd sees the world (their customization) but not what XYZ, Ltd put in their document repository.

    If that were the case this would be a monumental WTF.

  • Names for for suckers (unregistered) in reply to Anonymous
    Anonymous:
    The company I work for outsourced some development. Reviewing the code, I found code where it was doing an if statement based on the result of a string comparison to the text value of a Label object.
    That's not necessarily a bad thing though - I've seen that done before when the text on labels is changed based upon what action the user is preforming. Granted you are taking a performance hit than if you just had a flag variable, but nothing too signification for an office application.

    If the company in the above article wanted to do things the "right" way they should have just encrypted the configuration files for each customer so that they couldn't change them themselves - however, odds are the company didn't intend for this to ever happen and they never intended the application to be customizable.

    Captcha - Quake, fun game.

  • Gir (cs)

    Isn't this how all software is written?

  • anon (unregistered) in reply to Names for for suckers
    Names for for suckers:
    Anonymous:
    The company I work for outsourced some development. Reviewing the code, I found code where it was doing an if statement based on the result of a string comparison to the text value of a Label object.
    That's not necessarily a bad thing though - I've seen that done before when the text on labels is changed based upon what action the user is preforming. Granted you are taking a performance hit than if you just had a flag variable, but nothing too signification for an office application.

    Yeah, that works great when the application is internationalized as well. :)

  • Hitsuji (cs) in reply to tharfagreinir

    Hehe what a way to take care of your 'leet customers

  • Bert (unregistered)

    Howdy!

    The DMS company must has balls, big balls to charge customers for simple changes like that.

    I would even say that they have balls as big as baseballs.

  • binky (unregistered)

    Nice Client Branding solution, I've seen similar in action.

  • Fredric (unregistered)

    This probably started out with just one customer wanting something different. And instead of immediately doing it in a clean way, they opted for the unclean but fast way.

    Later more and more requests came and they kept on doing it this way.

    Now they probably have so many customization all over the code, that cleaning it up would be a huge task.

    This just shows that you should always do it in a clean way from the start, 'cause most likely you won't clean it up afterwards and just keep on adding to the mess!

  • lyates (cs)

    WTF. That's what business rules are...

  • Monkeyget (cs)

    Software customisation can be a real pain in the ass. You make an application with a nice, tight, well designed code. Then the customers start asking some idiotic changes and "one-off" (we want the logo of our company here, i don't like that color, i don't like the way x work it should work like y,...).

    Of course you never have the time to make the customisation correctly because you're told "How hard could it be? It's a 5 minuts job and it won't affect your current schedule". Instead of making the correct fix by changing the structure of the application you end up adding dirty hacks that will be corrected later (read never). Your neat code slowly turn into a big pile of mud. Add on top of that, that each customer has a different version of the application running AND they all work slightly differently due to the customisations and you end up with a lot of fun.

    Of course the way it's been done in this wtf is the worst you could ever think of.

    Hints if you ever find yourself in this situation : -Never ever make multiple versions of the code base for different customers or for different version (light, pro, ultimate). -Any modification you make for a customer must show up in the main branch of the source control. (Even if it's something no other customer will ever use). -When you visit a customer always do an update of the application. -Don't let your customer/salesman think it's easy and harmless to do a customistion. Unfortunately companies here in europe like to adapt software to their minutest need.

  • snoofle (cs) in reply to lyates

    So the logical next step is to eliminate the data repository (and all those pesky database / file system hits) and just hard code the documents themselves right into the app as byte[]'s. What performance!

  • huh? (unregistered) in reply to Names for for suckers
    Names for for suckers:
    That's not necessarily a bad thing though - I've seen that done before when the text on labels is changed based upon what action the user is preforming. Granted you are taking a performance hit than if you just had a flag variable, but nothing too signification for an office application.
    Looks like you've never had fun Send'ing messages to various windows, telling them to change their text to humorous alternatives. Hopefully, no label-text-based logic is used to determine security (like, if(this.label1.txt=="Logged in") { /* do secure stuff */ } else { /* remind them to log in */ }).
  • erKURITA (unregistered)

    The lack of configuration files or extern files that could provide info without hard-codding it, is a lesser WTF.

    The main WTF is programming companies that lacks of pride when it comes to doing what their clients want. I mean, paying for a feature only THAT PERSON is going to use? I'd either ask an horrorful and huge ammount of money (not that much...) or just say no.

    Say, one day the US Goverment decides to use the Pink as their color for everything, and they also want their software with pink themes. Will Micro$oft add (more) useless code to its current (useless) code, just to satisfy an organization will? I highly doubt it sir.

    But still, no "Options" button? WTF?

  • cconroy (cs)

    I love Frobozz Inc.'s products. They make especially nice magic wands. Ferment!

  • JC (unregistered)

    We had a similar situation in our code. Over the years it spread everywhere, and there was even code checking for customer id's who had stopped using our software years ago.

    We also had situations where if a customer wanted the same functionality as someone else, then instead of changing the software, they temporarily changed their customer id instead! (Sometimes on a per-user basis by pointing them to a different config file.)

    Eventually it got so silly that we saw the light and have since gone though most of the code to change it to use configurable settings instead.

  • JC (unregistered) in reply to erKURITA
    The main WTF is programming companies that lacks of pride when it comes to doing what their clients want. I mean, paying for a feature only THAT PERSON is going to use? I'd either ask an horrorful and huge ammount of money (not that much...) or just say no.

    There are many software houses that specialize in niche (vertical) markets where there are not many clients, and off-the-shelf software is too generic to perform the required task. In this case the only money they make is supporting the software and putting in bespoke changes. Yes it generally is a huge amount of money, but such companies are willing to pay for it if it gives them an edge over their competitors. (And if winning a large contract means changing the background colour to pink, then the background colour will be changed to pink!)

  • Mike5 (unregistered) in reply to Gir

    Shush! (Yes)

  • So..... (unregistered)

    Hmmm the test does not work, a true WTF!!!! Does all your apps have this level of security?

  • So..... (unregistered)

    Hmmm the test does not work, a true WTF!!!! Does all your apps have this level of security?

  • Mike5 (unregistered) in reply to Gir
    Gir:
    Isn't this how all software is written?

    I meant

    Shush! (Yes)

  • Mike5 (unregistered) in reply to So.....
    So.....:
    Hmmm the test does not work, a true WTF!!!! Does all your apps have this level of security?

    No, I bet some rely in cookie being set to "Admin=0" :)

  • Jon (unregistered)

    Anyone find it odd that the customer id for the customization is 'Leet' i.e. 1337?

  • bob the dingo (cs) in reply to Hitsuji
    Hitsuji:
    Hehe what a way to take care of your 'leet customers

    hence the bug number...

  • KattMan (cs) in reply to cmccorvey
    cmccorvey:
    KattMan:
    This isn't a WTF, this is an OMFG!

    I've worked for a document management company and aside from the custom issues the log-in process would have been caught by our clients in a heartbeat. and if it weren't fixed in 72 hours or less we would have been fined and the customer would have left.

    I just hope these guys are not dealing with banking and or medical documents, Europe is even more strict about privacy then the US.

    Perhaps I missed something, but I don't think the idiotic use of customer number as serial number and the ability to use some other client's number poses any kind of privacy issue. So you could see how XYZ, Ltd sees the world (their customization) but not what XYZ, Ltd put in their document repository.

    If that were the case this would be a monumental WTF.

    It is if you think about that customer number being used as part of a query into their database. Change customer numbers, change the look and the data returned.

    I mean seriously, how is the system supposed to know who is asking for the data so they know who's data to pull other than by customer number?

    And before you say it, security could be broken with this. Log in with your user name and password under your customer number, the system then sees you as a valid user, THEN change the customer number. Not sure if this is really happening, but with this type of customization I wouldn't be surprised.

  • jeti (unregistered) in reply to Gir

    No. We use #ifdef instead.

  • codemoose (cs) in reply to Monkeyget
    Monkeyget:
    Hints if you ever find yourself in this situation : -Never ever make multiple versions of the code base for different customers or for different version (light, pro, ultimate). -Any modification you make for a customer must show up in the main branch of the source control. (Even if it's something no other customer will ever use). -When you visit a customer always do an update of the application. -Don't let your customer/salesman think it's easy and harmless to do a customistion. Unfortunately companies here in europe like to adapt software to their minutest need.

    Amen, brother. Unfortunately, the PHB frequently gets in the way of common sense approaches like that. Then they scream bloody murder when development costs spiral out of control. Asshats.

  • Leo (unregistered)

    I'm in a similar situation right now. And this WTF smells like bad management. It probably started as big client that required some SLIGHT modifications.

    Engineering said: -"It'll take a whole month to re-write the code so we can use configuration files/dialogs/whatever to enable/disable the customisations."

    Sales then replyed: -"NO WAY!! They want it next week! How hard is it? It's just the <put generic element here>!!!".

    Engineering management went with sales and everything from there is downhill...

    The bad management thing is not that engineering management should have sided with engineering. The problem was the SECOND customisation.

    Of course, this is just theoretical, as the software could been developed from the beginning to be customised and they just wanted it done quickly.

    ( captcha : atari - LOTS of fond memories!!! )

  • Geoff (unregistered) in reply to erKURITA
    Comment held for moderation.
  • cmccorvey (cs) in reply to KattMan
    KattMan:
    cmccorvey:
    KattMan:
    This isn't a WTF, this is an OMFG!

    I've worked for a document management company and aside from the custom issues the log-in process would have been caught by our clients in a heartbeat. and if it weren't fixed in 72 hours or less we would have been fined and the customer would have left.

    I just hope these guys are not dealing with banking and or medical documents, Europe is even more strict about privacy then the US.

    Perhaps I missed something, but I don't think the idiotic use of customer number as serial number and the ability to use some other client's number poses any kind of privacy issue. So you could see how XYZ, Ltd sees the world (their customization) but not what XYZ, Ltd put in their document repository.

    If that were the case this would be a monumental WTF.

    It is if you think about that customer number being used as part of a query into their database. Change customer numbers, change the look and the data returned.

    I mean seriously, how is the system supposed to know who is asking for the data so they know who's data to pull other than by customer number?

    And before you say it, security could be broken with this. Log in with your user name and password under your customer number, the system then sees you as a valid user, THEN change the customer number. Not sure if this is really happening, but with this type of customization I wouldn't be surprised.

    Hmmm... I didn't see where the system was described as having a single shared database open to such abuses.

  • Andy (unregistered) in reply to tharfagreinir

    Yes, this is a successful company.

    We tend to forget that our success is based on the code working and bringing in more revenue that it took us to write it. Perfectly designed code that fits all the "correct" design patterns without bugs is still a failure if it doesn't turen a profit.

    And I have to live with code where every little thing is defined in the config file. It makes the code harder to maintain and understand.

    Captcha: pirates. Arrrrrrr!

  • stevekj (cs) in reply to snoofle
    snoofle:
    So the logical next step is to eliminate the data repository (and all those pesky database / file system hits) and just hard code the documents themselves right into the app as byte[]'s. What performance!

    Perhaps you are thinking of The Storray Engine!

  • Sai (unregistered)

    captcha test not working?? A wtf for the daily wtf!

  • grumble (unregistered) in reply to So.....
    So.....:
    ... and so charged huge ammounts for very little work. Those were the days...

    These ARE those days.

    I have a vendor charging my company for 2 man months of development work for some customisation of their product that I have already done in one week. They just refuse to support what I've done.

    Then there is the vendor who charged 20k for an add-on product to manage configuration of their application. The config was in a SQL DB that we could have directly modified, we just weren't allowed under threat of contract violation.

    I have solved the age old problem.

    1. write (or buy) a reasonable product
    2. entice people to buy it
    3. charge enormously disproportionate amounts to add functionality that should exist out of the box or for minor customisations.
    4. profit.
  • webdev101 (unregistered) in reply to anon
    anon:
    Names for for suckers:
    Anonymous:
    The company I work for outsourced some development. Reviewing the code, I found code where it was doing an if statement based on the result of a string comparison to the text value of a Label object.
    That's not necessarily a bad thing though - I've seen that done before when the text on labels is changed based upon what action the user is preforming. Granted you are taking a performance hit than if you just had a flag variable, but nothing too signification for an office application.

    Yeah, that works great when the application is internationalized as well. :)

    not all apps require internationalization.

  • Anonymous (unregistered)

    Since when are we making distinction between the elite (1337) and the rest of the newbies (n00bs) in document management?

  • webdev101 (unregistered) in reply to Fredric
    Fredric:
    This probably started out with just one customer wanting something different. And instead of immediately doing it in a clean way, they opted for the unclean but fast way.

    Later more and more requests came and they kept on doing it this way.

    Now they probably have so many customization all over the code, that cleaning it up would be a huge task.

    This just shows that you should always do it in a clean way from the start, 'cause most likely you won't clean it up afterwards and just keep on adding to the mess!

    some times it is not posible to justify days of work it needs to modify the system through out to use config file for each thing when the client just wants background color changed for one screen and so developer is forced to give result in minutes in which case the fastest (not the best) solution is implemented.

    I am not saying that is a good thing but I can see what the developer may be going through that time. (Not all company allow developer to express themself.) - According to my past experiance.

  • Patrick (unregistered) in reply to Cyrus
    Cyrus:
    Parsing config files is for chumps, real men hard code everything right into the code.

    "Why's the exe 3 GB?"

    Because you touch yourself at night!

  • Zylon (unregistered) in reply to Sai
    Sai:
    captcha test not working?? A wtf for the daily wtf!
    It's only supposed to keep out bots, not idiots.
  • grumble (unregistered) in reply to Zylon
    Zylon:
    Sai:
    captcha test not working?? A wtf for the daily wtf!
    It's only supposed to keep out bots, not idiots.

    I vote this the best post of 2007!

    captcah: poindexter. Poindexter?! WTF!?

  • Look at me! I'm on the internets! (unregistered)

    It would make more sense to offer the clients different coloured gels to put over their monitor to change background colour.

  • webdev101 (unregistered) in reply to Leo
    Leo:
    I'm in a similar situation right now. And this WTF smells like bad management. It probably started as big client that required some SLIGHT modifications.

    Engineering said: -"It'll take a whole month to re-write the code so we can use configuration files/dialogs/whatever to enable/disable the customisations."

    Sales then replyed: -"NO WAY!! They want it next week! How hard is it? It's just the <put generic element here>!!!".

    Engineering management went with sales and everything from there is downhill...

    The bad management thing is not that engineering management should have sided with engineering. The problem was the SECOND customisation.

    Of course, this is just theoretical, as the software could been developed from the beginning to be customised and they just wanted it done quickly.

    ( captcha : atari - LOTS of fond memories!!! )

    Even in software industry there are two entities (software engineer and sales-finance management). If the programmer wants to write the code the right way but the sales and finance dept. are not ready to fund the "right way" programmer is not going to come up with the time and money required for the change. This is worst when you work in software house and the sales-finance dept and the BIG guy are all non technical. Add one programmer who is ready to lick the A** of management and you got this type of code all over the place.

    Captcha: burned (I have been! By a company like this)

  • Pig Hogger (unregistered)

    This is a brilliant demonstration of the fact that the whole world of business is solely based on customer ignorance.

    Captcha: "digdug".

  • snoofle (cs) in reply to stevekj
    stevekj:
    snoofle:
    So the logical next step is to eliminate the data repository (and all those pesky database / file system hits) and just hard code the documents themselves right into the app as byte[]'s. What performance!

    Perhaps you are thinking of The Storray Engine!

    Actually, I was...

Leave a comment on “Configuration Made Easy”

Log In or post as a guest

Replying to comment #:

« Return to Article