- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
The mind boggles.
This is really a huge, successful company?
Faith in humanity ... falling.
Admin
Parsing config files is for chumps, real men hard code everything right into the code.
"Why's the exe 3 GB?"
Admin
This isn't a WTF, this is an OMFG!
I've worked for a document management company and aside from the custom issues the log-in process would have been caught by our clients in a heartbeat. and if it weren't fixed in 72 hours or less we would have been fined and the customer would have left.
I just hope these guys are not dealing with banking and or medical documents, Europe is even more strict about privacy then the US.
Admin
^_^
Admin
I wonder if the guys at Ektron (a cms / document management product) are going to be pleased that their cms400 product is being advertised inside this story on the home page???
Admin
What they should have done is obsfucate the configuration so that they can easily change the config for a client, but not let the client do it themselves, therefore protecting the £££'s. I did something similar once where whe have an automatic form generator that is driven by the data model, we just never gave them the toolkit to change it and so charged huge ammounts for very little work. Those were the days...
Admin
This is what you get when you outsource.
The company I work for outsourced some development. Reviewing the code, I found code where it was doing an if statement based on the result of a string comparison to the text value of a Label object.
We've since re-written about 95% of everything the outsourcing effort produced.
Admin
Perhaps I missed something, but I don't think the idiotic use of customer number as serial number and the ability to use some other client's number poses any kind of privacy issue. So you could see how XYZ, Ltd sees the world (their customization) but not what XYZ, Ltd put in their document repository.
If that were the case this would be a monumental WTF.
Admin
If the company in the above article wanted to do things the "right" way they should have just encrypted the configuration files for each customer so that they couldn't change them themselves - however, odds are the company didn't intend for this to ever happen and they never intended the application to be customizable.
Captcha - Quake, fun game.
Admin
Isn't this how all software is written?
Admin
Yeah, that works great when the application is internationalized as well. :)
Admin
Hehe what a way to take care of your 'leet customers
Admin
Howdy!
The DMS company must has balls, big balls to charge customers for simple changes like that.
I would even say that they have balls as big as baseballs.
Admin
Nice Client Branding solution, I've seen similar in action.
Admin
This probably started out with just one customer wanting something different. And instead of immediately doing it in a clean way, they opted for the unclean but fast way.
Later more and more requests came and they kept on doing it this way.
Now they probably have so many customization all over the code, that cleaning it up would be a huge task.
This just shows that you should always do it in a clean way from the start, 'cause most likely you won't clean it up afterwards and just keep on adding to the mess!
Admin
WTF. That's what business rules are...
Admin
Software customisation can be a real pain in the ass. You make an application with a nice, tight, well designed code. Then the customers start asking some idiotic changes and "one-off" (we want the logo of our company here, i don't like that color, i don't like the way x work it should work like y,...).
Of course you never have the time to make the customisation correctly because you're told "How hard could it be? It's a 5 minuts job and it won't affect your current schedule". Instead of making the correct fix by changing the structure of the application you end up adding dirty hacks that will be corrected later (read never). Your neat code slowly turn into a big pile of mud. Add on top of that, that each customer has a different version of the application running AND they all work slightly differently due to the customisations and you end up with a lot of fun.
Of course the way it's been done in this wtf is the worst you could ever think of.
Hints if you ever find yourself in this situation : -Never ever make multiple versions of the code base for different customers or for different version (light, pro, ultimate). -Any modification you make for a customer must show up in the main branch of the source control. (Even if it's something no other customer will ever use). -When you visit a customer always do an update of the application. -Don't let your customer/salesman think it's easy and harmless to do a customistion. Unfortunately companies here in europe like to adapt software to their minutest need.
Admin
So the logical next step is to eliminate the data repository (and all those pesky database / file system hits) and just hard code the documents themselves right into the app as byte[]'s. What performance!
Admin
Admin
The lack of configuration files or extern files that could provide info without hard-codding it, is a lesser WTF.
The main WTF is programming companies that lacks of pride when it comes to doing what their clients want. I mean, paying for a feature only THAT PERSON is going to use? I'd either ask an horrorful and huge ammount of money (not that much...) or just say no.
Say, one day the US Goverment decides to use the Pink as their color for everything, and they also want their software with pink themes. Will Micro$oft add (more) useless code to its current (useless) code, just to satisfy an organization will? I highly doubt it sir.
But still, no "Options" button? WTF?
Admin
I love Frobozz Inc.'s products. They make especially nice magic wands. Ferment!
Admin
We had a similar situation in our code. Over the years it spread everywhere, and there was even code checking for customer id's who had stopped using our software years ago.
We also had situations where if a customer wanted the same functionality as someone else, then instead of changing the software, they temporarily changed their customer id instead! (Sometimes on a per-user basis by pointing them to a different config file.)
Eventually it got so silly that we saw the light and have since gone though most of the code to change it to use configurable settings instead.
Admin
There are many software houses that specialize in niche (vertical) markets where there are not many clients, and off-the-shelf software is too generic to perform the required task. In this case the only money they make is supporting the software and putting in bespoke changes. Yes it generally is a huge amount of money, but such companies are willing to pay for it if it gives them an edge over their competitors. (And if winning a large contract means changing the background colour to pink, then the background colour will be changed to pink!)
Admin
Shush! (Yes)
Admin
Hmmm the test does not work, a true WTF!!!! Does all your apps have this level of security?
Admin
Hmmm the test does not work, a true WTF!!!! Does all your apps have this level of security?
Admin
I meant
Shush! (Yes)
Admin
No, I bet some rely in cookie being set to "Admin=0" :)
Admin
Anyone find it odd that the customer id for the customization is 'Leet' i.e. 1337?
Admin
hence the bug number...
Admin
It is if you think about that customer number being used as part of a query into their database. Change customer numbers, change the look and the data returned.
I mean seriously, how is the system supposed to know who is asking for the data so they know who's data to pull other than by customer number?
And before you say it, security could be broken with this. Log in with your user name and password under your customer number, the system then sees you as a valid user, THEN change the customer number. Not sure if this is really happening, but with this type of customization I wouldn't be surprised.
Admin
No. We use #ifdef instead.
Admin
Amen, brother. Unfortunately, the PHB frequently gets in the way of common sense approaches like that. Then they scream bloody murder when development costs spiral out of control. Asshats.
Admin
I'm in a similar situation right now. And this WTF smells like bad management. It probably started as big client that required some SLIGHT modifications.
Engineering said: -"It'll take a whole month to re-write the code so we can use configuration files/dialogs/whatever to enable/disable the customisations."
Sales then replyed: -"NO WAY!! They want it next week! How hard is it? It's just the <put generic element here>!!!".
Engineering management went with sales and everything from there is downhill...
The bad management thing is not that engineering management should have sided with engineering. The problem was the SECOND customisation.
Of course, this is just theoretical, as the software could been developed from the beginning to be customised and they just wanted it done quickly.
( captcha : atari - LOTS of fond memories!!! )
Admin
Windows XP Home Edition (includes):
Windows XP Professional Edition (includes):
Windows Vista Home (includes):
Windows Vista Business (includes):
Source: http://www.dmxzone.com/ShowDetail.asp?NewsId=10909
And of course there's also Windows 2003 Server. A general purpose Server OS isn't enough, of course.
Windows 2003 Server (includes):
Source: http://en.wikipedia.org/wiki/Windows_Server_2003
(The links are from quick google searches.)
That's excluding all the x64 versions I didn't mention.
Admin
Hmmm... I didn't see where the system was described as having a single shared database open to such abuses.
Admin
Yes, this is a successful company.
We tend to forget that our success is based on the code working and bringing in more revenue that it took us to write it. Perfectly designed code that fits all the "correct" design patterns without bugs is still a failure if it doesn't turen a profit.
And I have to live with code where every little thing is defined in the config file. It makes the code harder to maintain and understand.
Captcha: pirates. Arrrrrrr!
Admin
Perhaps you are thinking of The Storray Engine!
Admin
captcha test not working?? A wtf for the daily wtf!
Admin
These ARE those days.
I have a vendor charging my company for 2 man months of development work for some customisation of their product that I have already done in one week. They just refuse to support what I've done.
Then there is the vendor who charged 20k for an add-on product to manage configuration of their application. The config was in a SQL DB that we could have directly modified, we just weren't allowed under threat of contract violation.
I have solved the age old problem.
Admin
not all apps require internationalization.
Admin
Since when are we making distinction between the elite (1337) and the rest of the newbies (n00bs) in document management?
Admin
some times it is not posible to justify days of work it needs to modify the system through out to use config file for each thing when the client just wants background color changed for one screen and so developer is forced to give result in minutes in which case the fastest (not the best) solution is implemented.
I am not saying that is a good thing but I can see what the developer may be going through that time. (Not all company allow developer to express themself.) - According to my past experiance.
Admin
Because you touch yourself at night!
Admin
Admin
I vote this the best post of 2007!
captcah: poindexter. Poindexter?! WTF!?
Admin
It would make more sense to offer the clients different coloured gels to put over their monitor to change background colour.
Admin
Even in software industry there are two entities (software engineer and sales-finance management). If the programmer wants to write the code the right way but the sales and finance dept. are not ready to fund the "right way" programmer is not going to come up with the time and money required for the change. This is worst when you work in software house and the sales-finance dept and the BIG guy are all non technical. Add one programmer who is ready to lick the A** of management and you got this type of code all over the place.
Captcha: burned (I have been! By a company like this)
Admin
This is a brilliant demonstration of the fact that the whole world of business is solely based on customer ignorance.
Captcha: "digdug".
Admin