- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
It takes experience and a unique thought pattern to use a relational database engine for flat storage.
CAPTCHA: Lateratus - thinking inside the server-box
Admin
Oh come on, everyone knows the real WTF is using Oracle.
Although I suppose the screenshot of Oracle SQLDeveloper could have been part of Alex's anonymization.
Admin
So... what's with the terms starting in March? Where'd those come from?
Admin
Maybe there are too many records in each table, so they have optimized the performance.
Admin
What application is that in the screenshot?
Admin
SQL Developer
Surely this has to TRWTF? Also, do you mean the first digit denotes the century, or the millennium, neither really makes any sense, of course, but just out of curiosity...
Admin
As per powerlord's comment, that's Oracle's SQLDeveloper. A free download from Oracle. You can also connect to MS-SQL and other databases.
Admin
[quote] The first digit denotes the century (2 for the 21st century) [\quote]
The 21st century includes all years of the form 2_?
Addendum (2010-07-12 10:59): God damn, I suck at BBCode.
Admin
Makes perfect sense. Classes in the 20th century started with 1. Classes in the 21st start with 2. So a fall class schedule in 1999 would be 1 99 9. A spring class schedule in 2007 would be 2 07 1.
Admin
[quote]The first digit denotes the century (2 for the 21st century), the second and third digits are the specific year (08 for 2008, 09 for 2009, and so on) and the last digit denotes the month the term begins[/quote]
Surely this has to TRWTF? Also, do you mean the first digit denotes the century, or the millennium, neither really makes any sense, of course, but just out of curiosity...[/quote]
It's not the worst numbering scheme I've ever seen... how would you have done it?
Admin
Yawn.
That's a boring, quite frequent pattern of misuse. Never mind the stupid semester ids, the twtf is not finding something worse like storing references to table names guarded by custom CHECKs.
Admin
I thought this explained Quest fairly well until I saw the term format was just slightly different.
Admin
I suppose it works. But TRWTF is making it confusing just to cut one digit from the storage when this same database is piling on tables.
Admin
There is no WTF in 281 tables - it's a way of creating "partitioned" tables in Oracle Standart Edition. Enterprise Edition with partitioning option is expensive.
Table naming is a bit strange, but...
Admin
Perhaps the reason is because it cuts one character from the table name, not from the data.
Admin
Wheres the wooden table and the XML, I certainly am not sending my kids to this school if they don't use best practices!
Admin
I think he means TRWTF is that students enter some dopey, cryptic number instead of simply selecting a year and term from a drop down, or even typing in the year and 'fall' (or a numeric month) if it, for some silly reason, happens to be a text-only search screen.
Admin
Admin
[quote user="ThomasP"][quote]The first digit denotes the century (2 for the 21st century), the second and third digits are the specific year (08 for 2008, 09 for 2009, and so on) and the last digit denotes the month the term begins[/quote]
Surely this has to TRWTF? Also, do you mean the first digit denotes the century, or the millennium, neither really makes any sense, of course, but just out of curiosity...[/quote]
It's not the worst numbering scheme I've ever seen... how would you have done it?[/quote]
I agree, it's not the worst. I wouldn't have done it that way, but my hunch is that it's a holdover numbering scheme from a legacy system.
Admin
I agree, it's not the worst. I wouldn't have done it that way, but my hunch is that it's a holdover numbering scheme from a legacy system.
Admin
Quarter system, dude.
Mid Sept - Mid Dec Jan - March April - June
and then something in the summer that I don't know because I never took summer classes at a UC.
Admin
It's only a WTF to tell students that the 4-digit code means those things. As long as they enter a number and get a course name confirmation, it works fine.
Back in 1994, my university created a touch-tone phone automated course sign-up. Students used a four or five digit course number to enroll via the phone's numeric keypad. The system responded with a voice recording. That was way better than waiting in lines!
Admin
Quit getting fancy with the first three digits. They're obviously year - 1800. This probably dates from long ago when saving a character made sense.
Admin
Wait. According to that description they should have 3 tables per year (x2 because there are hours and data tables). With 281 tables that comes to 43 years. 2010-1968? I doubt it. So according to what magic criteria did they break them down further?
Admin
That numbering system seems suspiciously similar to the one at my University.
"C - the Century D - the Decade Y - the Year [1,4,7] - the semester: 1=Spring, 4=Summer, 7=Fall
In the ____ system, the Centuries started with the number 0, which was equated to 1900. The Century 2000 is thus equal to 1."
Current reg code for the upcoming fall is 1107. But after my first two semesters someone grew a brain and did put drop boxes for most places where the system wants to know this.
Can't say anything about underlying DB but considering its speed at peak time it would not surprise me.
Admin
Reporting should be fun with this database schema.
Admin
Quest was my first thought, too. It'd explain so much.
I wonder if the discrepancy in the term format is just due to the changes made for the write-up to protect the system's anonymity.
Admin
Our university was using PeopleSoft, which had a DB Schema very similar to this. I think they were using MsSQL though. I believe the schema wasn't necessarily defined by PeopleSoft, but by the consultants who implemented PeopleSoft on their servers. PeopleSoft is still a big wtf, though.
Admin
Used one more character and stored a full four-digit year. In fact, I was creating data formats of that sort as early as 1981, on my Apple II, anticipating the Y2K issue almost two decades in advance. Actually, by 2000 I no longer had any working hardware capable of reading my old Apple 5.25" disks, but the principle was reasonable.
Admin
███████ works when ████ and ████████ but really ████████.
The censorship in this article made about as much sense as on the recent South Park.
Admin
Confirming the horrors of peoplesoft which was just rolled out at my university.
Admin
Hey, that looks like my university!
Not that I think it really is my university. Rather, I think the CIOs all play a game of "try to make sure we suck as bad as the others". U of X goes OraKill, we go OraKill! U of Y adds PeopleShaft, we add PeopleShaft.
And as for the semester numbering, I think the lesson they learned from Y2K was let's make our date routines even more cryptic so we need to hire more consultants next time, even though we're only saving a byte now instead of two.
Admin
Tell me about it. It's probably a bad thing that my first thought when the semester numbering above was explained was "Well, at least there exists some explicable algorithm for figuring out the semester ID".
I'm not sure, but my running theory is that U. Waterloo uses 'Months since first term (ever)' as a semester id. Oh boy.
Judging by performance, I expect Quest's back-end makes this look like the pinnacle of best practices.
Admin
It's not as WTF as those deranged systems where the day comes before the month.
Admin
I'm surprised no one has yet mentioned the huge SQL injection vuln here: any and all queries are probably created dynamically.
Anybody want an A+ in their algos class? :)
captcha: consequat - not even gonna go near that one
Admin
Give the people some credit. At least you couldn't read the original by looking at the page source. That is something...
Admin
Mine solved the "cryptic term number" problem by not running any course more than once a year and not allowing students to register for courses more than a year in advance. It seems to work well enough.
Admin
Our institution uses GradPro. While it has many WTFs (Access? Really?), the one thing I do kind of like is that the quarter ID is simply the four digit year followed by 1-4 to denote the quarter of that year like so: 20101 = winter, 20103 = summer, etc. Simple enough.
By the by, anybody use Populi? Any serious WTFs? We're looking at moving to their system and I would love to know about any potential issues.
Admin
Why do our databases need to have any columns in the tables at all? Just string all the data together to make the table name, and have one table per logical row!
Admin
Did you vote OBummer or McPain for PresiDon't of Amerikkka 2008?
Silly me, you're not old enough to vote yet, are you?
Admin
As has been said, it's not for storage but because it's also user-facing (at the very least, to admins, but sadly, usually to students as well). It's really not that difficult if you also remember that the 1/6/9 is probably because their terms start in January/June/September.
It's really quite simple to translate, say, September 2029 into 2299. The century may be confusing but how often do you expect students to have to remember, oh wait...is it next century or this century? Just remember that all terms start with 2 and ignore the digit.
Admin
Admin
Dynamic queries don't create a SQL injection vulnerability, unsanitized user input does. There's no reason to think that they don't fully sanitize the term when it comes from the user, if it comes from the user.
Admin
Ever heard of the term canonicalization? Unless they're using prepared statements or stored procs (impossible in this scenario), the possibility of SQLi is there... The problem is that there is no separation of data and code (ergo, SQL injection).
EDIT: I spoke too soon, unless they're using a VERY restrictive white-list (aka "known good") validation.
Admin
Admin
Oh, and you're right, dynamic queries (on their own) don't create SQLi vulns, but they sure as hell open the door, and force the attacker to be a bit more creative with their attacks.
Admin
Admin
You're right, it's just that "solutions" like this always rub me the wrong way... If you have to jump through some serious, clumsy, and awkward hoops, you're doing it wrong. Doing junk like this (and even this kind of denormalization is very wrong as pointed out by many other posters) is for data warehousing scenarios, not for a living application that's sitting on top of it, IMHO.
Admin
Having "2" for the 21st century may be a holdover to when the university was founded. They might have used "0" for the century the university was founded (in the 1800's), and "1" for last century (1900's). It is as good a system as any. The real problem is only having a single digit for the "month term starts". That rules out October, November, and December (not that any term begins on those months).
Maybe they should use letters to determine the month starting of the term. Then they could use sane letters (A-Jan, B-Feb, ... K-Nov, L-Dec). While I don't remember the letters used for futures trading (it is the last letter of the contract ticker symbol) they bear no sane relation to the month. They use TWO different sets so the contracts can be almost 24 months in the future (but they rarely are!). Crazy!!
Admin
We're just moving off of a precursor of Banner onto PeopleSoft, but they way it worked in the old system was "YYYYt" where the "YYYY" was the year, and the "t" was the term, specifically:
2=Spring 3=1st Summer Session 4=2nd Summer Session 9=Fall
So 20104 is the 2nd Summer Session of 2010. Not crazy, but not exactly sane either. At least it sorts.