• Wabid Wabbit (unregistered)

    It's been a while since I worked in classic ASP, but this looks like it's just straight classic ASP to me. Nothing .NETy about it at all. Perhaps the function was just imported as-is as part of a larger app and maybe the mandate was just to make minimal changes to keep some app running? Classic ASP predates .NET and in the first years, there were no libraries at all for handling these types of security issues.

    Not saying the code is a gem, its a pig, but I think that the WTF being predicated upon the fact that there are libraries to handle security concerns may be incorrect, because there weren't any back in the day.

  • (cs) in reply to herby
    herby:
    Evan:
    "A quick and easy way to generate WTF code is to find some deceptively simple problem that’s been well solved, and reimplement a naive solution to the problem.

    Here's my puzzle contribution, which I think I posted to the forums a few years ago. Write the body of the following function:

    // Returns the average of 'a' and 'b' if it is a whole 
    // number. If the average is not a whole number, then return
    // either of the two closest integers. (For example, you 
    // might use this in a binary search where all you need to 
    // do is get "about" in the middle.)
    int average(int a, int b) {
      return ((a/2) + (b/2) + (a&b&1));
    }

    FTFY

    Won't work in a platform independent manner and can have trouble with various signed integer representations and taking the average in the range of negative numbers.

    I remember the old thread. It was orginally posed as an exercise in WTFery; trying to find as contrived a way as possible to implement a common code pattern and hide a subtle bug inside it.

    The discussion eventually stumbled into bugs relating to platform (in)dependence and I ended up posting an actual working platform independent solution.

    int average(int a, int b)
    {
      if(a == b) return a;
    
      if(a > b) return avg(b, a);
    
      while(1)
      {
        a++;
        if (a == b)
        {
          int mod = (b < 0) ? -b : b;
          return (mod % 2 == 0) ? b : a-1;
        }
    
        b--;
    
        if (a == b) 
          return a;
      }
    }

    It's a nice little theoretical puzzle, but not something I'd ever want to put into production. ;)

  • (cs)

    Some days I don't get VB.

  • (cs) in reply to Evan
    Evan:
    pjt33:
    Nutster:
    TRWTF is in C#; you must put a "break" or "return" at the end of each case of a switch statement.
    Or a "goto case": case fallthrough is supported, but must be explicit, which is the way it should be. Requiring that the programmer's intention be made explicit is a good thing in any project long-lived enough to require maintenance.
    I thought they also allowed "continue"
    From the docs: "The continue statement passes control to the next iteration of the enclosing while, do, for, or foreach statement in which it appears."

    It has nothing to do with switch statements.

  • foxyshadis (unregistered) in reply to Deanis
    Deanis:
    Pete:
    Completely by accident, I found the source of the 'decode' part today:

    http://www.devx.com/vb2themax/Tip/19163

    It's almost OK when the WTF is internal, but when you find it while looking for genuine help it's a little scary...

    Written for VB4-VB6 (and VBS) in 2001. So I have no problem with the original code. The real WTF is that someone blindly copied-and-pasted it into a VB.NET project without checking for something newer and better. Likely a straight upgrade project.

    You have no problem with code that is both wrong and incomplete? Even if it was correct, this would still be an idiotic first-year student's implementation; I still have nightmares of VB6 but it could have been done far more efficiently.

    Just because it's only meant to be used for one-liners doesn't mean it won't end up used for whole documents, at which point it'll take forever to run.

  • Snoofle (unregistered)

    Fuck this shitty website and fuck the fucking bitches that run it.

  • Paul Neumann (unregistered) in reply to Nutster
    Nutster:
    ObiWayneKenobi:
    I didn't think VB.NET still allowed the "name as return value", I thought they required Return since like 2.0 (maybe even since the first version).
    While the "return x" method was introduced a while ago, the VB4-6 mechanism of "FuncName = x" still works. Either can be used, but you will likely confuse yourself and others if your try to use both mechanisms in the same function.
    For bonus points consider the following:
    1  Function MyFunction As String
    2      MyFunction = "true"
    3      Return "false"
    4  End Function 'MyFunction
  • Paul Neumann (unregistered) in reply to Ragnax
    Ragnax:
    "A quick and easy way to generate WTF code is to find some deceptively simple problem that’s been well solved, and reimplement a naive solution to the problem.

    Here's my puzzle contribution, which I think I posted to the forums a few years ago. Write the body of the following function:

    // Returns the average of 'a' and 'b' if it is a whole 
    // number. If the average is not a whole number, then return
    // either of the two closest integers. (For example, you 
    // might use this in a binary search where all you need to 
    // do is get "about" in the middle.)
    int average(int a, int b) {
    }
    1  Function NearAverage(a As Integer, b As Integer) As Integer
    

    2 NearAverage = a - ((a - b) / 2) 3 End Function 'NearAverage

  • (cs) in reply to Deanis
    Deanis:
    Written for VB4-VB6 (and VBS) in 2001. So I have no problem with the original code. The real WTF is that someone blindly copied-and-pasted it into a VB.NET project without checking for something newer and better. Likely a straight upgrade project.

    The other issue is that if you find something newer and better, chances are, it works differently. They change it to use HtmlEncode and HtmlDecode, and the resulting behavior is different. PHBs will panic:

    "There's a line break where the line break should be instead of those crazy characters! Will this display correctly?!?!"

  • ANON (unregistered) in reply to Ragnax

    I think that would work:

    int avg(int a, int b) { return (a >> 1) + (b >> 1) + ((a|b) & 0x1); }

  • foo (unregistered) in reply to Paul Neumann
    Paul Neumann:
    Ragnax:
    "A quick and easy way to generate WTF code is to find some deceptively simple problem that’s been well solved, and reimplement a naive solution to the problem.

    Here's my puzzle contribution, which I think I posted to the forums a few years ago. Write the body of the following function:

    // Returns the average of 'a' and 'b' if it is a whole 
    // number. If the average is not a whole number, then return
    // either of the two closest integers. (For example, you 
    // might use this in a binary search where all you need to 
    // do is get "about" in the middle.)
    int average(int a, int b) {
    }
    1  Function NearAverage(a As Integer, b As Integer) As Integer
    

    2 NearAverage = a - ((a - b) / 2) 3 End Function 'NearAverage

    Nope, a-b might overflow if a is large positive and b is large negative (or vice versa). At least in the language required by the OP. If your language uses bignum or something, it might work, but then the naive version will also work.

  • Fernando (unregistered) in reply to foo
    foo:
    RFoxmich:
    Function names as return values...hey Fortran did that frist.
    And then Pascal, which is probably what VB stole it from.
    The original Dartmouth BASIC did this four years before Wirth designed Pascal.
  • (cs) in reply to ANON
    ANON:
    I think that would work:

    int avg(int a, int b) { return (a >> 1) + (b >> 1) + ((a|b) & 0x1); }

    Depends on big vs little endian and internal bitwise numerical representation.

  • (cs) in reply to Paul Neumann
    Paul Neumann:
    Ragnax:
    "A quick and easy way to generate WTF code is to find some deceptively simple problem that’s been well solved, and reimplement a naive solution to the problem.

    Uh yeah; I kind of never posted that? Evan did. Please learn to quote properly...

  • foo (unregistered) in reply to Ragnax
    Ragnax:
    ANON:
    I think that would work:

    int avg(int a, int b) { return (a >> 1) + (b >> 1) + ((a|b) & 0x1); }

    Depends on big vs little endian and internal bitwise numerical representation.

    Nope, nothing about endianness here.

    I suppose you think because big/little endian numbers can be seen as being written from left to right/right to left, left/right shifts would depend on that, but no.

  • Norman Diamond (unregistered) in reply to Deanis
    Deanis:
    Pete:
    Completely by accident, I found the source of the 'decode' part today:

    http://www.devx.com/vb2themax/Tip/19163

    It's almost OK when the WTF is internal, but when you find it while looking for genuine help it's a little scary...

    Written for VB4-VB6 (and VBS) in 2001. So I have no problem with the original code.
    The original code was already a WTF in 2001. Everyone screws up sometimes. Everyone needs to have their code reviewed in a walkthrough. No exceptions. Not even if you're one of the most famous VB programmers in the world.

  • noland (unregistered) in reply to Fernando
    Fernando:
    foo:
    RFoxmich:
    Function names as return values...hey Fortran did that frist.
    And then Pascal, which is probably what VB stole it from.
    The original Dartmouth BASIC did this four years before Wirth designed Pascal.
    And the winner is ... Algol!

    From the Revised Report on the Algorithmic Language Algol 60: "5.4.4. Values of function designators. For a procedure declaration to define the value of a function designator there must, within the procedure declaration body, occur one or more explicit assignment statements with the procedure identifier in a left part; at least one of these must be executed, and the type associated with the procedure identifier must be declared through the appearance of a type declarator as the very first symbol of the procedure declaration. The last value so assigned is used to continue the evaluation of the expression in which the function designator occurs. Any occurrence of the procedure identifier within the body of the procedure other than in a left part in an assignment statement denotes activation of the procedure." http://www.masswerk.at/algol60/report.htm#5_4_4

  • Herpderp (unregistered) in reply to Muphry
    Muphry:
    Ross Presser:
    Ross Presser:
    looking up the behavior

    Aw, crap.

    Classic!

    Clbuttic you mean?

  • Norman Diamond (unregistered) in reply to noland
    noland:
    Fernando:
    foo:
    RFoxmich:
    Function names as return values...hey Fortran did that frist.
    And then Pascal, which is probably what VB stole it from.
    The original Dartmouth BASIC did this four years before Wirth designed Pascal.
    And the winner is ... Algol!

    From the Revised Report on the Algorithmic Language Algol 60: "5.4.4. Values of function designators. For a procedure declaration to define the value of a function designator there must, within the procedure declaration body, occur one or more explicit assignment statements with the procedure identifier in a left part; at least one of these must be executed, and the type associated with the procedure identifier must be declared through the appearance of a type declarator as the very first symbol of the procedure declaration. The last value so assigned is used to continue the evaluation of the expression in which the function designator occurs. Any occurrence of the procedure identifier within the body of the procedure other than in a left part in an assignment statement denotes activation of the procedure." http://www.masswerk.at/algol60/report.htm#5_4_4

    Fortran had it before Algol. Around 1958.

  • Noland (unregistered) in reply to Norman Diamond
    Norman Diamond:
    noland:
    Fernando:
    foo:
    RFoxmich:
    Function names as return values...hey Fortran did that frist.
    And then Pascal, which is probably what VB stole it from.
    The original Dartmouth BASIC did this four years before Wirth designed Pascal.
    And the winner is ... Algol!

    From the Revised Report on the Algorithmic Language Algol 60: "5.4.4. Values of function designators. For a procedure declaration to define the value of a function designator there must, within the procedure declaration body, occur one or more explicit assignment statements with the procedure identifier in a left part; at least one of these must be executed, and the type associated with the procedure identifier must be declared through the appearance of a type declarator as the very first symbol of the procedure declaration. The last value so assigned is used to continue the evaluation of the expression in which the function designator occurs. Any occurrence of the procedure identifier within the body of the procedure other than in a left part in an assignment statement denotes activation of the procedure." http://www.masswerk.at/algol60/report.htm#5_4_4

    Fortran had it before Algol. Around 1958.
    That's right! But Algol was highly influential for other languages. (Pascal was designed as a flavor of Algol for teaching, most block constructs, compound syntax, and procedures/functions in other languages are derived from Algol.) You could say, Fortran was first, but Algol is the common ancister.

  • Evan (unregistered) in reply to ANON
    ANON:
    I think that would work:

    int avg(int a, int b) { return (a >> 1) + (b >> 1) + ((a|b) & 0x1); }

    That's one of my favorite answers practically speaking because it's fast, branch free, and fairly easy to see, but it's not guaranteed to work: the C (I assume) and C++ standard leave it to the implementation whether >> on signed variables containing negative numbers perform a logical or arithmetic shift. (Section 5.8 para 3: "[In E1 >> E2] If E1 has a signed type and a negative value, the resulting value is implementation-defined.")

    Almost the only branch-free version I know of that is guaranteed to work by the standard is return a/2+(a%2+b%2)/2+b/2;. (The standard leaves unspecified whether -3/2 gives -1 or -2, and whether -3%2 gives 1 or -1, but they're required to be consistent: if -3/2 gives -1, then -3%2 gives -1. The above code, I think, works in either case.)

    Of course, this was motivated by a real binary search that I was doing, in which the following was my solution:

    int average(int a, int b) {
        STATIC_ASSERT(sizeof(long long) > sizeof(int));
        return (int)(((long long)a + b)/2);
    }

    but that answer is boring. :-)

  • Norman Diamond (unregistered) in reply to Evan
    Evan:
    Almost the only branch-free version I know of that is guaranteed to work by the standard is return a/2+(a%2+b%2)/2+b/2;. (The standard leaves unspecified whether -3/2 gives -1 or -2, and whether -3%2 gives 1 or -1, but they're required to be consistent: if -3/2 gives -1, then -3%2 gives -1. The above code, I think, works in either case.)
    I'm convinced.
    Evan:
    Of course, this was motivated by a real binary search that I was doing, in which the following was my solution:
    int average(int a, int b) {
        STATIC_ASSERT(sizeof(long long) > sizeof(int));
        return (int)(((long long)a + b)/2);
    }
    but that answer is boring. :-)
    And surely wrong.

    Does STATIC_ASSERT get compiled out in release builds like ordinary asserts do?

    if yes, you silently get wrong answers when long long is the same size as int

    if no, you get crashes when long long is the same size as int, and even though your rules allowed for noisy crashes, you didn't get your binary search working.

    (Besides which, the C standard allowed for long long to be shorter than int, though I didn't check to see if they fixed that. The range of integers that work in long long had to be at least as much as the range of integers that work in int, but int could have lots more unused bits so int could be longer than long long.)

  • Jonas (unregistered) in reply to inori

    Function HTMLDecode(ByVal html As String) As String Dim s as String

    s = 'A random string selected using a quantum process If html = HTMLEncode(s) Then HTMLDecode = s Else 'TODO: Destroy the universe End If End Function

    Imagine what happens if HTMLEncode is implemented the same way with reference to HTMLDecode >_<

  • abigo (unregistered) in reply to Norman Diamond
    Norman Diamond:
    Does STATIC_ASSERT get compiled out in release builds like ordinary asserts do?

    if yes, you silently get wrong answers when long long is the same size as int

    if no, you get crashes when long long is the same size as int, and even though your rules allowed for noisy crashes, you didn't get your binary search working.

    Someone clearly doesn't have the slightest clue what STATIC_ASSERT does, and yet still feels entitled to publicly judge other people's code that uses it....

  • Galane (unregistered)

    It's amazing how many web and internet applications still can't handle Unicode or UTF-8 codes or even HTML "friendly" codes.

    But what's even more WTF is why anything uses Unicode, UTF-8 or "friendly" codes for any of the characters in the standard Extended ASCII character set? There is no reason at all to do so. Nearly every language that uses "english" style characters has every character required present in Extended ASCII. One outlier is Norwegian which has but one or two characters not present in Extended ASCII.

    What would be a fun program is one that translates every character in a text file to UTF-8 encoding, with all the leading zeros. Why? To point out how much unnecessary bloat comes from using these encodings for characters that never need it.

  • (cs)

    I still resent the fact that C# requires a break even at the very end of the switch statement. That was totally not necessary.

  • Sadammad (unregistered)

    The meaning of a speedypaper reviews proposal merely suggests a paper containing a table of content; topics and subtopics that will be included later on in the paper. This brief overview will help the readers who are not well-versed with the topic to navigate through the paper effectively and read it to reflect upon their existing knowledge of the subject

  • Phil123321 (unregistered)
    Comment held for moderation.
  • Phil123321 (unregistered)
    Comment held for moderation.
  • GeraldDew (unregistered)
    Comment held for moderation.
  • alishakihn (unregistered)
    Comment held for moderation.
  • ppu-prof_Hag (unregistered)

    Забота о недвижимости - это забота о приятности. Тепловая обработка фасадов - это не только стильный внешний вид, но и обеспечение сохранения тепла в вашем уголке уюта. Профессионалы, коллектив экспертов, предлагаем вам переделать ваш дом в прекрасное место для жизни. Наши творческие решения - это не просто теплоизоляция, это творческий подхl

  • ppu-prof_Si (unregistered)
    Comment held for moderation.

Leave a comment on “Decode("&amp;#13;")”

Log In or post as a guest

Replying to comment #:

« Return to Article