- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
No, it's not. I suppose I should've called it an anti-pattern.
I wasn't attempting to defend that sort of code, but I've seen it more then once. There's usually also a 'debug' flag that is hardcoded into the app so that you need to recompile to move into production as well.
Admin
OK, the procedure is obviously not called DeleteAccount, but it was the guts of the procedure I was talking about. (Pay no attention to the man behind the curtain.)
Admin
The sort of testing done by people who use their production database as a development/testing database. That is to say, IDIOTS. :-)
Admin
I wonder if the confirm boolean initially gets set by some sort of user lookup. That way, the system could support read-only / non-serious users simply by setting their confirm flag to false.
Methinks that this brainchild was conceived by a developer who got promoted into management and then had the clout to make this "security feature" a corporate standard.
Admin
I'm sure that's because this site is misleadingly named by its author TDWTF instead of TDPnP.
Admin
If MsgBox("Are your intentions true?",vbYesNo) = vbYes Then
DeleteAccount(AccountNum, True)
Else
DeleteAccount(AccountNum, False)
End if
I don't know this would work for them, but it seems that if you're really serious, you should prompt the user to find out what they think.
Seriously!
Admin
While idiotic, I imagine the reasoning behind this went a little like this (I don't know vb, here's the C version):
#ifdef TEST_ON_LIVE_DATABASE_WITHOUT_DESTROYING_DATA
g_dryRun = 1;
#else
g_dryRun = 0;
#endif
DeleteAccount(account_id, !g_dryRun);
Admin
perv
Admin
What an obvious error - how can anyone claim to have >>an extra layer of conformation before doing "serious" things<< if there is only one confirmation required? Sure, we all know that the serious stuff needs at least two, preferably more confirmations: "are you sure" "are you really sure" "are you really really really really really sure" "if you proceed you'll lose important data, please click cancel unless you are definitely sure" etc.
In codeL
Admin
If I didn't want it to do anything, I probably just wouldn't call it. Damn wishy-washy invokers!
Admin
If this were a Java shop, the above code might look like this:
public void deleteAccount(String accountNum, paulaBean confirm)
{
if (paulaBean.getPaula() != "Brillant")
{
return;
}
...
}
Clearly you would want to optimize this WTF by replacing the literal Brillant with a static final String because it's faster.
:)
Admin
Sorry... Method should look like this:
public void deleteAccount(String accountNum, paulaBean confirm)
{
if (confirm.getPaula() != "Brillant")
{
return;
}
...
}
Admin
If confirm is not true or false, we should randomly choose between true or false, since there should be no bias!
Admin
Delete player account? Is this from some sort of MMORPG or MUD or something? And seriously, why the cast to int?
Admin
Randomly choosing adds a certain mystique to the subroutine. Did it do? Did it not? I just don't know. We'll have to wait for the TPS reports to find out for sure.
Admin
Wow, and here I was not bothering to call functions I didn't want to exeute in the first place! I hope I get a blog someday.
Admin
Why, it only makes sense that they pass in the correct result from the user graphical confirmation dialog:
==========
Do you really wish to delete this?
==========
Yes = True
No = False
Admin
Admin
Since all but 0 is true, maybe, that parm should be declared "bool bPleaseDoNot".
Sincerely,
Gene Wirchenko
Admin
"Of course my intentions are true. I want to list the account. What is wrong with you? You idiots in IT are always getting in the way. You turkeys probably think I want to delete the account or something."
Sincerely,
Gene Wirchenko
Admin
Admin
It would be really nice to go to sleep without comments about performance.
Admin
Unit Tests.
Admin
WTF, that so inefficient, imagine how many confirm booleans would be on the stack during an average run. This should obviously be a global boolean.
Admin
I'm pretty sure that's how they use the code, why though? doesn't take much more effort to work that one out. It's so that they don't accidentally forget to confirm the action.
I've seen the following a few times before
if(some statement);
DeleteSomethingImportant();
Of course this could be picked up by some automated process before warning the programmer but it does not guarrantee that a check was done at all.
Why not run the check in the actual procedure? Simple answer again. Separation of the GUI and backend. This might be run via a webinterface or by say a GM using another program.
Admin
And If you want to be 100% certain:
If not MsgBox("You have called a SERIOUS method. Are you sure you want to proceed?", MsgBoxStyle.OKCancel) = MsgBoxResult.OK ThenDim cmd As New ADODB.CommandExit Sub
With cmd
.ActiveConnection = getConn()
.CommandText = "DELETE_PLAYER_ACCOUNT" .Parameters.Append _ .CreateParameter("ACCOUNT_NUM", adChar, adParamInput, 8, AccountNum)
.Parameters.Append _
.CreateParameter("CONFIRM", adInteger, adParamInput, 4, CInt(Confirm))
.Parameters.Append _
.CreateParameter("DOUBLECHECK", adInteger, adParamInput, 4, CInt(DoubleCheck))
.Execute
End With End Sub
Admin
That has an unfair bias against proceeding. You should ask the user if they want to proceed 100 times and record the results. You should also randomly reverse the meaning of the question. This helps to weed out any bias from the user. Some might prefer clicking the right hand button more than the left. Users with submissive personalities may tend towards the Ok button biasing the results.
You can then use statistical analysis to determine if the user wants to proceed.
Admin
Actually, I think you've missed a crucial WTF there:
If MsgBox("Positive?", MsgBoxStyle.OKOnly) <> MsgBoxResult.Cancel Then
Dim cmd As New ADODB.Command
With cmd...
Admin
I really hate it when people do something like
"confirm <> True"
instead of writing simpler and clearer code like
"confirm = False"
Gosh...
Admin
I sure hope that was a joke... it should be "confirm == False"
Admin
This can be usefull if they want to train on the live system.
For example :
DeleteAccount(sMyAccountString, !oMyStaticConfigurationClass.IsTraining)
If the user is in training or simulation mode, the function will not execute the delete, but if the user is in normal usage mode, it will execute.They probably used this in stead of
If(oMyStaticConfigurationClass.IsTraining)
{
return;
}
else
{
DeleteAccount(sMyAccountString);
}
The best thing to do that would avoid all this code is to have the client have a test/training system that would not affect the production system.Mind you the extra system will not work if it is something like Office that you run on a single client, but from this I take it we all can understand what a possible reasoning behind their madness was.
Admin
Yes and the only time I've heard it either is in the Jargon file or people on slashdot trying to sound cool
Admin
not in VB :)
Admin
I think I have a valid reason for this code existing: It could have been auto-generated by some kind of interface builder, where you have to tell it to generate a method to run a stored procedure, and drop your AccountNumberTextBox and ConfirmCheckBox on it, telling it that...
Never mind, it's unlikely. It's the ramblings of a drugged horse after all.
Admin
Ah! Aaaah! But you admit you have heard it then! Ah! Aaaah! Case dismissed.
(I also don't think I've heard it before.... 9 years including enough working with C.)
Back to the topic though... my mind is still bending around this one. It's just nuts. I desperately want to have access to their codebase so that I can check whether anything anywhere ever has the capability of sending False as the value of Confirm. I suspect it has simply never happened.
And to those half-defending it... this is UI logic, it should NOT ever touch the database layer or reach so deep into the code. Think about it! ;)
Admin
Congrats, you win the argument.
also read: Zen of Code Optimizing, Michael Abrash (c) somewhere in the middle-ages of programming.
TINSTATFC.
Admin
Lossage?
Admin
Three or four? Even quite a lot more: it's a 4 byte int...
Admin
...who read it in the Jargon file. It's a general problem with any attempt to document slang: it's rather fashion-dependent. Some of it persists and spreads into mainstream usage, some falls out of usage completely. There was a time when the word "spam" for junk email was just as obscure...
Admin
Superb idea!
Dim UtterlyDisableApplication As Boolean
UtterlyDisableApplication = True
And this WTF is perfectly acceptable in my book. I mean, I keep an empty bottle in the fridge for when visitors don't want anything to drink.
Admin
My smarts caught up with myself.
Should, of course, be:
Admin
This is impossible, because .jar is a Java format and this is VB coder we're talking about. VBX would do just fine, though.
Admin
No coding hell if you use proper development techniques, specifically in this case - named constants. Refactor the previous poster's code to:
Global PROPER_USER_NAME = "programmer"
Global PROPER_PASSWORD = "initech"
Function Add( a, b, user, password )
if user=PROPER_USER_NAME and password=PROPER_PASSWORD then
Add = a + b
else
Add = 0 ' unauthorized programmer, will get bad result
End Function
That was, if the password ever changes, you only need to change it in one place and no coding hell ensures
Admin
I know that set is not used in VB.NET.
But the code looks like old classic VB 5/6 code. I know my enemy. Seems like you se .NET everywhere.
Admin
Which obviously should be refactored to a shorter and more readable version:
DeleteAccount(AccountNum, MsgBox("Are your intentions true?",vbYesNo) = vbYes)
This way you reduce the complexity and make the code easier to maintain.
Admin
I sure hope that was a joke it should be either:
!confirm //c#
or
not confirm //vb
Admin
in C(++):
int imTotallyAndUtterlySure = 0xDEADF00D;
...
if (confirm != imTotallyAndUtterlySure)
return;
Admin
Isn't Global deprecated in VB?
Admin
> The key question to me is why would you ever pass false for the "confirm" parameter?
As a delay? >:)
Admin
Excellent approach, but the position of the OK and Cancel buttons should also be randomized, just in case. And I think checking only 100 times may be a bit too lenient. After all, it's really important data, isn't it?