• (cs)

    This one is pretty great ... it takes a while to figure it out but once you realize all the work this "HTML guru" did to avoid using simple <A> tags properly it is pretty hilarious!

  • (cs)

    Let me get this straight.

    This thing builds hyperlinks?

    That's it?

    [:|]

  • Mirandir (unregistered)

    Oh my! What a brilliant new way to lock non-IE users out... Probably even non-WIN-IE users...

    /Mirandir

     

  • Lenny (unregistered)

    I don't believe that this developer did not know how to use an href attribute.  It is obvious that he has a grasp of html, he should know this most basic feature.

    Once I worked with developing web pages for a portal which liked to transform hyperlinks to send their targets through a proxy.  Solutions like this were a way to work around that feature if you did not want the target to be sent through a proxy.  It is probable that this developer was in a similar situation.

    Or maybe he is just dumb...

  • Anonymous (unregistered)

    How should we know that Alex is not making these things up?

    He is a good intro writer, who knows maybe he is also a good WTF inventor!

  • Rob (unregistered) in reply to Anonymous

    Please, PLEASE, PLEASE tell me that this was done with some really bad HTML editor like Frontpage and that nobody is really that bad!

    --- Slowly losing hope for humanity... :S

  • (cs)

    I see two WTFs in that:

    1. Should have used JavaScript for greater compatibility.
    2. Possibly should have used the HTML comment hack to comment out the code blocks for backwards compatibility, too, although I'm not sure that works with embedded VBscript like it does with JavaScript.

    On the other hand, 2 might not be a WTF because you pretty much need some sort of scripting language to do this, so it's not that unreasonable to assume that nobody without a scriptable browser is using it. I mean, I certainly can't think of a way in plain HTML to make a hyperlink to another page...
  • philln (unregistered) in reply to allanc

    I have only one thing to say... click here

  • JT (unregistered)

    It HAD to have been generated by some editor, .NET or frontpage or something.

  • (cs) in reply to JT

        <font>With</font> frmForm
    window.location.href = <font>"editAppraisal.asp?page=5"</font>
    <font>End With

    i love this part </font><:o)

  • (cs)

    This is the first WTF that's really made me want to cry [:'(]

  • (cs)

    Well I typed a reply, but the forum software choked on it.  I find it ironic that a site that makes fun of other people's code has such crappy forum software.

  • t3h invisible man (unregistered) in reply to mugs

    WRT commenting out the script, using JS to ensuer compatability, etc., it may well be that this is an in-house project so you can guarantee that all the browsers will be IE6, in which case it's perfectly reasonable to have un-hidden VB Script.

    Sure, the code is daft, but hardly earth-shatteringly bad.  (Unlike this forum software, which is the shits.)

  • (cs) in reply to mugs
    mugs:
    Well I typed a reply, but the forum software choked on it.  I find it ironic that a site that makes fun of other people's code has such crappy forum software.


    specify your error..may be you have a crappy navigator (like IE), or maybe you have a crappy internet connection
  • (cs) in reply to Gonzalo

    Gonzalo:
    mugs:
    Well I typed a reply, but the forum software choked on it.  I find it ironic that a site that makes fun of other people's code has such crappy forum software.


    specify your error..may be you have a crappy navigator (like IE), or maybe you have a crappy internet connection

    Nah, it brought me to a new page with an error message on it.  I didn't take note of the exact text of the error, but it was something to the effect of "Unknown" or "Unspecified."  I can rest assured that the error WAS logged though. :)

  • (cs) in reply to t3h invisible man
    Anonymous:
    Sure, the code is daft, but hardly earth-shatteringly bad.


    Reverse-engineering <a href=""> is earth-shatteringly bad in my book.

    The only far-out justification I can think of would be that there was a rogue spider hitting the site (like Google's Web Accelerator) and they were trying to obfuscate the links.
  • (cs)

    1.  Ok, WTF didn't he just use <a href="homepage_whatever"><img .... ></a>???  Wouldn't that have accomplished the same thing?

    2.  Why does the IMG tag have value="Submit" and type="button"?  It's not even inside a <FORM> tag

    3.  OMG a map the same size as the image... a boxed rectangle 30x30 pixels...   how useless.

    4.  The only anchor tag on this page has a useless call to the inline VBScript, executing script code unnecessarily.

  • (cs)

    Sadly, I've seen a lot of websites built this way in the wild. EXTREMELY annoying.

  • (cs) in reply to fluffy

    I got that error too, it's probably a database error (too many connections). That's the most common reason for intermittent failure on a web forum, with cpu overload leading to script or database timeouts being the more common for a net reset that shows no page.

    The only thing this script's missing is right-click protection and anti-leech referrer code. I mean, if you're going to shackle your user into following your script, you might as well go all the way.

    (By the way, this forum software hates IE and FF equally. It's the great equalizer, it breaks everything. =D I've always maintained that it's here to lend us a proper appreciation of the wtfs, by immersing us in one. It might be time to get rid of a few of the more expensive lookups since the forum gets pretty slow sometimes, though.)

  • (cs)

    Nice, an image map, simply to cover the entire image. Sweet.

  • cowbert (unregistered) in reply to christoofar
    christoofar:

    2.  Why does the IMG tag have value="Submit" and type="button"?  It's not even inside a <form>
    <form> tag

    Because you don't need a form to merely catch the onClick() event. And I don't believe the img tag supports the onClick event so you have to use a button object.
    </form>
  • (cs)

    Mike Jervis' colleague must have been Peter Moulding

  • Mike (unregistered) in reply to cowbert

    Or instead of using an image map that covers the entire image you could wrap the img tag inside of an a href tag.  Just a thought...

    BTW - this is pretty shitty forum software :-)

  • Matt Ryall (unregistered)
      Sub lnkBackToHome_OnClick
        With frmForm
        ...
        End With    
      End Sub
    

    This guy must be used to wrapping a With block around every subroutine he writes in VB. Argh!

  • Mr. brain (unregistered)

    <font style="font-family: verdana;" size="2">Seeing the code, I can think of multiple reasons

    1. The programmer wanted to override the default properties related to href (for tags with href, the browser contextmenu on right click will be different).

    2. The programmer was trying to simulate the href feature to fool some parsing softwares for web pages. </font>

  • (cs) in reply to JT

    I don't think even a generator can be this dumb.

  • Rik Hemsley (unregistered) in reply to t3h invisible man
    Anonymous:
    WRT commenting out the script, using JS to ensuer compatability, etc., it may well be that this is an in-house project so you can guarantee that all the browsers will be IE6, in which case it's perfectly reasonable to have un-hidden VB Script.


    Until the company decides to use Firefox because IE is a security liability. Oh, but they can't, because their in-house apps require VBScript.
  • darrenb (unregistered) in reply to Matt Ryall

    This guy must be used to wrapping a With block around every

    subroutine he writes in VB. Argh!
    Quite ... it is especially WTF as he doesn't even use the With reference inside the With block - doh.


  • (cs)

    Holy mother of gaaaawd!

    If it wasn't for the bad code techniques (like using a completely useless WITH block), I would have thought it to be a clever attempt to impress his colleagues by writing his own HREF link handler.

    Well, I guess the fact that he picked VBScript to do it negates any inherent cleverness. :)

        dZ.

  • (cs) in reply to Matt Ryall

    "WITH" blocks are the spawn of satan...

     

    all the books talk about them...

     

    None of the books say you should never use them.

     

    For instance, when using WITH blocks in excel VBA work, it promotes memory leaks that eventually (or not so eventually) bring down excel in an exception error.

    VBA -> WITH generates memory leaks.

    trusting Microsofts GC also creates memory leaks. you MUST clean up your object references before exiting routines if you want a stable (haha) environment.

  • (cs)

    This is genius, now all his web links are secure as "untrusted" browsers like the hacker tool Firefox or the rogue Opera cannot click, heck they can't even see web links!

  • (cs) in reply to travisowens

    Oh, plus think of all the CPU time you are offloading from the server.  Now your IE client can generate the HTML markup instead of the high end, dual cpu, 2gig memory, hyper bus server with caching enabled.

  • Aristotle (unregistered) in reply to mugs
    mugs:
    Well I typed a reply, but the forum software choked on it.  I find it ironic that a site that makes fun of other people's code has such crappy forum software.

    Not only is the forum crappy... it has that very same WTF. Just go to any thread, like If ++ Increments ..., which has multiple pages, and look at the links to the other pages of the thread. They're all Javascript links.

    Great, no?

  • (cs)

    The query criteria form I saw where the JavaScript BFH (Big, Friendly Hammer) had been used on radio buttons to make them function as checkboxes.
    It's a cautionary tale, really; I went to the project manager (who only allowed himself to code on Fridays) and ask who was responsible for this homesick abortion.
    The offending WTF was quickly blamed on a consultant, who had apparently left calling cards throughout the source code of the application, not just this report interface.
    Later, replaying the body language in my head, I reached a different conclusion.  After that, I realized, no matter the magnitude of the WTF, diplomacy and an innocent, curious approach is far better.

  • Rick Scott (unregistered)

    They name "frmForm" just tickled me :)

  • dubstub (unregistered) in reply to Aristotle
    Anonymous:

    Not only is the forum crappy... it has that very same WTF. Just go to any thread, like If ++ Increments ..., which has multiple pages, and look at the links to the other pages of the thread. They're all Javascript links.


    That's because this forum software was written in ASP.NET which uses Javascript for postbacks to the server when it detects that your browser supports it. If you use a downlevel browser then it doesn't do this. But the forum software does suck though...<font color="Red"></font>
  • dubstub (unregistered) in reply to Aristotle
    Anonymous:

    Not only is the forum crappy... it has that very same WTF. Just go to any thread, like If ++ Increments ..., which has multiple pages, and look at the links to the other pages of the thread. They're all Javascript links.


    That's because this forum software was written in ASP.NET which uses Javascript for postbacks to the server when it detects that your browser supports it. If you use a downlevel browser then it doesn't do this. But the forum software does suck though...<font color="Red"></font>
  • dubstub (unregistered) in reply to dubstub

    See what I mean! Obviously "Unknown Error" means "Thanks for your post, everything is ok!" round here...

  • (cs) in reply to dubstub

    Anonymous:
    Anonymous:

    Not only is the forum crappy... it has that very same WTF. Just go to any thread, like If ++ Increments ..., which has multiple pages, and look at the links to the other pages of the thread. They're all Javascript links.


    That's because this forum software was written in ASP.NET which uses Javascript for postbacks to the server when it detects that your browser supports it. If you use a downlevel browser then it doesn't do this. But the forum software does suck though...<FONT color=red></FONT>

    That's a really stupid use for Postback IMO -- kinda defeats what the querystring is used for -- /forums/showpost?id=123123&page=4. What's nice about QS is that it's cacheable at the page-level and by ISA -- when everything is a form post, they have to implement this complex post caching mechanism. Now who wants to commission me to write my own forum software ;-).

    On another note, I've done things like <span style="cursor:pointer" onclick="location=..."> to prevent spiders from following links. If you notice, the poster name "link" uses this too ...

  • (cs) in reply to Alex Papadimoulis
    Alex Papadimoulis:

    On another note, I've done things like [ span style="cursor:pointer" onclick="location=..." ] to prevent spiders from following links. If you notice, the poster name "link" uses this too ...


    Sure, there's all kinds of better ways to handle spiders, if this is really what the intention was for the original code.
    onclick="location=..." as Alex suggests
    robots.txt
    [ meta name="robots" value="..." ]
    [ a rel="nofollow" ]
    Sniff the useragent and don't serve the tags in the first place
    Restrict by IP
    Add authorization
    Require a human-interactive-proof
    ... and the list goes on ...
  • Ron (unregistered)

    I think there are 3 wtf's here:

    1) why is everybody crying about the forum software?

    2) why am I so dumb I clicked "report" before I clicked "reply"?

    3) why isn't the html program syntax highlighted?

     

     

  • Ron (unregistered)

    I haven't tested his code, but I want to add another possible explanation: to defeat the use of the browser's "back"button.

    I think an alternative is to use POSTs instead of GETs (assuming your reason for defeating the back button is a good one I guess)

    I'd be surprised that if this were machine generated because it uses inline cursor:hand styles instead of classnames

  • (cs) in reply to Ron

    Anonymous:
    I'd be surprised that if this were machine generated because it uses inline cursor:hand styles instead of classnames

    The code was undoubtly a case of write-only coding: excessive copy/pasting without ever reading what your writing. The unused "With thisForm" is a dead giveaway I think.

  • Cg (unregistered) in reply to Mr. brain

    Also, you would want to do the spoofing/regenerating of anchor tags if you were wanting to obfuscate the end results/destination from casual observers.  Still is silly, but there have been legitimate business reasons in the past to add OTHER functionality to the catch of these links. 

    HOWEVER: using vbscript to do this is just bad, putting a single statement in a with block is absurd, and not using a parameterized global function to do this IF NEEDED by each link is even worse.

  • (cs) in reply to cowbert
    Anonymous:
    christoofar:

    2.  Why does the IMG tag have value="Submit" and type="button"?  It's not even inside a <form>
    tag

    Because you don't need a form to merely catch the onClick() event. And I don't believe the img tag supports the onClick event so you have to use a button object.
    </form>
    All elements support all events: The W3C says so. (But since when has Microsoft listened to the W3C?)
  • (cs)

    Ah, I recently had the fun task of moving something like this from Access to SQL Server, and making it usable to non-IE browsers... That system was full of WTFs; in particular, the original programmer seemed to think that indexes were something that happended to other people.

  • (cs) in reply to dubstub

    Is there some fundamental flaw in ASP and ASP.NET which prevents anyone from ever writing usable forum systems? Or do ASP developers just have a mental block in this area? I've seen lots of semi-okay PHP forums, lots of okay tho basic JSP and PERL-CGI forums, but all the ASP ones seem to be a little mad.

  • (cs)

    a) Nice way to pad yer workload.

    b) the with command can be used for optimization since the compiler knows it can cache a pointer in a record for a bit without having to think about it too hard.  Dumb programmers obviously defeat the purpose with spurious with statements.

    c) asp.net uses links as javascript so that you can use them to submit forms, so that you can do something USEFUL without having to have a button.

    d) looks more like demented code I've seen out of coldfusion, but even its not that dumb

    e) Bragging about firefox's superiour security right now is a wtf all to itself. Firefox has the bugs and holes, but not the users and therefore not the wild exploit base.  If it ever gets the users, the wild exploits 'll grow too, and then we'll see if amateur hobbiests working for free in their spare time pitted against pernacious spammers, trojan, and virus writers hunting for zombies while peddling porn are really up the challenge.  It ought to be interesting.

  • (cs) in reply to Xepol

    Testing...

    <a href="http://">This a link?</a>

  • (cs) in reply to dhromed

    Good. Now I know HTML just displays.

    One of our interns once write this bit:

    <a href="BLOCKED SCRIPTlogoff()">Link</a>

    <script type="text/javascript'>
    function logoff()
    {
    location.href = '../logoff.asp';
    }
    </script>

    So I called him, and sat him down next to me, and showed him this, and I said absolutely nothing.

    He got it.

Leave a comment on “HTML Programmer”

Log In or post as a guest

Replying to comment #:

« Return to Article