• Matt (unregistered) in reply to pscs
    pscs:
    Matt:
    It doesn't just allow you to make bad code, it encourages it. If a function doesn't specify the types that the arguments take, then you're just asking for trouble.

    But that's just dynamic typing for you. Lots of things use dynamic typing, PHP, Python, Javascript, Ruby, Lua, XML etc. For a lot of things (eg passing the right types of parameters to a function) static typing does have an advantage in that it will find lots of errors at compile-time, but dynamic typing also works well (hence the reason it is used so much).

    So, you can't say 'PHP is crap because it uses dynamic typing'. If that were the case, you've pretty much condemned all languages used for web development...

    I have no problem in condemning all of the languages used for web-development, particularly given the average level of competence from web-developers is roughly zero. That's why they don't have real jobs.

  • Anonymously Yours (unregistered)

    I don't think there's any confusion about why this is worse than failure. These heathens are using a massive include full of functions instead of a God Object. Everything runs better with objects! Overhead be praised!

  • Dave (unregistered) in reply to notromda
    notromda:
    include "cluestick.inc"

    fixBrian(3); // 3 strokes should be enough.

    But then you need to recompile every time someone new joins the team. I prefer.

    boolean fix(String person, float beatings)

    It returns if he was fixed. Beatings is a float so you can give people less brutal reprimands. But also so you can do

    while(!fix(Brian, 0.001)){

    }

    so you dont unnecesarily beat him too much.

  • SeaDrive (unregistered)

    Why assume that the boss or lead programmer or whoever is so wedded to something he wrote a long time ago. If I came across something like fixString, I'd assume the programmer wrote it when he was a neophyte, and would like to see it improved.

  • Anon E. Mus (unregistered) in reply to Ryan

    Nothing. You missed a closing ).

  • (cs) in reply to Janis Petke
    Janis Petke:
    TRWTF: fixString() doesn't even remove the '$' characters.
    And that's why you put the project on hold until Brian can fix it, per PHB. Find all the characters it can't purge and open a new support ticket for each character.
  • (cs)
    "Great!" Jared replied, clenching my teeth.
    Why is Jared clenching Alex's teeth?
  • (cs) in reply to Nicd
    Nicd:
    The real WTF are the double quotes in $cleanedPrice = str_replace(array('$'), "", $price);

    Addendum to TRWTF - Why the hell is he using an array for a single charcter, you get the same thing without array('$')

  • (cs) in reply to Matt
    Matt:
    pscs:
    Matt:
    It doesn't just allow you to make bad code, it encourages it. If a function doesn't specify the types that the arguments take, then you're just asking for trouble.

    But that's just dynamic typing for you. Lots of things use dynamic typing, PHP, Python, Javascript, Ruby, Lua, XML etc. For a lot of things (eg passing the right types of parameters to a function) static typing does have an advantage in that it will find lots of errors at compile-time, but dynamic typing also works well (hence the reason it is used so much).

    So, you can't say 'PHP is crap because it uses dynamic typing'. If that were the case, you've pretty much condemned all languages used for web development...

    I have no problem in condemning all of the languages used for web-development, particularly given the average level of competence from web-developers is roughly zero. That's why they don't have real jobs.

    So you use C#, and you think all languages used for web development suck? Hmmmm. Sounds to me like you're just another inflexible fanboy, looking for ways to put down things you don't "like".

    Languages are tools. You should be able to see the value in even crap tools like Scheme and ASP.net, and not just dismiss them all out of hand.

  • Vic Tim (unregistered) in reply to vt_mruhlin
    vt_mruhlin:
    "Great!" Jared replied, clenching my teeth.

    He was clenching your teeth? That sounds uncomfortable.

    Must have been the electricity in his "Great!"

  • Gbo Bluth (unregistered) in reply to Matt

    ok, comic book guy.

  • Gary Skinner (unregistered) in reply to Matt
    Matt:
    I have no problem in condemning all of the languages used for web-development, particularly given the average level of competence from web-developers is roughly zero. That's why they don't have real jobs.

    Please Matt, inform us as to what a 'real' job is. I am curious.

  • Rob (unregistered)

    Actually, have a bunch of developers each implement and handle their own input cleaning code seems silly and an invitation for bugs.

    The guy added a fix to remove the '$' - great. But what happens when someone enters '$1,000' or '$1,000.00'? Well, now it's more code that needs to be added, and it needs to be added for each developer.

    The better solution would be to have a single function that takes a string and return a dollar amount. It would correctly parse all user input that is intended to be used as $$$. All of the developers should use that single function instead of trying to parse the input themselves. If there is a bug in the code, it can be fixed in one place and not for everyone.

  • (cs) in reply to Gary Skinner

    Matt has provided excellent flame-bait, albeit a bit too obvious on his part. Where are the good trolls today?

    looks for topcod3r

  • Joey (unregistered)

    $cleanedPrice = preg_replace("/[^0-9.]/", "", $price);

    When will people learn?

    Sure it should be suffixed with g but but christ sake. you DON'T need to escape any (.) when it's in a range of characters ([]). Also don't use ''. Never use '' unless you want \n or something.

    '/[^0-9.]/g' will do finely.

    I swear there are 50 wtfs here in comments alone.

  • Joey (unregistered)

    And yes I agree why the hell is he using an array? I assume it's a joke aimed at the original function.

  • Jorgey Porgey (unregistered) in reply to abx
    abx:
    Juifeng:
    In some parts of the world, $1,000 means what you'd type as "$1.000". So there is no way for PHP to really understand commas and dots that easily.
    In some programming languages of the world, cultural differences like these are anticipated and taken care of. Of course, casting a string to an int should never be allowed, but if it was, the culture of the computer it runs off could be assumed (as long as there are ways to do it which lets you specify otherwise)

    "culture of the computer should be assumed"? the server or the client? assuming is dangerous. perhaps it should enforce your code is culturally aware by requiring a locale to be passed in / set so programmers are more aware of the implications of their choices.

  • MegaGreg (unregistered) in reply to Matt

    [quote user="Matt"]PHP sucks because:

    1. No types and therefore silent conversions where you don't want them ( === should NOT be nessisary)
    2. No exceptions (in PHP4 which everyone still uses)
    3. No naming conventions for functions
    4. No namespaces[/code]

    I think PHP's biggest downfall is that it's too easy to get something simple working. It invites amateur coders in the professional programming world, and before long it's totally out of hand.

  • MegaGreg (unregistered) in reply to MegaGreg

    [quote][quote user="Matt"][/quote]

    How embarasing...

  • Jorgey Porgey (unregistered) in reply to Matt
    Matt:
    pscs:
    Matt:
    It doesn't just allow you to make bad code, it encourages it. If a function doesn't specify the types that the arguments take, then you're just asking for trouble.

    But that's just dynamic typing for you. Lots of things use dynamic typing, PHP, Python, Javascript, Ruby, Lua, XML etc. For a lot of things (eg passing the right types of parameters to a function) static typing does have an advantage in that it will find lots of errors at compile-time, but dynamic typing also works well (hence the reason it is used so much).

    So, you can't say 'PHP is crap because it uses dynamic typing'. If that were the case, you've pretty much condemned all languages used for web development...

    I have no problem in condemning all of the languages used for web-development, particularly given the average level of competence from web-developers is roughly zero. That's why they don't have real jobs.

    i agree. strong typing, and const correctness, are extremely important. dynamic typing was a shameful feature to have replicated in more than one language. it's more of a cute experimental feature, than it is useful for real production code.

  • SomeCoder (unregistered)

    In my younger and much more foolish days, I had an everything.inc. It was for Perl though and was everything.pm (or something). It had a ton of functions that were useful for various things: trim(), a perl version of the PHP strtotime(), etc.

    At least I thought it was useful at the time. Hey, I was young and uneducated and we all make WTFs when we were younger.

  • Jamie (unregistered) in reply to Joey

    '/[^0-9.]/g' will do finely.

    I swear there are 50 wtfs here in comments alone.

    $price='$100.5.4'; $cleanedPrice = preg_replace('/[^0-9.]/g', "", $price);

    cleanedPrice is 100.5.4? WTF! 51!

  • Donald (unregistered) in reply to Gary Skinner
    Gary Skinner:
    Matt:
    I have no problem in condemning all of the languages used for web-development, particularly given the average level of competence from web-developers is roughly zero. That's why they don't have real jobs.
    Please Matt, inform us as to what a 'real' job is. I am curious.
    He means Walmart clerks, obviously.
  • (cs) in reply to Matt
    Matt:
    PHP sucks because:
    1. No types and therefore silent conversions where you don't want them ( === should NOT be nessisary)

    2. No exceptions (in PHP4 which everyone still uses)

    3. No naming conventions for functions

    4. No namespaces

    • Ok, sure, but Ruby and Python are the same way. Beyond that, what are your web development options? JSP and ASP? I personally don't have a problem with ===, but I agree that it's counterintuitive for a newbie.

    • If you're still using PHP4, you deserve what you get. Haven't they stopped releasing even security updates for it?

    • Agreed, but that's not something that can't be fixed in the future.

    • PHP 5.3+ will have namespaces.

    PHP is an ugly bitch, but it's a well-documented ugly bitch, and the actual language (i.e. not the function library) is not that bad.

  • Steve (unregistered)

    It seems to me that you should only strip leading dollar signs. If the user types

    1$00
    when they meant to type
    1400
    then arguably that's an error which should be trapped.

  • (cs) in reply to jonnyq
    jonnyq:
    2. If you're still using PHP4, you deserve what you get. Haven't they stopped releasing even security updates for it?

    Their 4.4.9 release back in August of this year was the last, and it addressed several issues, including some security aspects.

  • AdT (unregistered)

    Brian's str_replace does a lot more than the ordinary one, which you can gauge by the O(n²m) worst case complexity (where n is the string length and m the length of the character array). Never mind that it could easily be O(n) or at least O(n log m) even if the full Unicode spectrum has to be supported.

  • lostdreamer (unregistered)

    trwtf is that the array function is not necessary in his 'better way' :P

  • PHPvictim (unregistered) in reply to Vechni

    Yup. The whole thing.

  • d00d (unregistered) in reply to AdT
    AdT:
    Brian's str_replace does a lot more than the ordinary one, which you can gauge by the O(n²m) worst case complexity (where n is the string length and m the length of the character array). Never mind that it could easily be O(n) or at least O(n log m) even if the full Unicode spectrum has to be supported.

    and what would be an example for that worst-case complexity? at first glance I would say the inner loop is executed at most n times IN TOTAL since the length decreases every time. Yields an O(n²) if all characters get removed, plus the obvious O(nm) from strpos executed for every character to be removed.

  • Betterthanyou (unregistered) in reply to Anonymously Yours
    Anonymously Yours:
    I don't think there's any confusion about why this is worse than failure. These heathens are using a massive include full of functions instead of a God Object. Everything runs better with objects! Overhead be praised!
    \

    just being anal retentive here.. i hate inaccurate/misleading information being referenced as fact in a humor so you can try to get away with it

    just for reference the overhead in C++ of a call to a class method is exactly the cost of having exactly 1 more argument in it's argument list for non-virtual functions, and for virtual functions it is that plus two pointer traverses.. not very great performance hit on most systems

    (yes on extremely limited resources like embedded platforms it may become noticable but that's why you code specifically for those platforms in mind)

  • Andrew (unregistered) in reply to cod3_complete
    cod3_complete:
    I've seen this kind of WTF coding far too much in my time and it just has to stop. Reimplementing an existing API is one of the worst damn things anyone can do. Unfortunately, the PHP api is inconsistent in both naming conventions and use of underscores so it can be easy to get lost when the language looks like spaghetti and is poorly designed.

    Yeah, but not always. Take Java's StringBuilder and StringBuffer. StringBuffer exists because people kept "Reimplementing an existing API" making the original StringBuilder run faster.

  • (cs) in reply to jonnyq
    jonnyq:
    PHP is an ugly bitch, but it's a well-documented ugly bitch, and the actual language (i.e. not the function library) is not that bad.

    that's mostly because the function library developed by extension instead of by a plan too

    for all the idiot programmers we hear about dealing with PHP i've seen a equal number of genuine wizards (would be wizard in any language they worked on) writing some very nice PHP

    not that anyone i know, including myself, enjoys writing PHP - but that is because we all hate writing webpages and would be rather writing INTERESTING things :P

  • Dlareg (unregistered) in reply to Dave
    Dave:
    notromda:
    include "cluestick.inc"

    fixBrian(3); // 3 strokes should be enough.

    But then you need to recompile every time someone new joins the team. I prefer.

    boolean fix(String person, float beatings)

    It returns if he was fixed. Beatings is a float so you can give people less brutal reprimands. But also so you can do

    while(!fix(Brian, 0.001)){

    }

    so you dont unnecesarily beat him too much.

    Than fix should be an method of an instance or otherwise it won't remember if he should realy beat . So the call could then be Bian->fix(0.001);

    I'd rather have beatings be an integer ( you can't only beat them half a time) bool fix('Brian', 10);

  • Nick (unregistered) in reply to Matt
    Matt:
    Satanicpuppy:
    Php is fine for what it does. Sure it can produce crap code, but it's not a requirement. I'll agree with you on the namespace thing though; that's a royal p.i.t.a.

    It doesn't just allow you to make bad code, it encourages it. If a function doesn't specify the types that the arguments take, then you're just asking for trouble.

    I worked in a web dev/design sweatshop about a year ago, and the lack of function argument typing was certainly aggravating. We had a double deuce, though -- a hulking, monolithic God object (for our home-brew CMS, which was essentially a PHP3 app crammed into a singe 12,000 line class -- I wish I were exaggerating) AND an "everything.inc" file, except the lead developer, the owner's son, didn't know about the .inc extension when he started writing it. The guy also didn't believe in source control, testing on a development server rather than live, and wow, I'm de-railing myself here.

    In re: argument types... Most good PHP IDEs (all three or four of them?) support integration with phpDocumentor, and therefore can do type-hinting within the editor, so you can somewhat alleviate this problem, at least in the initial coding stage. Of course, if your lead dev also doesn't believe in IDEs or source code documentation... God, I'm glad I quit that place.

    ...Although it was pretty awesome watching Eclipse PDT, PHPEd, and Zend Studio all choke on the aforementioned monolith of doom. The only thing that could handle it was Visual Studio with the VS.PHP plugin -- go figure. Too bad the guy didn't take this as a sign that there was something wrong with his approach to so-called "OOP." Rather, all this did was net me a response of, "hurrr, that's why Notepad is the GREATEST!" facepalm

  • Ellie (unregistered)

    the $64k question..

    Did he fix the function in everything.inc ?

    ... and what did it break?

    :D

  • (cs)

    Instead of arguing how a developer should try to correct a completely f--ked input such as "$3$45.4.11,0B" on the back end, how about some front end validation here? Let the user fix their mistake; don't try to read minds. If the input doesn't conform to what you are expecting, throw an error. Chances are if you're having to strip out chars left and right, it's going to be a bad value anyway.

  • Nodody (unregistered)

    ^$?(\d{1,3}(,?\d{3})*(.\d{2})?)$

    I don't use php, but this works in java regexp. Get the value of capture group 1, strip out the commas if your number parser happens to be retarded, and you're good to go.

    One could argue that this would be better:

    ^$?(\d{1,3}(\d*|(,\d{3})*)(.\d{2})?)$

    Since it doesn't let you mix commas with non-commas. Of course, it won't work for those crazy Europeans who reverse the thousand-separator and decimal characters, but it at least it doesn't allow 54$$$2.

    There may be an easier way, and I'm sure my solutions aren't perfect. I was surprised, though, that regex was mentioned and then the solution used was so...crude.

  • Evo (unregistered) in reply to jonnyq
    jonnyq:
    PHP is an ugly bitch, but it's a well-documented ugly bitch, and the actual language (i.e. not the function library) is not that bad.

    I have to disagree. True, it has tons of documentation. But a lot of it is outdated or simply completely incorrect. There are even functions in there of which the number of arguments is incorrect in the documentation. Go figure.

  • Nerf Herder (unregistered) in reply to I walked the dinosaur
    I walked the dinosaur:
    Do people REALLY not understand the difference between ==false and ===false in php? That's the reason an 'A' is prepended at the start. My god...

    Obviously ==false means you want it to be false. ===false means you REALLY want it to be false. Scale of economy here.

  • Joon (unregistered) in reply to JDeepBeep
    JDeepBeep:
    Matt has provided excellent flame-bait, albeit a bit too obvious on his part. Where are the good trolls today?

    looks for topcod3r

    Remember that someone went and registered topcod3r.

    I think that he has re-invented himself as cod3_complete, whose subtle trolling started the whole language war.

    Excellently done, and so entertaining!

  • (cs) in reply to Ellie
    Ellie:
    the $64k question..

    Did he fix the function in everything.inc ?

    ... and what did it break?

    :D

    I see there is still someone out there with actual experience. :D

  • mabinogi (unregistered) in reply to jonnyq
    jonnyq:
    1. Ok, sure, but Ruby and Python are the same way. Beyond that, what are your web development options? JSP and ASP? I personally don't have a problem with ===, but I agree that it's counterintuitive for a newbie.
    No, they are not. They are both strongly typed - there's no type conversion done. Methods allow you to pass any type in, but that's not the same thing at all as being typeless or doing silent conversions. a string is always a string, unless you explicitly call a function to parse it as something else.
  • SomeCoder (unregistered) in reply to Betterthanyou
    Betterthanyou:
    \

    just being anal retentive here.. i hate inaccurate/misleading information being referenced as fact in a humor so you can try to get away with it

    just for reference the overhead in C++ of a call to a class method is exactly the cost of having exactly 1 more argument in it's argument list for non-virtual functions, and for virtual functions it is that plus two pointer traverses.. not very great performance hit on most systems

    (yes on extremely limited resources like embedded platforms it may become noticable but that's why you code specifically for those platforms in mind)

    Not all languages are C++, nor do they implement their classes in the same fashion. C++ is designed for speed so its objects damn well better be fast.

  • cod3_complete (unregistered) in reply to Joon
    Joon:
    JDeepBeep:
    Matt has provided excellent flame-bait, albeit a bit too obvious on his part. Where are the good trolls today?

    looks for topcod3r

    Remember that someone went and registered topcod3r.

    I think that he has re-invented himself as cod3_complete, whose subtle trolling started the whole language war.

    Excellently done, and so entertaining!

    No, actually there is no relation between me and topcod3r. He just happens to use a little 1337 speak like I do. I've commented on thedailywtf before (but its been a while)and possibly before topcod3r even started. The posts should still be found with a little searching. And yes PHP really does suck and it matters. :-) http://www.codinghorror.com/blog/archives/001119.html

  • dusoft (unregistered) in reply to Matt
    HP sucks because:
    1. No types and therefore silent conversions where you don't want them ( === should NOT be nessisary)
    2. No exceptions (in PHP4 which everyone still uses)

    The real WTF here is you, if you continue to use PHP4 instead of migrating to version 5.

    And no, not everyone uses PHP 4.

  • dusoft (unregistered) in reply to Evo
    I have to disagree. True, it has tons of documentation. But a lot of it is outdated or simply completely incorrect. There are even functions in there of which the number of arguments is incorrect in the documentation. Go figure.

    And you worked with PHP last time in 2001? That explains everything, kiddo.

  • (cs) in reply to Donald
    Donald:
    Gary Skinner:
    Matt:
    I have no problem in condemning all of the languages used for web-development, particularly given the average level of competence from web-developers is roughly zero. That's why they don't have real jobs.
    Please Matt, inform us as to what a 'real' job is. I am curious.
    He means Walmart clerks, obviously.

    I'm curious as well, if web developers don't have real jobs then tell me why I develop web applications under the title of "Web Developer". If we are as incompitent as you say we are then why are we being paid oh so much money to support major online corporations such as Google, ETrade, Scottrade, Yahoo, etc. and are increasing in demand as we speak.

    I also don't understand how a web developer's position is different from a database developer or java developer... same concept different environments. It's all programming, maintenance and standards.

    I'm sorry that you can't get a real job, but you don't have to take it out on us. Keep trying, you'll get that QA position you want.

  • (cs)

    For the record, NoScript (a Firefox addon) freaked out over the URL for this story. I understood why it was not a malicious link but NoScript just saw the code and threw an error.

  • (cs) in reply to notromda
    notromda:
    include "cluestick.inc"

    fixBrian(3); // 3 strokes should be enough.

    You should have struck the ground five or six times; then you would have defeated Brian and completely destroyed him. But now you will defeat him only three times.

Leave a comment on “My str_replace() Can Beat Up Your str_replace()”

Log In or post as a guest

Replying to comment #:

« Return to Article