• Gareth Martin (unregistered) in reply to Gareth Martin

What, no line breaks on this software? And no preview button? Bah.

• (cs)

There are at least two types of WTFs here: design WTFs and coding WTFs.

Design: It seems all this was Christopher's friend's own idea, and obviously he did not think over the design thoroughly. I suspect that he only thought about improving the users convenience and failed to take into account any other issues. If he had made up a list of necessary requirements a login procedure should fulfil he might have seen the problems of his feature-in-mind before writing a single line of code. Reading something about the matter in books or on the web may have helped as well. But isn't this a mistake we all tend to fall for sometimes - thinking only in a limited horizon, too focused on achieving a certain goal? Experience helps us to avoid that - and Christopher's friend may have learned an important lesson here.

At least Christopher's friend got his code tested beforehand by someone else. Probably he was quite embarrassed when he discovered that his design of a new login system was undoing the very purpose of a login system. This embarrassment can be a good teacher!

Coding: Many of the WTFs have been pointed out by others already.

• (cs) in reply to ikegami
ikegami:
Anonymous:

Well DUH!  Wonder why this ended up in the daily wtf in the first place...?

Because it's possible to brute force the password in (n*26)/2 guesses as implemented instead of (n^26)/2 guesses using the normal way. (well, maybe not 26, but you get the idea.)

For an 8 character password, that's 65 guesses vs 11881376 guesses.

Uh, that would be 26^n, not n^26.  11,881,376 is 26^5, which seems to suggest you knew the correct exponent, but used 5 characters instead of 8.

An eight-character password with mixed case and numbers would gives odds of about 1 in (26*2+10)^8 for each guess.

For this monstrosity, each keystroke has has a 1 in 62 chance of being right (assuming mixed-case alphanumeric password).  That means, for the eight-character password, a maximum of 62*8 = 496 keystrokes to guess the password, with an average of 248.

• thorn (unregistered) in reply to Alchymist

Good point, guess he won't be asking Mr. Stolworthy for help again. That's what friends are for, ridiculing you on thedailywtf.

• (cs) in reply to mustache
Anonymous:
arke:

DaBookshah:
This is pretty much what I would have expected from someone studying computer science anyway. Those retards(mostly) have no clue.

I'm a CS Student myself but I really have to agree. Those that enter Computer Science without previous programming knowledge pretty much turn out to be the worst possible coders. I'm seriously glad to have learned C, x86 assembler, and several other things prior to enrolling.

And as a computer science student, you'll know that computer science isn't really about programming.

Actually, that depends on the school you go to. I know plenty of crappy schools that ALL they teach in computer science is how to code in different languages. There may be a little computational theory but all in all, its like buying a bunch of books on different languages and learning them all.  It's schools like this that produce people who write the code that appears on this site.

• (cs) in reply to nixen

Anonymous:
Apart from the 3D thingies, this is so completely moronic that I have to call BS on it... who could ever, possibly, get the idea to postback a page between every single keystroke? You'd have to wait a second or two between every key you press..

Uh, cause its not a web app...

• Dale Williams (unregistered)

Sorry but this isn't a WTF.  It's from a CompSci STUDENT!  It's what I would except from a student.  I'm sure all of us wrote equally stupid code in college. (Except mine was in RPG and COBOL back then).  Now if this guy was in the workforce and wrote this, he should be made to return his C# magic decoder ring and move to marketing.

DaleWill

• (cs)

this is a true wtf on the professors who teach these CS students.

• (cs) in reply to some moron
Anonymous:

I like this. It's good, tactile code that's quite obviously aimed at improving user experience. The trouble with password fields is that you can never actually see what you are typing, and this can lead to a lot of mistakes. I've always thought that if I could design a better password field, it would work something like this. Think of the time I would save on Monday mornings if it actually told me when my shaky hands were malfunctioning more than normal when I'm trying to login.

And whose bright idea was it to have the older windows things (NT at least) translate everything in the username box into upper case, and have the password be case-sensitive?  That was complete idiocy.  Much better now that the newer ones even pop up a box that says "Hey!  Nitwit!  Your caps-lock is on!"

• Rich (unregistered) in reply to some moron
Anonymous:

I like this. It's good, tactile code that's quite obviously aimed at improving user experience. The trouble with password fields is that you can never actually see what you are typing, and this can lead to a lot of mistakes. I've always thought that if I could design a better password field, it would work something like this. Think of the time I would save on Monday mornings if it actually told me when my shaky hands were malfunctioning more than normal when I'm trying to login.

Perhaps clippy could pop up and say "I see you typed 'sekret11'. I think you meant to type 's3kr3t11' shall I change it for you?"

Rich

• Kehvarl (unregistered)

What suprises me most is that no one else has pointed out that this form of password checking is -exactly- what we need to promote if we want to use movie-style character-by-character password cracking tools.

• (cs) in reply to Kehvarl
Anonymous:
What suprises me most is that no one else has pointed out that this form of password checking is -exactly- what we need to promote if we want to use movie-style character-by-character password cracking tools.

Quoted for truth. Computer technology isn't complete until Uplink is a realistic simulation of the internet.
• bw (unregistered) in reply to mattnaik

True, it does depend on the school, but it equally depends on the student's drive to learn.  It also depends on how far along the student is and I see nothing here that says he's a graduating senior.

• (cs) in reply to DaBookshah

DaBookshah:
This is pretty much what I would have expected from someone studying computer science anyway. Those retards(mostly) have no clue.

This isn't a code snippet, it qualifies as a front page story.

Would one of the moderators delete the comment I have quoted; it is nothing but flamebait, adds nothing to the discussion, and says more about the person who posted it than anything related to this article.

sincerely,
Richard Nixon

• joe (unregistered) in reply to DaBookshah

DaBookshah:
This is pretty much what I would have expected from someone studying computer science anyway. Those retards(mostly) have no clue.

This isn't a code snippet, it qualifies as a front page story.

That's funny.  My experiences have been the opposite.  And as for this being a front page story, I would suggest going to school so you can learn about paying attention and reading.  If you had those abilities, you would have noticed that Alex does not consider picking on students to be in good form.

• (cs) in reply to DaBookshah

DaBookshah:
This is pretty much what I would have expected from someone studying computer science anyway. Those retards(mostly) have no clue.

We have a winner for the most ignorant comment of the day!

Actually you only have to guess on the last character, because it even if you get the rest wrong, it doesn't matter, since the comparison is on a character by character basis, and the login code is after you reach the last character of the password.

So that just leaves guessing the # of characters...

I can see the result of the conversation, after Christopher told his friend that there was a problem, that the fix was to remove the instant feedback... the real problem is that the WHOLE password is not checked.

• SM (unregistered) in reply to ikegami
ikegami:
Anonymous:

Well DUH!  Wonder why this ended up in the daily wtf in the first place...?

Because it's possible to brute force the password in (n*26)/2 guesses as implemented instead of (n^26)/2 guesses using the normal way. (well, maybe not 26, but you get the idea.)

For an 8 character password, that's 65 guesses vs 11881376 guesses.

.

Well DUH!  Wonder why someone always wants to answer an obvious rhetorical question...

Anonymous:

Actually you only have to guess on the last character, because it even if you get the rest wrong, it doesn't matter, since the comparison is on a character by character basis, and the login code is after you reach the last character of the password.

So that just leaves guessing the # of characters...

Ironically, the code never even reaches the "if last character is correct then login" part, as previously noted.

• Eyrieowl (unregistered)

Really, this seems in somewhat bad form.  Is the supply of bad code snippets getting so thin that we have to resort to picking on student code to get our yuks?  I'm sure that everyone reading this site probably wrote something equally horrendous when they were, themselves, learning to program.  That's not amusing, it's just learning.  At best, it's cute, "Awww, wook what the poor wittle student wrote!"  At worst?  A non-event.  It's not a shame, it's called LEARNING.

• noname (unregistered) in reply to Eyrieowl

Anonymous:
Really, this seems in somewhat bad form.  Is the supply of bad code snippets getting so thin that we have to resort to picking on student code to get our yuks?  I'm sure that everyone reading this site probably wrote something equally horrendous when they were, themselves, learning to program.  That's not amusing, it's just learning.  At best, it's cute, "Awww, wook what the poor wittle student wrote!"  At worst?  A non-event.  It's not a shame, it's called LEARNING.

yes, yes. boo hoo. Listen students do stupid things. Then we laugh about them. Why not? Other people do stupid things and we laugh about them too. Hell I've seen university proffesors stupider things than this, and I laughed (after he was a safe distance away). We laugh at little kids doing stupid things even though they really don't know better. Let's be real, this is just a bit stupider than you'd expect from a student. It wasn't well thought out. Unfortunately, having seen what passes for an education nowadays (and I am not American, but Dutch), this all of a sudden doesn't seem so horrendously stupid.

Still, I get your point. Mostly its the foaming at the mouth posts I don't like. Also the being ratted out by a friend, but maybe he got permission.

I wouldn't say I did something equally horendous. well maybe. I had to write a certain protocol, and instead of asking for a whole big bunch of bytes and buffering I asked for one byte at a time, becuase well 1 char == 1 byte.  Of course that also means 1 char == 1 network request for 1 byte... However, I found this out because the program didn't pass the automated tests, which was wrong. My program was stupid, but it was rfc compliant. In the end the TA agreed his test was stupid for assuming inteligent coding, and my program was correct but still stupid. Did let me change the code though. And he changed the test. And probably started counting network request ;}.

Ok me stoopid too. Still, the password thing is...big time mistake. Of course, a (very smart) friend of mine once crashed a nationwide network with a poorly written arp/rarp implementation..... Inteligence is not a guarantee against stupidity.

• (cs) in reply to nixen

Anonymous:
Apart from the 3D thingies, this is so completely moronic that I have to call BS on it... who could ever, possibly, get the idea to postback a page between every single keystroke? You'd have to wait a second or two between every key you press..

What postback? Who said this was a web app? Note that the code author sent the submitter his app. Obviously a windows forms application.

Besides, there's no onKeyPress postback event on aspx webform textboxes.

• Patrick (unregistered)

Awww, give the kid a break he's still in school.  For all we know his professor was telling him to do it like that.  Now if he submits it and gets ans A, then that's the bigger WTF?

• Jeff Bell (unregistered)

Back in the early seveties there was a similar password hack in the PDP-10

In that system you could tell whether a page fault had occurred.

By placing the password buffer one address before the end of the page, the program could tell whether the string comparison had accessed the second character in the buffer or not.  If it had, then you knew that the first character was correct.

The fix was to make the password comparison access each character once, before the string comparison, and that was good for a couple years.

These days no one would store plaintext passwords.

• Erzengel (unregistered) in reply to Kehvarl

Kehvarl:
What suprises me most is that no one else has pointed out that this form of password checking is -exactly- what we need to promote if we want to use movie-style character-by-character password cracking tools.

Exactly. Perhaps the student was making a password field like this because that's what decades (2 decades) of movies have been teaching him password fields should be like?

For people complaining about it being student code: Would you have less trouble with the concept if it was called "From the keyboards of babes"? (As in "from the mouth of babes" as in children, not attractive females.)

• Anonymous (unregistered) in reply to DaBookshah

Sadly, the University of Common Sense closed a long time ago, before this student could possibly enroll, due to "lack of interest."

• (cs) in reply to mattnaik

Actually, that depends on the school you go to. I know plenty of crappy schools that ALL they teach in computer science is how to code in different languages. There may be a little computational theory but all in all, its like buying a bunch of books on different languages and learning them all.  It's schools like this that produce people who write the code that appears on this site.

Sadly, I just graduated from a college that was exactly like this. They basically taught us how to do a for loop for each different langauge. We learned (a very small amount of) Vb.Net, C#.net, ASp.Net, Oracle, MSSQL, PHP all in the matter of 2.5 years (and we also took many other courses such as Accounting, math, etc)

The whole college was a waste of time, I don't need to know how to do a for loop in 5 different languages, I need to learn how to do it in only 1 and then its just a matter of learning the syntax in another language.

We never went very far with each langauge, we wern't taught anything about security issues, SQL injection, transactional coding, effieciency, registry, etc etc.

And the really sad part about the college, was that it was rated the #1 college for 7 years in a row...

• gcon (unregistered)
Tim Gallagher:
`private void txtHostname_KeyPress(object sender, KeyPressEventArgs e)`

Why is he comparing the password to the value in the Hostname textbox?

Ok...Assuming it is really the password textbox, there is an interesting scenario. If the last if statement was changed as shown below (because we all know you can't get there as it is currently coded), wouldn't you just need to get the the last character you typed correct to log in? If this was the case, you could be logged in with a single keystroke. Cool!

Tim Gallagher:

if (i == (sender as TextBox).Text.Length - 1)

I sure hope this student got advice rather than riducule...unless he was coding the professor's grading system...in that case he probably was applauded...

• Lummox (unregistered) in reply to arke

So is it lonely up there on your pedastool?

Not all of us have the priviledge of industry experience before going into the program you know.  I had some minor experience in high school before entering the program in college (which I started as a computer engineer and switched to computer science), and I'm now a programmer for a large e-commerce site, and am by no means one of the "worst possible coders."  And to be honest, the company I work for doesn't tolerate lousy programmers, so if I did suck, I'd be out of a job already.

Nice sterotyping though, really makes you sound like a non-judgemental person . . .

• Lummox (unregistered) in reply to arke
arke:

DaBookshah:
This is pretty much what I would have expected from someone studying computer science anyway. Those retards(mostly) have no clue.

I'm a CS Student myself but I really have to agree. Those that enter Computer Science without previous programming knowledge pretty much turn out to be the worst possible coders. I'm seriously glad to have learned C, x86 assembler, and several other things prior to enrolling.

• (cs) in reply to Erzengel
Anonymous:

Kehvarl:
What suprises me most is that no one else has pointed out that this form of password checking is -exactly- what we need to promote if we want to use movie-style character-by-character password cracking tools.

Exactly. Perhaps the student was making a password field like this because that's what decades (2 decades) of movies have been teaching him password fields should be like?

Movies have taught me a LOT of things about computers that aren't real and I don't think I would actually TRY.

• 11 year olds can kick start a completely unfamiliar mainframe system and save everyone from teh dinosaurs.
• a teenager can dial into NORAD with an acoustic coupler and almost set of WWWIII
• After shutting a computer down by unplugging it, it will magically suck all the power from the US power grid so it can continue to destroy superman.
• The grainiest, crappiest B&w photo can be "enhanced" to the point that you can count the hairs on a bug on someone's arm

• (cs) in reply to nixen

Anonymous:
Apart from the 3D thingies, this is so completely moronic that I have to call BS on it... who could ever, possibly, get the idea to postback a page between every single keystroke? You'd have to wait a second or two between every key you press..

Oh, you laugh, but do a search for some freely available "Live Search" code, like what you find on <a href="http://www.google.com/webhp?complete=1&hl=en">Google Suggest</a>.  Some implementations are utterly horrid, as in, "Gee, I think I'll hit my database every time someone types a character into the search field" horrid.

Ah, the lovely world of AJAX.

• (cs) in reply to arke
arke:

I'm a CS Student myself but I really have to agree. Those that enter Computer Science without previous programming knowledge pretty much turn out to be the worst possible coders. I'm seriously glad to have learned C, x86 assembler, and several other things prior to enrolling.

That's ridiculous.  You're basically saying "the worst coders are those that are still learning", sheesh.  Most people in the past had no chance of using computers before entering college, and even today there just really aren't good ways of learning to program before college. I don't think many high schools have good programming classes (I'm certain there are a lot of bad programming classes though), and they're certainly not prerequisites to going to college.  I was a teaching assistant in college and I spent a lot of time helping students unlearn bad habits.  The most difficult to teach students were those who thought they already knew it all.  College is a great place to learn, not a place to demonstrate what you aleady know.

That said, the WTF is why someone thinks a student assignment is worth a WTF.  If this was a professional and the application was intended for public use, I'd be surprised and amused.  But this was a student and the application was apparently written as a learning exercise.  Big surprise, someone with no experience makes mistakes typical of those with no experience.  Laughing at learners is a great way to encourage people to stay ignorant.

• (cs) in reply to Erzengel

"Perhaps the student was making a password field like this because that's what decades (2 decades) of movies have been teaching him password fields should be like?"

Possibly, but one would also assume that the student had also been exposed to some real-life actual password fields in his time, and would have noticed that none of them behaved anything like the one he came up with.

I understand the drive to discover new ways of doing things, but not unless one can justify how the old ways of doing things were inferior.

• Anonymous (unregistered) in reply to IceFreak2000
IceFreak2000:
`You've gotta love crap like this;`
• `Repeated casting of sender to TextBox via as - cast the object, test it and store it`

all in 28 lines of code. Genius!

Repeatedly casting the object isn't really a WTF. The

`object sender`
is never set within the body of the function and can therefore be considered final and as such the compiler can optimize the second cast away.

It might not be the most elegant thing to do, but it shouldn't cause any overhead... not multiple reference casts like that will be a noticeable performance bottleneck (that's what SQL's for! :p)

The use of the

`as`
operator can however be seen as bad form here since it'll cause a Null Pointer Exception if the sender object was not of type TextBox instead of causing a more appropriate casting exception reporting that sender was an incompatible type.

• Trick (unregistered) in reply to emurphy

Ironically, the code never even reaches the "if last character is correct then login" part, as previously noted.

Actually the final character would be validated in this code.

Lets say there is a 8 character password, the .Length function would return the number 8. But the string function is a zero-based counting system running from 0-7, instead of 1-8. So in his loop you start with 0, and increment 7 times ending before the length of 8.

And it's not hard to imagine a student writing their own string comparisions if his school is still teaching C++ instead of C#.

• (cs) in reply to tin

tin:
You're talking about a world where banks consider case-insensitive, fixed length passwords secure just because they make you include a number.

I agree - forcing a user to include a number in a password doesn't add that much security in reality. Most users just add 1 or 69 to the end of whatever word they wanted to use in the first place. At least that was the case when I worked part time in the computer lab while I was in university.

• (cs) in reply to Trick
Anonymous:

Ironically, the code never even reaches the "if last character is correct then login" part, as previously noted.

Actually the final character would be validated in this code.

Lets say there is a 8 character password, the .Length function would return the number 8. But the string function is a zero-based counting system running from 0-7, instead of 1-8. So in his loop you start with 0, and increment 7 times ending before the length of 8.

And it's not hard to imagine a student writing their own string comparisions if his school is still teaching C++ instead of C#.

Indeed, the last character is validated, but is not what decides if the login routine gets called or not (rather, it decides if the "Incorrect" label appears or not). Rather, login is called if i is equal to the string length (in your example, 8). Since the for loop only continues while i is less than that length, that condition can never be true (short of goto'ing into the for loop which is not only a WTF for using goto, but IIRC prohibited by most languages that even have goto). Even on the assumption that the condition could be true, the code subsequently compares the (again, using your example) possibly-nonexistant(*) 9th character of password to the nonexistant 9th character in the textbox. That comparison will undoubtedly throw an exception, because as you said the textbox character indexes would only exist from [0] to [7].

(*) = Another WTF is it never checks password.Length ...

• (cs) in reply to Anonymous

Anonymous:
Sadly, the University of Common Sense closed a long time ago, before this student could possibly enroll, due to "lack of interest."

WTFU, on the other hand, is clearly thriving (a party school, no doubt).

• (cs) in reply to gcon
Anonymous:
Tim Gallagher:
`private void txtHostname_KeyPress(object sender, KeyPressEventArgs e)`

Why is he comparing the password to the value in the Hostname textbox?

I bet someone mentioned "code reuse" without properly explaining it...

• woohoo (unregistered) in reply to unklegwar
unklegwar:
a teenager can dial into NORAD with an acoustic coupler and almost set of WWWIII

oh? whats "WWWIII", the world wide web 3(.0)? ;o))

• (cs) in reply to Kehvarl

Anonymous:
What suprises me most is that no one else has pointed out that this form of password checking is -exactly- what we need to promote if we want to use movie-style character-by-character password cracking tools.

Indeed!

• Rich (unregistered) in reply to Erzengel
Anonymous:

For people complaining about it being student code: Would you have less trouble with the concept if it was called "From the keyboards of babes"? (As in "from the mouth of babes" as in children, not attractive females.)

I demand  the posting of invalid code written by attractive females.

Waiting patiently...

Rich

• woohoo (unregistered)

OMG...

The coding WTFs aside (it's from a student after all...) - it just hit me what poor a Java-rip-off C# is... I mean, they started this more than 4 years after the first Java version, were able to study the (sometimes obvious) Java weaknesses and came up with nothing better than *this*?

Granted, there are some major API-WTFs in Java (think e.g. mutable java.util.Date) - but this looks nearly 100% like Java apart from stuff like the "as"-keyword straight from VB hell... and speaking of hell: I find myself in capitalization hell... how am I supposed to tell apart types/classes from attributes/properties in expressions like TextBox.Text.Length?

Oh, wait... I bet there's nothing like inner classes, so anything that's not on the far left of an expression with multiple dots can't ever be a type. right? I only hope that theres no "feature" like the one I remember dimly from VBA where you can leave out the parentheses from function calls in case of empty pararameter lists. The editor even forcibly *removed* them, even when one insisted on typing them to improve readability...

• Utunga (unregistered) in reply to SM

Yes, interesting. I think this was because they didn't realise you were being sarcastic/rhetorical.. </droll>

• ang (unregistered) in reply to alunharford

Shock news: Somebody studying for a BSc, with (presumably) no security knowledge, or training, and little experience of coding generally, writes crap security code.

Poor design and security holes have nothing to do with coding and, at this level, little to do with training or even practical experience.  Being a good programmer requires an aptitude for thinking logically that this individual clearly lacks.  I do want someone with poor logic and problem solving skills to fail a CS program.   They don't belong in this industry and I'm quite tired of interviewing them.

• OLD SKOOL (unregistered) in reply to mustache
Anonymous:
arke:

DaBookshah:
This is pretty much what I would have expected from someone studying computer science anyway. Those retards(mostly) have no clue.

I'm a CS Student myself but I really have to agree. Those that enter Computer Science without previous programming knowledge pretty much turn out to be the worst possible coders. I'm seriously glad to have learned C, x86 assembler, and several other things prior to enrolling.

And as a computer science student, you'll know that computer science isn't really about programming.

Its not exclusively about programming... but CS should cover a lot of programming subjects. You should at least be able to code in C/C++/Java/C# at the end of a CS degree, you should probably have a basic understanding of at least one assembly language too...

I actually did an IT degree, because i didnt score enough in high-school-english to get into CS (yeah, that makes sense!). I majored in SW Engineering tho so I could still do a lot of the subjects that the CS guys were doing, the funny part is that I was the one that they came to for help with their programming assignments!

• PHP Coder (unregistered) in reply to spacedman
spacedman:

The real WTF is that this should have been implemented using AJAX techniques...

No it isn't.

Plz stop using the phrase  "The real WTF is..."

Richard Nixon:

DaBookshah:
This is pretty much what I would have expected from someone studying computer science anyway. Those retards(mostly) have no clue.

This isn't a code snippet, it qualifies as a front page story.

Would one of the moderators delete the comment I have quoted; it is nothing but flamebait, adds nothing to the discussion, and says more about the person who posted it than anything related to this article.

sincerely,
Richard Nixon

Oh lighten up will you? Take a freaking joke, dont get all high and mighty and offended because somebody on the internet made a comment in jest.

I actually find your comment more degrading than the one you refer to!

Anonymous:

So is it lonely up there on your pedastool?

Not all of us have the privilege of industry experience before going into the program you know.  I had some minor experience in high school before entering the program in college (which I started as a computer engineer and switched to computer science), and I'm now a programmer for a large e-commerce site, and am by no means one of the "worst possible coders."  And to be honest, the company I work for doesn't tolerate lousy programmers, so if I did suck, I'd be out of a job already.

Nice sterotyping though, really makes you sound like a non-judgemental person . . .

He wasn't talking about industry experience, just about dabbling with the subject yourself before jumping in the deep end. If you had minor high school experience then that should count as dabbling...

As for the stereotyping, again - lighten up! Stop taking everything so seriously, perhaps, if you really tried hard enough, you could see it as a joke, and you know... laugh!

Anonymous:

That's funny.  My experiences have been the opposite.  And as for this being a front page story, I would suggest going to school so you can learn about paying attention and reading.  If you had those abilities, you would have noticed that Alex does not consider picking on students to be in good form.

Yep, someone makes a humorous mocking comment so instead of laughing at it you decide to throw insults at the poster... real good form.

CodeRage:

We have a winner for the most ignorant comment of the day!

Isn't it ignorant to assume that someone's anecdotal generalisation was an expression of their sincere beliefs?

I doubt that DaBookshah thinks that all CS students are retards; any sane person should be able to see that he is talking about the few CS students that he personally knows being bad coders, to take this as an attack on CS students everywhere is very ignorant.

Anonymous:
Really, this seems in somewhat bad form.  Is the supply of bad code snippets getting so thin that we have to resort to picking on student code to get our yuks?  I'm sure that everyone reading this site probably wrote something equally horrendous when they were, themselves, learning to program.  That's not amusing, it's just learning.  At best, it's cute, "Awww, wook what the poor wittle student wrote!"  At worst?  A non-event.  It's not a shame, it's called LEARNING.

Its the snippet of the day... If you want daily code snippets then what's wrong with taking student code? As you said, the student would have learned from this mistake, so by posting it here for everyone to read, perhaps some of the readers will also learn from this guys mistake...

batman

• (cs) in reply to woohoo
Anonymous:

OMG...

The coding WTFs aside (it's from a student after all...) - it just hit me what poor a Java-rip-off C# is... I mean, they started this more than 4 years after the first Java version, were able to study the (sometimes obvious) Java weaknesses and came up with nothing better than *this*?

Granted, there are some major API-WTFs in Java (think e.g. mutable java.util.Date) - but this looks nearly 100% like Java apart from stuff like the "as"-keyword straight from VB hell... and speaking of hell: I find myself in capitalization hell... how am I supposed to tell apart types/classes from attributes/properties in expressions like TextBox.Text.Length?

Oh, wait... I bet there's nothing like inner classes, so anything that's not on the far left of an expression with multiple dots can't ever be a type. right? I only hope that theres no "feature" like the one I remember dimly from VBA where you can leave out the parentheses from function calls in case of empty pararameter lists. The editor even forcibly *removed* them, even when one insisted on typing them to improve readability...

Insert useless BS "My language is better than your language" war here.

Nice post.