- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
What does dec2hex(-1) or bin2hex(2222) return?
Admin
Else?
Admin
Nice idea, but shame on you for introducing magic strings! Make that a constant...
return STR_EXCEPTION_WEREBONED;
brill***!
Admin
There are 10 kinds of programmers:
Those who know binary numbers and those who don't.
Admin
You're right, "hex_digit_decimal_value" might have been better. But, at that point, I'm not sure the name "hex2dec" is actually wrong. It's just focused on hex digits instead of full hex numbers.
But, my point was, people are asking how it should handle an input of "11" -- and the answer is: it shouldn't. That's not a valid hex digit, and clearly this function is about getting the value of a hex digit.
Still leaves the poor error handling though.
Admin
No it is not prepared for the quantum computer. It just makes it a little easier for the programmer who has to port to a quantum computer to know where the extra work must be done.
// remember this following is only checking 4 bits
Case "AC" // 1xy1 x!= y
hex2dec = "alternating current"
Case "CD" // 110x
hex2dec = "Good bluegrass music"
Case "ABCDEF" // 1xyz At least one of x,y must be set
hex2dec="Good start learning your alphabit"
Case Else
hex2dec = "Error, unexpected negative bit"
Admin
Negative information != negative numbers.
Does anyone really think that scientists are excited because they discovered a way to represent negative numbers?
The link given to 'explain' this was absolutely worthless.
I assume the original few posts about 'quantum' numbers were jokes but just in case people think that qubits have three values, that is not the case. qubits have the ability to represent both on and off simultaneously. The applications of this (if they are feasible) are profound. They are much more useful than tri-state switches.
Admin
There are 11 kinds of programmers:
Those who know binary, those who don't and those that are forced to write wtf code due to departmental policy (no try/catch/finally blocks)
Admin
I assume that this is your current situation. Do you work for Joel Spolsky? How does the code base look?
Admin
And when a method that's supposed to return only 1s and 0s returns "2222", you know something went wrong.
The developer would still have to know what String the code returns on a error. Whether it's "SYNTAX ERROR" or "2222" doesn't change that. -1 is also a number pulled out of someones ass. It's just an older ass.
Admin
"What is this Paula that you speak of?"
-dZ.
<font size="2">(Sorry, I promise I won't do it again. :)</font>
Admin
They're Hexits... nobody has 16 fingers (normally).
dZ.
Admin
If you are going to be correctly pedantic, then it is best to be correctlyly pedanticly, or something. They're Hexits, since humans with 16 fingers are rare.
dZ.
Admin
<FONT face="Courier New" size=2>alright. here's the deal with joel on software's discussion of try/catch/finally blocks.</FONT>
<FONT face="Courier New" size=2>1. they can be abused. i've seen code by "java" developers which use try/catch to do crazy things, such as handling algorithm logic. for example, suppose:</FONT>
<FONT face="Courier New" size=2>try
{
doSomething() ;
}
catch (userDefinedException e)
{
handleEdgeCase(e) ;
}</FONT>
<FONT face="Courier New" size=2>etc. so, instead of handling *real* exceptions that can occur "exceptionally" (as they were intended to be used) exception objects are abused in lieu of thinking about the algorithm you're coding.</FONT>
<FONT face="Courier New" size=2>2. for more complex systems, error AND exception handling should be considered as part of the overall design, to make the program more secure, more robust. even if used properly, the exception handling mechanism java provides may not be suitable for the system as a whole. for example, it may make sense to handle an array out of bounds exception in a different way depending on what part of the system is executing. sometimes, that's a fatal error so the program should stop, and dump an error log, etc. other times you'll want it to handle it a certain way in the context of the code that was running it. it's different for every application.</FONT>
Admin
Now that's BRILLIANT! That's the funniest thing I think I 've read on this board.
Admin
I have not disagreement with what you are saying above. However, it's not remotely close to what Joel Spolsky says.
I quote(underlining mine): http://www.joelonsoftware.com/items/2003/10/13.html
People have asked why I don't like programming with exceptions. In both Java and C++, my policy is:
Later in the article:
A better alternative is to have your functions return error values when things go wrong, and to deal with these explicitly, no matter how verbose it might be.
I don't see any qualifications.
Admin
Why do I end up with a 't' on the end of my 'no's? The 't' isn't even close to the 'n' or the 'o'.
Admin
I'm glad you enjoyed it.
Admin
According to Webster's:
1 a : any of the Arabic numerals 1 to 9 and usually the symbol 0 b : one of the elements that combine to form numbers in a system other than the decimal system
Admin
I assume this should be directed at Joel, but I'm sure I won't get many supporters here:
People refer to many circumstances, in Java development, where it's features/defects can be abused, when this is true for any language. In Perl, regexps and default parameters ($_) are abused. In JavaScript, ANY use of regexp is abuse. In any OO language, inheritance can be abused (incl. multiple inheritance). C++ typedefs are abused. Quite often it's the fault of the mediocre programmer who is doing the abusing, not the language in which it's allowed. For the love of god, stop blaming the language and start learning how to use it appropriately and intelligently. And yes, "Brillantly."
Admin
All right, smart guy, develop a client-side email syntax verification function without using regexps.
I'll get you started:
function looks_like_an_email_address_to_me_bob(email)
{
var ok; // Step 1: Collect underpants
// Step 2: ?
return ok; // Step 3: Profit!
}
Admin
I've been trying to figure out how I will get rich. You've gotten me two-thirds of the way there. Thank you, sir.
Admin
That's the true power of consultants: even long after they're gone, you still remember what they did [:D]
Admin
<FONT face="Courier New" size=2>admittedly, i didn't remember the article verbatim, and it's truly one of more cracked up things i've seen on that site.</FONT>
<FONT face="Courier New" size=2>[:P] he's totally wrong on this one. one of the most annoying things is to run across code that needs to be mantained in parallel with some other code elsewhere. this certainly produces that kind of code everytime somebody wants to use the function that returns 20 different kind of error codes. change the error code in the original function, and viola! annoying bug to discover and trace.</FONT>
<FONT face="Courier New" size=2>of course, the same can be done in java, if you rely on the catch-all exception and let exceptions you don't catch bubble up into different parts of the code. </FONT>
Admin
I think we are of the same mind on this. But I don't think there is any question in the minds of developers that have used them effectively or seen them use effectively that Exceptions are completely superior to return codes when they are appropriate. There are cases I can think of like Integer.parseInt() that I wish had non-exception error codes (unfortunately, it's hard to do cleanly in Java without making the return type long.)
But I think in short, it's a hell of a lot easier to deal with the error path as a special case in code. Also, return codes assume that every layer is handling the errors perfectly. If one layer drops the ball, you are screwed. If someone forgets to deal with an exception, at least you'll what went wrong.
It's also really dumb that he refers to OUT parameters as an alternative in Java. Reeeeaally....
Admin
<FONT face="Courier New" size=2>i still find it amazing perl has the popularity it does in real-world software. on the scale of maintable code, perl falls somewhere between Magic and FORTRAN.</FONT>
<FONT face="Courier New" size=2>http://jobs.perl.org/job/2885</FONT>
<FONT face="Courier New" size=2>if i ever meet someone who writes perl programs to control medical machinery i'm going to render them completely incapable of providing input into a computer.</FONT>
Admin
According to the Jargon File:
hexit /hek'sit/ /n./ A hexadecimal digit (0--9, and A--F or a--f). Used by people who claim that there are only *ten* digits, dammit; sixteen-fingered human beings are rather rare, despite what some keyboard designs might seem to imply (see space-cadet keyboard).
http://www.jargon.net/jargonfile/h/hexit.html
Pity. Can you look up "joke"?
dZ.
Admin
Generally, jokes should be funny.
Admin
It is indeed very funny, but you mis-spelled BRILLANT!
Admin
Precisely my point. They, and many other features of many different programming languages are very powerful and useful. The trick is to avoid discounting the language simply because you can make an ass out of yourself with it.
P.S.
I don't validate on the client.
Admin
Quote of the day
Admin
even if the programmer is Larry Wall ?
Admin
Ah, missed your point, sorry (/me adjusts sarcasm detector)
I do.
I think of this as a convenience to the user rather than as a legitimate security measure, of course. I don't trust an HTTP request as far as I can throw it, regardless of any javascript I send out.
Admin
Admin
HAHA, "Scary Larry." I fear no geek.
Admin
I hope you're not a web application developer if you trust HTTP requests. I can send your server anything I like, bypassing all your validation stuff. SSL is orthogonal to the content of the request, and therefore irrelevant, since I can establish an SSL connection and then inject a HTTP request of my choice into the SSL-encapsulated stream. If you're trusting the client to only send you valid data, you're going to get hacked.
Admin
Generally.
dZ.
Admin
I'm just giving you a hard time. I was going to say something to a similar effect but I decided to look it up. It's one of those words where misuse becomes the standard.
I was thinking though, if digit implies 10, wouldn't it be 'hexidigit'?
Admin
I didn't say I don't validate. I said I don't on the client. Any reasonable person thinking prudently likely would have guessed.
Admin
<FONT face="Courier New" size=2>http://artsyfartsy.undef.com:3000/237.l.jpg</FONT>
<FONT face="Courier New" size=2>that image is all i have to say about that.</FONT>
Admin
No, but our departmental policy document looks suspiciously like a collection of joelonsoftware best practices.
Admin
You point the person who maintains this to the hundreds of blgs where this 'no exceptions' practice is lambasted.
So, the other question. How does the source look? Do you think this policy is working out?
Admin
I really can't buy into this policy, as it seems you can't. If you don't, at some point, assume that you're getting a well formed request, whether it be a completely populated object or an XML document, you can find yourself replicating the same validation in multiple layers of your application.
Admin
The codebase is not too bad - since a lot of it is mine. However, eliminating 'structured error handling' forces us to mingle error and normal method return values. This in turn ripples out to the callers having to handle the potential error before using the value...
Admin
I disaggree. Likely the program will uses these functions to convert larger hex numbers into binary.
The code could look like that
bin = "" for i = 1 to len(hex) bin = bin & hex2bin(mid(hex,i,1)) next
and that would cause errors that are hard to notice, e.g. when you translate "0123a72951" and a is invalid because it should be upper case.
Admin
Why not validate both on the client and the server? If the client does not handle the JavaScript (or other validation mechanism), there's no gain or loss, but in the event that the client will validate locally, you've saved a round trip to the server.
Obviously, you don't rely on the client, hence you don't trust HTTP requests at all, but what's so bad about failing a request locally rather than round-tripping for a failure (especially when your clients are on high-latency connections, so that a round trip is 500ms->1 second).
Admin
If you validate on the server, then you have to test/debug only on one platform. (usually)
If you validate on the client, then you have to test/debug on various platforms (usually), and you won't be sure if it will work on newer browser versions, that may be published during the lifecycle of your app.
So actually you have a lot more work to do, if you decide to validate on the client. For security you already have to validate on the server, so the only benefit I can see, is a slightly more responsive Client App (if it works as expected), but I also see a great risk for a lot of frustrated users/customers (if it does not work as expected).
Hence, the reasons to write this kind of on-client-validation code have to be very convincing for me to undertake this endeavor.
cu
Admin
This is why I make sure my client-side validation code is valid ECMA script... that falls through intelligently if active scripting is disabled... and I test it in any browser with > 5% market share.
If a browser with less than 5% market share doesn't comply with ECMA, the user is on their own and gets no support from me.
Admin
I'm surprised that it would even compile with a reserved name, HEX, being used.
<FONT face="Courier New">Function hex2dec(parmHexChar) As Integer 'typing is a good thing
Select Case UCase(parmHexChar)
Case </FONT><FONT face="Courier New">"0" To "9" 'place most frequent value checks first for good perf.
hex2dec = CInt(parmHexChar)
Case "A" To "F"
hex2dec = CInt("&h" & parmHexChar) 'or ="&h" & parmHexChar
</FONT><FONT face="Courier New">Case Else
</FONT><FONT face="Courier New"><FONT color=#000000> hex2dec = -1
<FONT color=#0000ff>Err</FONT>.Raise -1 'or some proper error alerting</FONT>
End Function</FONT>
Admin
Aas funny as all these posts are, the "strange" values are simple used to indicate that an error occured that shouldn't have occured.