• (cs) in reply to Mung Kee
    Mung Kee:
    What?  no dec2hex() or bin2hex()?

    What does dec2hex(-1) or bin2hex(2222) return?
  • (cs) in reply to Caffeine

    Else?

  • PACE (unregistered) in reply to David
    Anonymous:

    Anonymous:
    > Why not "oh shit"

    Oooo I like I like!!!!  Im gonna start using that one ... reminds me of the alternative try/catch/finally standard I read somewhere


    Try
    Doh!
    Woohoo!

    he he :D

     

    Haha, you could use varying error phrases to indicate how serious the error is.  It could vary from "Aw Darn" to "Well Crap" to "...We're boned." 

     

    Hmm...I think once I ever actually program something with exceptions Im definitely gonna have to throw in a wereBonedException class. 



    Nice idea, but shame on you for introducing magic strings! Make that a constant...

    return STR_EXCEPTION_WEREBONED;

    brill***!
  • (cs)

    There are 10 kinds of programmers:
    Those who know binary numbers and those who don't.

  • John (unregistered) in reply to Gene Wirchenko
    Gene Wirchenko:
    Anonymous:
    Of course, if that were the case, I would expect that instead of "hex2dec", the submitted code would be called something like "hexdigit2decdigit", and then the above code would be called "hex2dec" instead of "some_larger_routine".

    How does hex digit B convert to a decimal digit?

    If you are going to be pedantic, it is best to be correctly pedantic.  Otherwise, the effect is lost.

    You're right, "hex_digit_decimal_value" might have been better. But, at that point, I'm not sure the name "hex2dec" is actually wrong. It's just focused on hex digits instead of full hex numbers.

    But, my point was, people are asking how it should handle an input of "11" -- and the answer is: it shouldn't. That's not a valid hex digit, and clearly this function is about getting the value of a hex digit.

    Still leaves the poor error handling though.

  • (cs)


    I can honestly say that I've never seen code that is actually prepared to run a quantum computer, where binary just isn't as simple as 1's and 0's ...



    No it is not prepared for the quantum computer.   It just makes it a little easier for the programmer who has to port to a quantum computer to know where the extra work must be done.  

    // remember this following is only checking 4 bits
    Case "AC"   // 1xy1  x!= y
      hex2dec = "alternating current"
    Case "CD"  // 110x
      hex2dec = "Good bluegrass music"
    Case "ABCDEF" // 1xyz At least one of x,y must be set
      hex2dec="Good start learning your alphabit"
    Case Else
      hex2dec = "Error, unexpected negative bit"
  • (cs) in reply to tim

    Anonymous:

    The quantum bit -1 doesn't seem to have a pair. There's 0 and 1 but only -1. What's it's opposite? -0?

    Negative information != negative numbers.

    Does anyone really think that scientists are excited because they discovered a way to represent negative numbers?

    The link given to 'explain' this was absolutely worthless.

    I assume the original few posts about 'quantum' numbers were jokes but just in case people think that qubits have three values, that is not the case.  qubits have the ability to represent both on and off simultaneously.  The applications of this (if they are feasible) are profound.  They are much more useful than tri-state switches.

  • (cs) in reply to chb
    chb:
    There are 10 kinds of programmers:
    Those who know binary numbers and those who don't.

    There are 11 kinds of programmers:
    Those who know binary, those who don't and those that are forced to write wtf code due to departmental policy (no try/catch/finally blocks)

  • (cs) in reply to Caffeine

    Caffeine:
    chb:
    There are 10 kinds of programmers:
    Those who know binary numbers and those who don't.

    There are 11 kinds of programmers:
    Those who know binary, those who don't and those that are forced to write wtf code due to departmental policy (no try/catch/finally blocks)

    I assume that this is your current situation.  Do you work for Joel Spolsky?  How does the code base look?

  • (cs) in reply to joe_bruin
    Anonymous:
    dubwai:

    Anonymous:
    as far as i'm concerned, the second function is perfectly valid.  -1 is a value that cannot be stored in a hex digit, and is a good way to return an error.  sure, the author was a bit daft, but i wouldn't call security to escort him out of the building if i saw it in my codebase.

    the first function, on the other hand, subscribes to the theory of "if i find an error, i'll just silently introduce more errors into the data".  deserving of a reprimand, but still not a fireable offence.  i just hope the fucker who wrote this is not making more than i am.

    I don't see why -1 is a better return code than 2222.  2222 cannot be stored in a hex digit either.  Perhaps from a convention standpoint it's better but not fundamentally.



    -1 is an integer.  When a function that's supposed to return a positive integer returns a negative one, you know something went wrong.

    And when a method that's supposed to return only 1s and 0s returns "2222", you know something went wrong.

    Anonymous:
    This is a common convention in many of the UNIX APIs.  "2222" is a random string the guy pulled out of his ass.  there is no sane error convention in which a random string is returned as an error.  Why not "oh shit" or "SYNTAX ERROR"?  Is the user supposed to guess, or must he read the code to find all possible error return strings (I didn't happen to see any comments).  NULL, or "", or whatever the favored VB equivalent is, would have been the right thing to return.

    The developer would still have to know what String the code returns on a error.  Whether it's "SYNTAX ERROR" or "2222" doesn't change that.  -1 is also a number pulled out of someones ass.  It's just an older ass.

  • (cs) in reply to Mung Kee
    Mung Kee:
    Anonymous:

    Ross Day:
    rogthefrog:
    I guess -1-1-1-1 wouldn't work.


    -4?

    <font size="3">Brillant!</font>

     

    Sorry...someone had to say it...


    That one will live on for quite a while.  Thanks Paula!


    "What is this Paula that you speak of?"

        -dZ.

    <font size="2">(Sorry, I promise I won't do it again. :)</font>
  • (cs) in reply to joe_bruin
    Anonymous:
    as far as i'm concerned, the second function is perfectly valid.  -1 is a value that cannot be stored in a hex digit, and...


    They're Hexits... nobody has 16 fingers (normally).

        dZ.
  • (cs) in reply to Gene Wirchenko
    Gene Wirchenko:
    Anonymous:
    Of course, if that were the case, I would expect that instead of "hex2dec", the submitted code would be called something like "hexdigit2decdigit", and then the above code would be called "hex2dec" instead of "some_larger_routine".


    How does hex digit B convert to *a* decimal digit?

    If you are going to be pedantic, it is best to be correctly pedantic.  Otherwise, the effect is lost.

    Sincerely,

    Gene Wirchenko



    If you are going to be correctly pedantic, then it is best to be correctlyly pedanticly, or something.  They're Hexits, since humans with 16 fingers are rare.

        dZ.
  • (cs) in reply to dubwai

    dubwai:
    I assume that this is your current situation.  Do you work for Joel Spolsky?  How does the code base look?

    <FONT face="Courier New" size=2>alright.  here's the deal with joel on software's discussion of try/catch/finally blocks.</FONT>

    <FONT face="Courier New" size=2>1. they can be abused.  i've seen code by "java" developers which use try/catch to do crazy things, such as handling algorithm logic.  for example, suppose:</FONT>

    <FONT face="Courier New" size=2>try
    {
        doSomething() ;
    }
    catch (userDefinedException e)
    {
        handleEdgeCase(e) ;
    }</FONT>

    <FONT face="Courier New" size=2>etc.  so, instead of handling *real* exceptions that can occur "exceptionally" (as they were intended to be used) exception objects are abused in lieu of thinking about the algorithm you're coding.</FONT>

    <FONT face="Courier New" size=2>2. for more complex systems, error AND exception handling should be considered as part of the overall design, to make the program more secure, more robust.  even if used properly, the exception handling mechanism java provides may not be suitable for the system as a whole.  for example, it may make sense to handle an array out of bounds exception in a different way depending on what part of the system is executing.  sometimes, that's a fatal error so the program should stop, and dump an error log, etc.  other times you'll want it to handle it a certain way in the context of the code that was running it.  it's different for every application.</FONT>

  • (cs) in reply to dubwai

    dubwai:
    -1 is also a number pulled out of someones ass.  It's just an older ass.

    Now that's BRILLIANT!  That's the funniest thing I think I 've read on this board.

  • (cs) in reply to emptyset
    emptyset:

    dubwai:
    I assume that this is your current situation.  Do you work for Joel Spolsky?  How does the code base look?

    <FONT face="Courier New" size=2>alright.  here's the deal with joel on software's discussion of try/catch/finally blocks.</FONT>

    <FONT face="Courier New" size=2>1. they can be abused.  i've seen code by "java" developers which use try/catch to do crazy things, such as handling algorithm logic.  for example, suppose:</FONT>

    <FONT face="Courier New" size=2>[snip]</FONT>

    <FONT face="Courier New" size=2>2. for more complex systems, error AND exception handling should be considered as part of the overall design, to make the program more secure, more robust.  even if used properly, the exception handling mechanism java provides may not be suitable for the system as a whole.  for example, it may make sense to handle an array out of bounds exception in a different way depending on what part of the system is executing.  sometimes, that's a fatal error so the program should stop, and dump an error log, etc.  other times you'll want it to handle it a certain way in the context of the code that was running it.  it's different for every application.</FONT>

    I have not disagreement with what you are saying above.  However, it's not remotely close to what Joel Spolsky says.

    I quote(underlining mine): http://www.joelonsoftware.com/items/2003/10/13.html

    People have asked why I don't like programming with exceptions. In both Java and C++, my policy is:

    1. Never throw an exception of my own
    2. Always catch any possible exception that might be thrown by a library I'm using on the same line as it is thrown and deal with it immediately.

    Later in the article:

    A better alternative is to have your functions return error values when things go wrong, and to deal with these explicitly, no matter how verbose it might be.

    I don't see any qualifications.

  • (cs) in reply to dubwai

    dubwai:
    I have not disagreement with what you are saying above.

    Why do I end up with a 't' on the end of my 'no's?  The 't' isn't even close to the 'n' or the 'o'.

  • (cs) in reply to JohnO
    JohnO:

    dubwai:
    -1 is also a number pulled out of someones ass.  It's just an older ass.

    Now that's BRILLIANT!  That's the funniest thing I think I 've read on this board.

    I'm glad you enjoyed it.

  • (cs) in reply to DZ-Jay

    DZ-Jay:
    Anonymous:
    as far as i'm concerned, the second function is perfectly valid.  -1 is a value that cannot be stored in a hex digit, and...


    They're Hexits... nobody has 16 fingers (normally).

        dZ.

    According to Webster's:

    1 a : any of the Arabic numerals 1 to 9 and usually the symbol 0 b : one of the elements that combine to form numbers in a system other than the decimal system

  • (cs) in reply to emptyset
    emptyset:

    dubwai:
    I assume that this is your current situation.  Do you work for Joel Spolsky?  How does the code base look?

    <font face="Courier New" size="2">alright.  here's the deal with joel on software's discussion of try/catch/finally blocks.</font>

    <font face="Courier New" size="2">1. they can be abused.  i've seen code by "java" developers which use try/catch to do crazy things, such as handling algorithm logic.  for example, suppose:</font>

    <font face="Courier New" size="2">try
    {
        doSomething() ;
    }
    catch (userDefinedException e)
    {
        handleEdgeCase(e) ;
    }</font>

    <font face="Courier New" size="2">etc.  so, instead of handling *real* exceptions that can occur "exceptionally" (as they were intended to be used) exception objects are abused in lieu of thinking about the algorithm you're coding.</font>

    <font face="Courier New" size="2">2. for more complex systems, error AND exception handling should be considered as part of the overall design, to make the program more secure, more robust.  even if used properly, the exception handling mechanism java provides may not be suitable for the system as a whole.  for example, it may make sense to handle an array out of bounds exception in a different way depending on what part of the system is executing.  sometimes, that's a fatal error so the program should stop, and dump an error log, etc.  other times you'll want it to handle it a certain way in the context of the code that was running it.  it's different for every application.</font>



    I assume this should be directed at Joel, but I'm sure I won't get many supporters here:
    People refer to many circumstances, in Java development, where it's features/defects can be abused, when this is true for any language. In Perl, regexps and default parameters ($_) are abused.  In JavaScript, ANY use of regexp is abuse.  In any OO language, inheritance can be abused (incl. multiple inheritance).  C++ typedefs are abused.  Quite often it's the fault of the mediocre programmer who is doing the abusing, not the language in which it's allowed.  For the love of god, stop blaming the language and start learning how to use it appropriately and intelligently.  And yes, "Brillantly."
  • (cs) in reply to Mung Kee
    Mung Kee:
    In JavaScript, ANY use of regexp is abuse.


    All right, smart guy, develop a client-side email syntax verification function without using regexps.

    I'll get you started:

    function looks_like_an_email_address_to_me_bob(email)
    {
        var ok; // Step 1: Collect underpants

        // Step 2: ?

        return ok; // Step 3: Profit!
    }
  • (cs) in reply to Maurits

    Maurits:

    // Step 1: Collect underpants
    // Step 2: ?
    // Step 3: Profit!

    I've been trying to figure out how I will get rich.  You've gotten me two-thirds of the way there.  Thank you, sir.

  • (cs) in reply to Mung Kee

    That one will live on for quite a while.  Thanks Paula!

    That's the true power of consultants: even long after they're gone, you still remember what they did [:D]

  • (cs) in reply to dubwai
    dubwai:
    Later in the article:

    A better alternative is to have your functions return error values when things go wrong, and to deal with these explicitly, no matter how verbose it might be.

    I don't see any qualifications.

    <FONT face="Courier New" size=2>admittedly, i didn't remember the article verbatim, and it's truly one of more cracked up things i've seen on that site.</FONT>

    <FONT face="Courier New" size=2>[:P] he's totally wrong on this one.  one of the most annoying things is to run across code that needs to be mantained in parallel with some other code elsewhere.  this certainly produces that kind of code everytime somebody wants to use the function that returns 20 different kind of error codes.  change the error code in the original function, and viola!  annoying bug to discover and trace.</FONT>

    <FONT face="Courier New" size=2>of course, the same can be done in java, if you rely on the catch-all exception and let exceptions you don't catch bubble up into different parts of the code.  </FONT>

  • (cs) in reply to emptyset
    emptyset:
    dubwai:
    Later in the article:

    A better alternative is to have your functions return error values when things go wrong, and to deal with these explicitly, no matter how verbose it might be.

    I don't see any qualifications.

    <FONT face="Courier New" size=2>admittedly, i didn't remember the article verbatim, and it's truly one of more cracked up things i've seen on that site.</FONT>

    <FONT face="Courier New" size=2>[:P] he's totally wrong on this one.  one of the most annoying things is to run across code that needs to be mantained in parallel with some other code elsewhere.  this certainly produces that kind of code everytime somebody wants to use the function that returns 20 different kind of error codes.  change the error code in the original function, and viola!  annoying bug to discover and trace.</FONT>

    <FONT face="Courier New" size=2>of course, the same can be done in java, if you rely on the catch-all exception and let exceptions you don't catch bubble up into different parts of the code.  </FONT>

    I think we are of the same mind on this.  But I don't think there is any question in the minds of developers that have used them effectively or seen them use effectively that Exceptions are completely superior to return codes when they are appropriate.  There are cases I can think of like Integer.parseInt() that I wish had non-exception error codes (unfortunately, it's hard to do cleanly in Java without making the return type long.)

    But I think in short, it's a hell of a lot easier to deal with the error path as a special case in code.  Also, return codes assume that every layer is handling the errors perfectly.  If one layer drops the ball, you are screwed.  If someone forgets to deal with an exception, at least you'll what went wrong.

    It's also really dumb that he refers to OUT parameters as an alternative in Java.  Reeeeaally....

  • (cs) in reply to Mung Kee

    Mung Kee:

    Quite often it's the fault of the mediocre programmer who is doing the abusing, not the language in which it's allowed.  For the love of god, stop blaming the language and start learning how to use it appropriately and intelligently.  And yes, "Brillantly."

    <FONT face="Courier New" size=2>i still find it amazing perl has the popularity it does in real-world software.  on the scale of maintable code, perl falls somewhere between Magic and FORTRAN.</FONT>

    <FONT face="Courier New" size=2>http://jobs.perl.org/job/2885</FONT>

    <FONT face="Courier New" size=2>if i ever meet someone who writes perl programs to control medical machinery i'm going to render them completely incapable of providing input into a computer.</FONT>

  • (cs) in reply to dubwai
    dubwai:

    DZ-Jay:
    Anonymous:
    as far as i'm concerned, the second function is perfectly valid.  -1 is a value that cannot be stored in a hex digit, and...


    They're Hexits... nobody has 16 fingers (normally).

        dZ.

    According to Webster's:

    1 a : any of the Arabic numerals 1 to 9 and usually the symbol 0 b : one of the elements that combine to form numbers in a system other than the decimal system



    According to the Jargon File:

    hexit /hek'sit/ /n./ A hexadecimal digit (0--9, and A--F or a--f). Used by people who claim that there are only *ten* digits, dammit; sixteen-fingered human beings are rather rare, despite what some keyboard designs might seem to imply (see space-cadet keyboard).

    http://www.jargon.net/jargonfile/h/hexit.html

    Pity.  Can you look up "joke"?

        dZ.

  • (cs) in reply to DZ-Jay

    DZ-Jay:


    Pity.  Can you look up "joke"?

        dZ.

    Generally, jokes should be funny.

  • (cs) in reply to JohnO
    JohnO:

    dubwai:
    -1 is also a number pulled out of someones ass.  It's just an older ass.

    Now that's BRILLIANT!  That's the funniest thing I think I 've read on this board.



    It is indeed very funny, but you mis-spelled BRILLANT!


  • (cs) in reply to Maurits
    Maurits:
    Mung Kee:
    In JavaScript, ANY use of regexp is abuse.


    All right, smart guy, develop a client-side email syntax verification function without using regexps.

    I'll get you started:

    function looks_like_an_email_address_to_me_bob(email)
    {
        var ok; // Step 1: Collect underpants

        // Step 2: ?

        return ok; // Step 3: Profit!
    }


    Precisely my point.  They, and many other features of many different programming languages are very powerful and useful.  The trick is to avoid discounting the language simply because you can make an ass out of yourself with it. 

    P.S.
    I don't validate on the client.
  • (cs) in reply to emptyset
    emptyset:
    <font face="Courier New" size="2">...i'm going to render them completely incapable of providing input into a computer.</font>


    Quote of the day
  • ac (unregistered) in reply to emptyset
    emptyset:

    <font face="Courier New" size="2">if i ever meet someone who writes perl programs to control medical machinery i'm going to render them completely incapable of providing input into a computer.</font>


    even if the programmer is Larry Wall ?
  • (cs) in reply to Mung Kee
    Mung Kee:

    Precisely my point.


    Ah, missed your point, sorry (/me adjusts sarcasm detector)

    Mung Kee:

    I don't validate on the client.


    I do.

    I think of this as a convenience to the user rather than as a legitimate security measure, of course.  I don't trust an HTTP request as far as I can throw it, regardless of any javascript I send out.
  • (cs) in reply to Maurits
    Maurits:
    Mung Kee:

    Precisely my point.


    Ah, missed your point, sorry (/me adjusts sarcasm detector)
    The point being that there are legitimate applications of a specific feature but anything can be abused.
    Mung Kee:

    I don't validate on the client.


    I do.

    I think of this as a convenience to the user rather than as a legitimate security measure, of course.  I don't trust an HTTP request as far as I can throw it, regardless of any javascript I send out.
    It's not about security.  It's about separation of business rules and presentation layer.   If I were concerned about security for a given application I would simply use SSL.  I hope you're not a web application developer, with that level of distrust for HTTP.




  • (cs) in reply to ac
    Anonymous:
    emptyset:

    <font face="Courier New" size="2">if i ever meet someone who writes perl programs to control medical machinery i'm going to render them completely incapable of providing input into a computer.</font>


    even if the programmer is Larry Wall ?


    HAHA, "Scary Larry."  I fear no geek.
  • (cs) in reply to Mung Kee
    Mung Kee:
    Maurits:
    Mung Kee:

    Precisely my point.


    Ah, missed your point, sorry (/me adjusts sarcasm detector)
    The point being that there are legitimate applications of a specific feature but anything can be abused.
    Mung Kee:

    I don't validate on the client.


    I do.

    I think of this as a convenience to the user rather than as a legitimate security measure, of course.  I don't trust an HTTP request as far as I can throw it, regardless of any javascript I send out.
    It's not about security.  It's about separation of business rules and presentation layer.   If I were concerned about security for a given application I would simply use SSL.  I hope you're not a web application developer, with that level of distrust for HTTP.





    I hope you're not a web application developer if you trust HTTP requests. I can send your server anything I like, bypassing all your validation stuff. SSL is orthogonal to the content of the request, and therefore irrelevant, since I can establish an SSL connection and then inject a HTTP request of my choice into the SSL-encapsulated stream. If you're trusting the client to only send you valid data, you're going to get hacked.
  • (cs) in reply to dubwai
    dubwai:

    DZ-Jay:


    Pity.  Can you look up "joke"?

        dZ.

    Generally, jokes should be funny.



    Generally.

        dZ.

  • (cs) in reply to DZ-Jay
    DZ-Jay:
    dubwai:

    DZ-Jay:


    Pity.  Can you look up "joke"?

        dZ.

    Generally, jokes should be funny.



    Generally.

        dZ.

    I'm just giving you a hard time.  I was going to say something to a similar effect but I decided to look it up.  It's one of those words where misuse becomes the standard.

    I was thinking though, if digit implies 10, wouldn't it be 'hexidigit'?

  • (cs) in reply to farnz
    farnz:
    Mung Kee:
    Maurits:
    Mung Kee:

    Precisely my point.


    Ah, missed your point, sorry (/me adjusts sarcasm detector)
    The point being that there are legitimate applications of a specific feature but anything can be abused.
    Mung Kee:

    I don't validate on the client.


    I do.

    I think of this as a convenience to the user rather than as a legitimate security measure, of course.  I don't trust an HTTP request as far as I can throw it, regardless of any javascript I send out.
    It's not about security.  It's about separation of business rules and presentation layer.   If I were concerned about security for a given application I would simply use SSL.  I hope you're not a web application developer, with that level of distrust for HTTP.





    I hope you're not a web application developer if you trust HTTP requests. I can send your server anything I like, bypassing all your validation stuff. SSL is orthogonal to the content of the request, and therefore irrelevant, since I can establish an SSL connection and then inject a HTTP request of my choice into the SSL-encapsulated stream. If you're trusting the client to only send you valid data, you're going to get hacked.


    I didn't say I don't validate.  I said I don't on the client.  Any reasonable person thinking prudently likely would have guessed.
  • (cs) in reply to ac
    Anonymous:
    emptyset:

    <FONT face="Courier New" size=2>if i ever meet someone who writes perl programs to control medical machinery i'm going to render them completely incapable of providing input into a computer.</FONT>


    even if the programmer is Larry Wall ?

    <FONT face="Courier New" size=2>http://artsyfartsy.undef.com:3000/237.l.jpg</FONT>

    <FONT face="Courier New" size=2>that image is all i have to say about that.</FONT>

  • (cs) in reply to dubwai
    dubwai:

    Caffeine:
    chb:
    There are 10 kinds of programmers:
    Those who know binary numbers and those who don't.

    There are 11 kinds of programmers:
    Those who know binary, those who don't and those that are forced to write wtf code due to departmental policy (no try/catch/finally blocks)

    I assume that this is your current situation.  Do you work for Joel Spolsky?  How does the code base look?


    No, but our departmental policy document looks suspiciously like a collection of joelonsoftware best practices.
  • (cs) in reply to Caffeine
    Caffeine:
    dubwai:

    Caffeine:
    chb:
    There are 10 kinds of programmers:
    Those who know binary numbers and those who don't.

    There are 11 kinds of programmers:
    Those who know binary, those who don't and those that are forced to write wtf code due to departmental policy (no try/catch/finally blocks)

    I assume that this is your current situation.  Do you work for Joel Spolsky?  How does the code base look?


    No, but our departmental policy document looks suspiciously like a collection of joelonsoftware best practices.

    You point the person who maintains this to the hundreds of blgs where this 'no exceptions' practice is lambasted.

    So, the other question.  How does the source look?  Do you think this policy is working out?

  • (cs) in reply to Caffeine
    Caffeine:
    dubwai:

    Caffeine:
    chb:
    There are 10 kinds of programmers:
    Those who know binary numbers and those who don't.

    There are 11 kinds of programmers:
    Those who know binary, those who don't and those that are forced to write wtf code due to departmental policy (no try/catch/finally blocks)

    I assume that this is your current situation.  Do you work for Joel Spolsky?  How does the code base look?


    No, but our departmental policy document looks suspiciously like a collection of joelonsoftware best practices.


    I really can't buy into this policy, as it seems you can't.  If you don't, at some point, assume that you're getting a well formed request, whether it be a completely populated object or an XML document, you can find yourself replicating the same validation in multiple layers of your application.
  • (cs) in reply to Caffeine
    Caffeine:
    dubwai:

    Caffeine:

    There are 11 kinds of programmers:
    Those who know binary, those who don't and those that are forced to write wtf code due to departmental policy (no try/catch/finally blocks)

    I assume that this is your current situation.  Do you work for Joel Spolsky?  How does the code base look?


    No, but our departmental policy document looks suspiciously like a collection of joelonsoftware best practices.

    The codebase is not too bad - since a lot of it is mine. However, eliminating 'structured error handling' forces us to mingle error and normal method return values. This in turn ripples out to the callers having to handle the potential error before using the value...
  • (cs) in reply to joe_bruin
    Anonymous:
    NULL, or "", or whatever the favored VB equivalent is, would have been the right thing to return.


    I disaggree. Likely the program will uses these functions to convert larger hex numbers into binary.
    The code could look like that


    bin = "" for i = 1 to len(hex) bin = bin & hex2bin(mid(hex,i,1)) next

    and that would cause errors that are hard to notice, e.g. when you translate "0123a72951" and a is invalid because it should be upper case.

  • (cs) in reply to Mung Kee

    Why not validate both on the client and the server? If the client does not handle the JavaScript (or other validation mechanism), there's no gain or loss, but in the event that the client will validate locally, you've saved a round trip to the server.

    Obviously, you don't rely on the client, hence you don't trust HTTP requests at all, but what's so bad about failing a request locally rather than round-tripping for a failure (especially when your clients are on high-latency connections, so that a round trip is 500ms->1 second).

  • (cs) in reply to farnz
    farnz:
    Why not validate both on the client and the server? If the client does not handle the JavaScript (or other validation mechanism), there's no gain or loss, but in the event that the client will validate locally, you've saved a round trip to the server.

    Obviously, you don't rely on the client, hence you don't trust HTTP requests at all, but what's so bad about failing a request locally rather than round-tripping for a failure (especially when your clients are on high-latency connections, so that a round trip is 500ms->1 second).


    If you validate on the server, then you have to test/debug only on one platform. (usually)

    If you validate on the client, then you have to test/debug on various platforms (usually), and you won't be sure if it will work on newer browser versions, that may be published during the lifecycle of your app.

    So actually you have a lot more work to do, if you decide to validate on the client. For security you already have to validate on the server, so the only benefit I can see, is a slightly more responsive Client App (if it works as expected), but I also see a great risk for a lot of frustrated users/customers (if it does not work as expected).

    Hence, the reasons to write this kind of on-client-validation code have to be very convincing for me to undertake this endeavor.

    cu
  • (cs) in reply to eagle
    eagle:
    If you validate on the client, then you have to test/debug on various platforms (usually), and you won't be sure if it will work on newer browser versions, that may be published during the lifecycle of your app.


    This is why I make sure my client-side validation code is valid ECMA script... that falls through intelligently if active scripting is disabled... and I test it in any browser with > 5% market share.

    If a browser with less than 5% market share doesn't comply with ECMA, the user is on their own and gets no support from me.
  • (cs) in reply to ammoQ

    ammoQ:
    ...when you translate "0123a72951" and a is invalid because it should be upper case.

    I'm surprised that it would even compile with a reserved name, HEX, being used.

    <FONT face="Courier New">Function hex2dec(parmHexChar) As Integer   'typing is a good thing
      Select Case UCase(parmHexChar)
        Case </FONT><FONT face="Courier New">"0" To "9"         'place most frequent value checks first for good perf.
            hex2dec = CInt(parmHexChar)
        Case "A" To "F"
            hex2dec = CInt("&h" & parmHexChar)   'or ="&h" & parmHexChar
        </FONT><FONT face="Courier New">Case Else
    </FONT>
    <FONT face="Courier New"><FONT color=#000000>        hex2dec = -1
            <FONT color=#0000ff>Err</FONT>.Raise -1      'or some proper error alerting</FONT>
    End Function</FONT>

     

  • curious (unregistered) in reply to Isaac

    Aas funny as all these posts are, the "strange" values are simple used to indicate that an error occured that shouldn't have occured.

Leave a comment on “Quantum Computering”

Log In or post as a guest

Replying to comment #:

« Return to Article