- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Nice (I,m so tempted to type the f word)
captcha: Noone gives a rat's ass
Admin
This explains a few things for me. I've been working on a legacy PHP app where -1 is true, 2 is false, and 0 is null. It would appear that the inspiration for this was in how Visual Basic handles booleans in the database. And I just thought the original system designer was insane.
Admin
Nice one I still don't understand why people are using raw SQL in code... reusability, someone ?
Admin
the funny thing is that if sAction is null, then the program will crash (without getting to the last part of the if statement).
the only thing I can say is, that's what you get for using(drinking) VB.
Admin
What's the over-under on how many people will claim that "using VB forces you to write crappy code like this! the real WTF is VB!"
I say it will be about 93% of the posts ... let's see how we do !
Admin
What about the fifth value: FileNotFound?
Captcha: sanitarium
Admin
Nulls in an integer column, would it not make sense to initialize them and put a constraint in the databases to prevent new ones.
Also, True should be -1, especially in VB because the representation of -1 in (standard twos compliment) binary is all ones. The logical operators (and / or / not) in VB are actually bitwise operators so this makes sense.
Admin
No, the funny thing is that you make fun of VB, but don't understand it. Having a value of Null is different than being Nothing.
Try this code, which I've executed:
Function Test(b) if(b=3) then Response.Write("3") elseif (b=0) then Response.Write("0
") elseif IsNull(b) then Response.Write("Is Null
") else Response.Write("Other Value: " & b & "
") End If End Function Dim c c = Null Test(c) c = 3 Test(c) c = -5 Test(c) c = 0 Test(c)
Which gives this output:
captcha: pointer
Admin
So we're now saying its a bad thing for the founder of a company to keep control over it and not get kicked out / bought out by the VC's? I thought going from coder to CEO was our dream.
Doesn't take away from the WTF on this code though.
Admin
Admin
Except in cases of interoperability where you end up with a bool which doesn't have -1 in it, and due to a VB bool not being a single bit this is entirely possible. Eg: Thanks to interacting with another app or a DB your VB bool has a value of 1 in it instead of -1. Fine so far, because this is interpreted as "true". VB's bitwise not will change this to -2, which also gets interpreted as "true". So you effectively end up with bool = true and NOT bool = true at the same time!
Admin
No, coder --> CEO is a nearly-sure way to create business-WTFs and ruin yourself in the process. You have to take it one step further (or better yet, skip the CEO step and go straight to this). Get bought out, live (large) off that, and code what you actually want to, not what some PHB tells you to.
Admin
The real WTF is that they didn't use an enum.
Admin
In VB, you learn pretty quickly to avoid the word NOT. NOT lies to you. The only proper way to test for NOT X is to say IF X = FALSE THEN.
Admin
I thought "file not found" was supposed to be the third value?.... LOL
Admin
...for when a tri-bool simply won't do!
I now find myself in the somewhat odd position of fondly recalling the days when booleans had merely 3 values...
sigh
Admin
Admin
Also, working for the CEO who coded the original application through brute force methods even though untrained in software development, and who is afraid of losing control to the new programmer he has hired for help, is a nightmare.
Admin
Dang ... and all this time I thought it was:
IF X THEN ' do nothing ELSE
END IF
Admin
Actually I have found it pretty common that a logical requires 2 bits for storage in a database. Some databases (at least Progress Database, and Paradox?) had a built in 2 bit logical, so the developer did not have to roll their own. They used the following logic.
1st bit: New/Empty(null) 2nd bit: true/false
This does make sense for the UI programmer, who may use the field for more than two options such as Approve/Decline/Route back to approver.
Personally I think a bit field is true or false, and that if you don't know, that is something else entirely.
Admin
Ok, I'll avoid the really obvious thought about this. Still, if it didn't break backwards compatibility, and for some reason they really couldn't, um correct this mistake implies what I'm not saying so I'll say, if they for some technical reason couldn't make NOT do what most people who know boolean logic expect, you'd expect they would just take it out as more trouble than it's worth.
There I got through that whole long winded post without saying VB is a WTF....damn!
Admin
The real WTF is that he didn't take the MAYBE value into consideration.
http://worsethanfailure.com/Articles/Rarely_Just_TRUE_or_FALSE.aspx
Admin
As a long-suffering VB developer, I've always been amused by the plethora of options to express "nothingness".
Let me see...
IsNull Is Nothing (leading to the wonderful "If Not MyObj Is Nothing"...) = "" IsEmpty
I'm sure there are others that I'm forgetting. Yes, there are reasons for all of these, but then most WTFs are born of good intentions too.
Heh, it just occurred to me that those who robotically echo their CAPTCHA for everyone to 'enjoy' have actually failed the Turing test.
Admin
...and let's not forget
If IsMissing(X) Then
captcha: craaazy -- how true.
Admin
There's a DBNull too!
Admin
Heh. No need to say VB is a WTF ... the WTF is that dude actually defending non-standard uses for the boolean operators!!! Ouch!!!
In Soviet VB, NOT lies YOU!!!!
Ah, couldn't resist it ...
captcha: All your bools are belong to us
Admin
I guess when it comes to the fourth state, it must be "File not Found". Because what else could it be if it's not true, false or 1?
Admin
Quad-Bool! Nice!!
Admin
Actually the only time I found NOT to be a problem in VB is when there were WTF's under the rest of the code. NOT on it's own never caused me trouble. Of course my booleans only used boolean logic hence two distinctly opposing values and only two, no more.
Admin
VB is hell.
Admin
I'm with you; I thought the dream was to go from coder to CTO (well-compensated CTO, or course!). Marty Roesch at Sourcefire is an example. What real coder wants to leave the technology and just do MBA-type junk all day?
Admin
Actually those values you state are not equivalent to each other.
IsNull is for a declared but Null initialized variable. Nothing is for a declared but non-instantiated object. = "" is purely for strings that have been initialized but contain an empty string.
IsEmpty() is a weird one to most, remember this is a function. It returns True for non-initialized variables, and False for all others. Non-initialized means one that has simply been dimmed or reset to it's original state by being assigned Empty. Assigning a value, even Null, makes this return False.
These are not nothingness in the purest sense of the word. If you think of the very lowest level you can relate it to C. = "" means a string with only the null terminator, but this at least is a value. IsNull means it is pointing to a memory location with the Null value in it. Non-initialized means the memory is pointed to, but who knows what is there.
Admin
No, no, it's True, False, Maybe, and Indecisive (also known as NeverTry after a popular Homerism). :)
Admin
Try creating a select stored procedure (SQL Server) whose results will be bound to a grid. The grid features multi-column sorting and paging. There may be a LOT or records. This is virtually impossible to do without dynamic generated sql.
Also, consider cases where the schema is not known up front, such as importing from an excel spreadsheet to the database. You don't know the schema up of the spreadsheet until runtime. You can put all your logic in the application and do your inserts row by row, but this is about 10x slower than doing it at the database level with a dynamic sql statement.
If you are writing a publicly accessible website that, say, processes credit card orders, you would never use dynamic sql. If you are writing a single user desktop application that does some kind of numerical analysis, dynamic sql may make perfectly good sense.
That said, in MOST cases, you are correct. People are just lazy and sloppy.
Admin
You do realize that in .Net you can query your data once and hold it in a datatable object and then simply filter and order that datatable without running new queries. This is much faster and gets rid of the dynamic SQL in code. Your example is exactly why this feature was added, sorting a current result set by different columns, but also for filtering a current result set further.
Right, at the database level is the key here, the question was about using raw SQL "in code" so this case doesn't apply.
And this I will agree with you almost 100%. There are a few cases where people just don't know better, we call them interns.Admin
You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.
The distinction between dynamic sql generated in a stored procedure versus dynamic generated in VB or C# seems not particularly important to me. Both are vulnerable to the crappy coding in the today's WTF, injection attacks, etc.
Admin
So, true = all bits set? I guess that makes sense to some MS freak that's retired by now.
Admin
He's the CEO - what the hell is he doing messing around with software architecture? If you're big enough for a CEO, you're big enough to separate those duties.
Admin
What, doesn't the Datatable keep most of its data on the server side?
Admin
hmmm, ok so if you were going to be displaying that data to the user so they could click a column to sort, how are you storing that data? And yes you can throw 100k records into a datatable, yes it will take a lot of memory depending on your record size, but it will do it. If you are using paging, then a datatable type sort does not usually work. Additionally, If you use the sort of a datatable, it does not really sort the data itself, just it's underlying pointers to each record which you access from a different object. This is much faster than running a new query on the database and it does not create a whole new copy of the data in memory. This is but one solution, use it where appropriate.
And here I think you are wrong, at least about the injection attacks. If you are trying to build the query in code, outside the server, you can fail to quote your strings properly and make them safe hence the injection problems. If you are porting them in at the database level itself, it handles all the proper quoting so something like' GO Drop Table
gets quoted properly and does not become part of the command but rather becomes the data in a field.
Admin
The DataTable is a 100% memory resident object with no connection to the database whatsoever. You fill it using a DataAdapter object and it knows nothing about the source of the data.
Sure, it's on the server side, but you still probably can't use up 100MBs of memory for one object. That might work for some applications I guess.
Admin
It does until you decide to disconnect your dataset. Also once you iterate through all the records they have now been pulled to the client. If it is forward only it will do this by paging, if you have a fully navigable datatable you now have all the data on the client.
Admin
Once you execute the dynamic sql for the current page and sorting you will need to put the results in a DataTable, of course, but this is only one page of records, maybe 50 or 100.
You certainly can find good applications for DataTable as you describe, no doubt about it. However, Putting 100K or 1000K records into one is not usually a great idea, unless there are special circumstance.
With regards to injection attacks, you can parameterize queries in C# before executing then (using SqlParameter and SqlParameterCollection), which completely removes the risk. You could also pass a user submitted query string directly to a stored procedure, then concatenate it with a bunch of other string right in your T-SQL before calling exec and be completely vulnerable. Stored procedures are not a guarantee of safety.
Just because dynamic sql is usually bad, does not mean that it is always bad. It all depends on the domain.
Admin
There is no such thing as "disconnecting" a DataSet. They are always disconnected. I think you are getting datasets and datareaders confused.
Admin
It depends on your scaling factor, I suppose. 100M for a single client means that you can fit about 35-40 on a single server without paging (and if you structure it right, you can just keep most of the data paged out and store a lot more). If you can share these objects or if you only have a few people generating them, then it becomes entirely reasonable.
Admin
Actually it's not VB's fault that True is -1.
Visual Basic (at least since version 4, and before the .Net stuff) is built on COM. And it just so happens that in COM, true is defined as -1. Go check the PSDK headers if you want: VARIANT_TRUE is -1 and VARIANT_FALSE is 0. This is the definition VB uses.
If CInt(True) still returns -1 in VB.NET (I haven't come across this myself since I'm not in the habit of casting bools to numbers, or vice versa) it's probably for backwards compatibility reasons.
Admin
I'm still waiting to see a penta-bool one day. I've seen the tri-bool a few times, and I think I've seen the quad-bool before too.
Admin
Well, this is downright screwy in concept. It represents bad type selection, even if VB supports it. Why not just save Booleans for genuine binary choices, and use enumerations for limited sets? That would be a much more intuitive approach, at the least.
Joseph
Admin
Actually, that would be really useful for doing bitwise operations in a language where 0 = false and nonzero is true. Then (x & true) would be logically equivalent to (x && true), and would also preserve the bits for further bitwise comparisons.
I won't be switching to this system, mind you, but it's pretty slick for people who fiddle with bits a lot.
Not that any of these people actually use Visual Basic, mind you.
Admin
Oops. That was supposed to be a response to the post wondering why having all the bits set to 1 on true would be useful.