• DOA (unregistered)

    Nice (I,m so tempted to type the f word)

    captcha: Noone gives a rat's ass

  • This is nothing... really... (unregistered)

    This explains a few things for me. I've been working on a legacy PHP app where -1 is true, 2 is false, and 0 is null. It would appear that the inspiration for this was in how Visual Basic handles booleans in the database. And I just thought the original system designer was insane.

  • Laurent (unregistered)

    Nice one I still don't understand why people are using raw SQL in code... reusability, someone ?

  • brendan (unregistered)

    the funny thing is that if sAction is null, then the program will crash (without getting to the last part of the if statement).

    the only thing I can say is, that's what you get for using(drinking) VB.

  • (cs)

    What's the over-under on how many people will claim that "using VB forces you to write crappy code like this! the real WTF is VB!"

    I say it will be about 93% of the posts ... let's see how we do !

  • pa (unregistered)

    What about the fifth value: FileNotFound?

    Captcha: sanitarium

  • (cs)

    Nulls in an integer column, would it not make sense to initialize them and put a constraint in the databases to prevent new ones.

    Also, True should be -1, especially in VB because the representation of -1 in (standard twos compliment) binary is all ones. The logical operators (and / or / not) in VB are actually bitwise operators so this makes sense.

  • Bob Villanosa (unregistered) in reply to brendan
    brendan:
    the funny thing is that if sAction is null, then the program will crash (without getting to the last part of the if statement).

    the only thing I can say is, that's what you get for using(drinking) VB.

    No, the funny thing is that you make fun of VB, but don't understand it. Having a value of Null is different than being Nothing.

    Try this code, which I've executed:

    Function Test(b)
     if(b=3) then
      Response.Write("3
    ") elseif (b=0) then Response.Write("0
    ") elseif IsNull(b) then Response.Write("Is Null
    ") else Response.Write("Other Value: " & b & "
    ") End If End Function Dim c c = Null Test(c) c = 3 Test(c) c = -5 Test(c) c = 0 Test(c)

    Which gives this output:

    Is Null
    3
    Other Value: -5
    0
    

    captcha: pointer

  • (cs)

    So we're now saying its a bad thing for the founder of a company to keep control over it and not get kicked out / bought out by the VC's? I thought going from coder to CEO was our dream.

    Doesn't take away from the WTF on this code though.

  • (cs) in reply to Licky Lindsay
    Licky Lindsay:
    So we're now saying its a bad thing for the founder of a company to keep control over it and not get kicked out / bought out by the VC's? I thought going from coder to CEO was our dream.

    Doesn't take away from the WTF on this code though.

    It's our dream, not our reality, hence the jealousy.

  • (cs) in reply to Tony B
    Tony B:
    Also, True should be -1, especially in VB because the representation of -1 in (standard twos compliment) binary is all ones. The logical operators (and / or / not) in VB are actually bitwise operators so this makes sense.

    Except in cases of interoperability where you end up with a bool which doesn't have -1 in it, and due to a VB bool not being a single bit this is entirely possible. Eg: Thanks to interacting with another app or a DB your VB bool has a value of 1 in it instead of -1. Fine so far, because this is interpreted as "true". VB's bitwise not will change this to -2, which also gets interpreted as "true". So you effectively end up with bool = true and NOT bool = true at the same time!

  • (cs) in reply to Licky Lindsay

    No, coder --> CEO is a nearly-sure way to create business-WTFs and ruin yourself in the process. You have to take it one step further (or better yet, skip the CEO step and go straight to this). Get bought out, live (large) off that, and code what you actually want to, not what some PHB tells you to.

  • Marcin (unregistered)

    The real WTF is that they didn't use an enum.

  • Strilanc (unregistered) in reply to Thief^
    Thief^:
    Tony B:
    Also, True should be -1, especially in VB because the representation of -1 in (standard twos compliment) binary is all ones. The logical operators (and / or / not) in VB are actually bitwise operators so this makes sense.

    Except in cases of interoperability where you end up with a bool which doesn't have -1 in it, and due to a VB bool not being a single bit this is entirely possible. Eg: Thanks to interacting with another app or a DB your VB bool has a value of 1 in it instead of -1. Fine so far, because this is interpreted as "true". VB's bitwise not will change this to -2, which also gets interpreted as "true". So you effectively end up with bool = true and NOT bool = true at the same time!

    In VB, you learn pretty quickly to avoid the word NOT. NOT lies to you. The only proper way to test for NOT X is to say IF X = FALSE THEN.

  • Owen (unregistered)

    I thought "file not found" was supposed to be the third value?.... LOL

  • (cs) in reply to Owen

    ...for when a tri-bool simply won't do!

    I now find myself in the somewhat odd position of fondly recalling the days when booleans had merely 3 values...

    sigh

  • (cs) in reply to DOA
    DOA:
    captcha: Noone gives a rat's ass
    That's a weird one, I haven't gotten that captcha before...
  • k (unregistered) in reply to bstorer

    Also, working for the CEO who coded the original application through brute force methods even though untrained in software development, and who is afraid of losing control to the new programmer he has hired for help, is a nightmare.

  • VB (unregistered) in reply to Strilanc

    Dang ... and all this time I thought it was:

    IF X THEN ' do nothing ELSE

    END IF

  • doug (unregistered)

    Actually I have found it pretty common that a logical requires 2 bits for storage in a database. Some databases (at least Progress Database, and Paradox?) had a built in 2 bit logical, so the developer did not have to roll their own. They used the following logic.

    1st bit: New/Empty(null) 2nd bit: true/false

    This does make sense for the UI programmer, who may use the field for more than two options such as Approve/Decline/Route back to approver.

    Personally I think a bit field is true or false, and that if you don't know, that is something else entirely.

  • Phyzz (unregistered) in reply to Strilanc
    Tony B:
    In VB, you learn pretty quickly to avoid the word NOT. NOT lies to you. The only proper way to test for NOT X is to say IF X = FALSE THEN.

    Ok, I'll avoid the really obvious thought about this. Still, if it didn't break backwards compatibility, and for some reason they really couldn't, um correct this mistake implies what I'm not saying so I'll say, if they for some technical reason couldn't make NOT do what most people who know boolean logic expect, you'd expect they would just take it out as more trouble than it's worth.

    There I got through that whole long winded post without saying VB is a WTF....damn!

  • Anonymous (unregistered)

    The real WTF is that he didn't take the MAYBE value into consideration.

    http://worsethanfailure.com/Articles/Rarely_Just_TRUE_or_FALSE.aspx

  • Darren (unregistered)

    As a long-suffering VB developer, I've always been amused by the plethora of options to express "nothingness".

    Let me see...

    IsNull Is Nothing (leading to the wonderful "If Not MyObj Is Nothing"...) = "" IsEmpty

    I'm sure there are others that I'm forgetting. Yes, there are reasons for all of these, but then most WTFs are born of good intentions too.

    Heh, it just occurred to me that those who robotically echo their CAPTCHA for everyone to 'enjoy' have actually failed the Turing test.

  • Mike (unregistered)

    ...and let's not forget

    If IsMissing(X) Then

    captcha: craaazy -- how true.

  • kaz (unregistered)

    There's a DBNull too!

  • (cs) in reply to Phyzz
    Phyzz:
    Tony B:
    In VB, you learn pretty quickly to avoid the word NOT. NOT lies to you. The only proper way to test for NOT X is to say IF X = FALSE THEN.

    Ok, I'll avoid the really obvious thought about this. Still, if it didn't break backwards compatibility, and for some reason they really couldn't, um correct this mistake implies what I'm not saying so I'll say, if they for some technical reason couldn't make NOT do what most people who know boolean logic expect, you'd expect they would just take it out as more trouble than it's worth.

    There I got through that whole long winded post without saying VB is a WTF....damn!

    Heh. No need to say VB is a WTF ... the WTF is that dude actually defending non-standard uses for the boolean operators!!! Ouch!!!

    In Soviet VB, NOT lies YOU!!!!

    Ah, couldn't resist it ...

    captcha: All your bools are belong to us

  • (cs)

    I guess when it comes to the fourth state, it must be "File not Found". Because what else could it be if it's not true, false or 1?

  • Marc (unregistered)

    Quad-Bool! Nice!!

  • (cs) in reply to Phyzz
    Phyzz:
    Tony B:
    In VB, you learn pretty quickly to avoid the word NOT. NOT lies to you. The only proper way to test for NOT X is to say IF X = FALSE THEN.

    Ok, I'll avoid the really obvious thought about this. Still, if it didn't break backwards compatibility, and for some reason they really couldn't, um correct this mistake implies what I'm not saying so I'll say, if they for some technical reason couldn't make NOT do what most people who know boolean logic expect, you'd expect they would just take it out as more trouble than it's worth.

    There I got through that whole long winded post without saying VB is a WTF....damn!

    Actually the only time I found NOT to be a problem in VB is when there were WTF's under the rest of the code. NOT on it's own never caused me trouble. Of course my booleans only used boolean logic hence two distinctly opposing values and only two, no more.

  • Captain NULL (unregistered)

    VB is hell.

  • Matt Harvey (unregistered) in reply to DaveAronson

    I'm with you; I thought the dream was to go from coder to CTO (well-compensated CTO, or course!). Marty Roesch at Sourcefire is an example. What real coder wants to leave the technology and just do MBA-type junk all day?

  • (cs) in reply to Darren
    Darren:
    As a long-suffering VB developer, I've always been amused by the plethora of options to express "nothingness".

    Let me see...

    IsNull Is Nothing (leading to the wonderful "If Not MyObj Is Nothing"...) = "" IsEmpty

    I'm sure there are others that I'm forgetting. Yes, there are reasons for all of these, but then most WTFs are born of good intentions too.

    Heh, it just occurred to me that those who robotically echo their CAPTCHA for everyone to 'enjoy' have actually failed the Turing test.

    Actually those values you state are not equivalent to each other.

    IsNull is for a declared but Null initialized variable. Nothing is for a declared but non-instantiated object. = "" is purely for strings that have been initialized but contain an empty string.

    IsEmpty() is a weird one to most, remember this is a function. It returns True for non-initialized variables, and False for all others. Non-initialized means one that has simply been dimmed or reset to it's original state by being assigned Empty. Assigning a value, even Null, makes this return False.

    These are not nothingness in the purest sense of the word. If you think of the very lowest level you can relate it to C. = "" means a string with only the null terminator, but this at least is a value. IsNull means it is pointing to a memory location with the Null value in it. Non-initialized means the memory is pointed to, but who knows what is there.

  • Barrett (unregistered) in reply to Anonymous

    No, no, it's True, False, Maybe, and Indecisive (also known as NeverTry after a popular Homerism). :)

  • Alex Brown (unregistered) in reply to Laurent
    Laurent:
    Nice one I still don't understand why people are using raw SQL in code... reusability, someone ?

    Try creating a select stored procedure (SQL Server) whose results will be bound to a grid. The grid features multi-column sorting and paging. There may be a LOT or records. This is virtually impossible to do without dynamic generated sql.

    Also, consider cases where the schema is not known up front, such as importing from an excel spreadsheet to the database. You don't know the schema up of the spreadsheet until runtime. You can put all your logic in the application and do your inserts row by row, but this is about 10x slower than doing it at the database level with a dynamic sql statement.

    If you are writing a publicly accessible website that, say, processes credit card orders, you would never use dynamic sql. If you are writing a single user desktop application that does some kind of numerical analysis, dynamic sql may make perfectly good sense.

    That said, in MOST cases, you are correct. People are just lazy and sloppy.

  • (cs) in reply to Alex Brown
    Alex Brown:

    Try creating a select stored procedure (SQL Server) whose results will be bound to a grid. The grid features multi-column sorting and paging. There may be a LOT or records. This is virtually impossible to do without dynamic generated sql.

    You do realize that in .Net you can query your data once and hold it in a datatable object and then simply filter and order that datatable without running new queries. This is much faster and gets rid of the dynamic SQL in code. Your example is exactly why this feature was added, sorting a current result set by different columns, but also for filtering a current result set further.

    Alex Brown:
    Also, consider cases where the schema is not known up front, such as importing from an excel spreadsheet to the database. You don't know the schema up of the spreadsheet until runtime. You can put all your logic in the application and do your inserts row by row, but this is about 10x slower than doing it at the database level with a dynamic sql statement.

    Right, at the database level is the key here, the question was about using raw SQL "in code" so this case doesn't apply.

    Alex Brown:
    That said, in MOST cases, you are correct. People are just lazy and sloppy.
    And this I will agree with you almost 100%. There are a few cases where people just don't know better, we call them interns.
  • Alex Brown (unregistered) in reply to KattMan

    You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.

    The distinction between dynamic sql generated in a stored procedure versus dynamic generated in VB or C# seems not particularly important to me. Both are vulnerable to the crappy coding in the today's WTF, injection attacks, etc.

  • Franz Kafka (unregistered) in reply to This is nothing... really...
    This is nothing... really...:
    This explains a few things for me. I've been working on a legacy PHP app where -1 is true, 2 is false, and 0 is null. It would appear that the inspiration for this was in how Visual Basic handles booleans in the database. And I just thought the original system designer was insane.

    So, true = all bits set? I guess that makes sense to some MS freak that's retired by now.

  • Franz Kafka (unregistered) in reply to Licky Lindsay
    Licky Lindsay:
    So we're now saying its a bad thing for the founder of a company to keep control over it and not get kicked out / bought out by the VC's? I thought going from coder to CEO was our dream.

    Doesn't take away from the WTF on this code though.

    He's the CEO - what the hell is he doing messing around with software architecture? If you're big enough for a CEO, you're big enough to separate those duties.

  • Franz Kafka (unregistered) in reply to Alex Brown
    Alex Brown:
    You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.

    What, doesn't the Datatable keep most of its data on the server side?

  • (cs) in reply to Alex Brown
    Alex Brown:
    You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.

    hmmm, ok so if you were going to be displaying that data to the user so they could click a column to sort, how are you storing that data? And yes you can throw 100k records into a datatable, yes it will take a lot of memory depending on your record size, but it will do it. If you are using paging, then a datatable type sort does not usually work. Additionally, If you use the sort of a datatable, it does not really sort the data itself, just it's underlying pointers to each record which you access from a different object. This is much faster than running a new query on the database and it does not create a whole new copy of the data in memory. This is but one solution, use it where appropriate.

    Alex Brown:
    The distinction between dynamic sql generated in a stored procedure versus dynamic generated in VB or C# seems not particularly important to me. Both are vulnerable to the crappy coding in the today's WTF, injection attacks, etc.
    And here I think you are wrong, at least about the injection attacks. If you are trying to build the query in code, outside the server, you can fail to quote your strings properly and make them safe hence the injection problems. If you are porting them in at the database level itself, it handles all the proper quoting so something like

    ' GO Drop Table

    gets quoted properly and does not become part of the command but rather becomes the data in a field.

  • Alex Brown (unregistered) in reply to Franz Kafka
    Franz Kafka:
    Alex Brown:
    You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.

    What, doesn't the Datatable keep most of its data on the server side?

    The DataTable is a 100% memory resident object with no connection to the database whatsoever. You fill it using a DataAdapter object and it knows nothing about the source of the data.

    Sure, it's on the server side, but you still probably can't use up 100MBs of memory for one object. That might work for some applications I guess.

  • (cs) in reply to Franz Kafka
    Franz Kafka:
    Alex Brown:
    You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.

    What, doesn't the Datatable keep most of its data on the server side?

    It does until you decide to disconnect your dataset. Also once you iterate through all the records they have now been pulled to the client. If it is forward only it will do this by paging, if you have a fully navigable datatable you now have all the data on the client.

  • Alex Brown (unregistered) in reply to KattMan
    KattMan:
    Alex Brown:
    You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.

    hmmm, ok so if you were going to be displaying that data to the user so they could click a column to sort, how are you storing that data? And yes you can throw 100k records into a datatable, yes it will take a lot of memory depending on your record size, but it will do it. If you are using paging, then a datatable type sort does not usually work. Additionally, If you use the sort of a datatable, it does not really sort the data itself, just it's underlying pointers to each record which you access from a different object. This is much faster than running a new query on the database and it does not create a whole new copy of the data in memory. This is but one solution, use it where appropriate.

    Alex Brown:
    The distinction between dynamic sql generated in a stored procedure versus dynamic generated in VB or C# seems not particularly important to me. Both are vulnerable to the crappy coding in the today's WTF, injection attacks, etc.
    And here I think you are wrong, at least about the injection attacks. If you are trying to build the query in code, outside the server, you can fail to quote your strings properly and make them safe hence the injection problems. If you are porting them in at the database level itself, it handles all the proper quoting so something like

    ' GO Drop Table

    gets quoted properly and does not become part of the command but rather becomes the data in a field.

    Once you execute the dynamic sql for the current page and sorting you will need to put the results in a DataTable, of course, but this is only one page of records, maybe 50 or 100.

    You certainly can find good applications for DataTable as you describe, no doubt about it. However, Putting 100K or 1000K records into one is not usually a great idea, unless there are special circumstance.

    With regards to injection attacks, you can parameterize queries in C# before executing then (using SqlParameter and SqlParameterCollection), which completely removes the risk. You could also pass a user submitted query string directly to a stored procedure, then concatenate it with a bunch of other string right in your T-SQL before calling exec and be completely vulnerable. Stored procedures are not a guarantee of safety.

    Just because dynamic sql is usually bad, does not mean that it is always bad. It all depends on the domain.

  • Alex Brown (unregistered) in reply to KattMan
    KattMan:
    Franz Kafka:
    Alex Brown:
    You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.

    What, doesn't the Datatable keep most of its data on the server side?

    It does until you decide to disconnect your dataset. Also once you iterate through all the records they have now been pulled to the client. If it is forward only it will do this by paging, if you have a fully navigable datatable you now have all the data on the client.

    There is no such thing as "disconnecting" a DataSet. They are always disconnected. I think you are getting datasets and datareaders confused.

  • Franz Kafka (unregistered) in reply to Alex Brown
    Alex Brown:
    Franz Kafka:
    Alex Brown:
    You can put your results set in a DataTable, filter, order, etc. It's a lot of fun. Unfortunately, it doesn't work with a LOT or records. That would take a LOT or memory. Really. It will. You just can't put 100Ks or records in a DataTable. Think about it.

    What, doesn't the Datatable keep most of its data on the server side?

    The DataTable is a 100% memory resident object with no connection to the database whatsoever. You fill it using a DataAdapter object and it knows nothing about the source of the data.

    Sure, it's on the server side, but you still probably can't use up 100MBs of memory for one object. That might work for some applications I guess.

    It depends on your scaling factor, I suppose. 100M for a single client means that you can fit about 35-40 on a single server without paging (and if you structure it right, you can just keep most of the data paged out and store a lot more). If you can share these objects or if you only have a few people generating them, then it becomes entirely reasonable.

  • Sven (unregistered)

    Actually it's not VB's fault that True is -1.

    Visual Basic (at least since version 4, and before the .Net stuff) is built on COM. And it just so happens that in COM, true is defined as -1. Go check the PSDK headers if you want: VARIANT_TRUE is -1 and VARIANT_FALSE is 0. This is the definition VB uses.

    If CInt(True) still returns -1 in VB.NET (I haven't come across this myself since I'm not in the habit of casting bools to numbers, or vice versa) it's probably for backwards compatibility reasons.

  • iMalc (unregistered)

    I'm still waiting to see a penta-bool one day. I've seen the tri-bool a few times, and I think I've seen the quad-bool before too.

  • (cs)

    Well, this is downright screwy in concept. It represents bad type selection, even if VB supports it. Why not just save Booleans for genuine binary choices, and use enumerations for limited sets? That would be a much more intuitive approach, at the least.

    Joseph

  • AN (unregistered) in reply to Franz Kafka

    Actually, that would be really useful for doing bitwise operations in a language where 0 = false and nonzero is true. Then (x & true) would be logically equivalent to (x && true), and would also preserve the bits for further bitwise comparisons.

    I won't be switching to this system, mind you, but it's pretty slick for people who fiddle with bits a lot.

    Not that any of these people actually use Visual Basic, mind you.

  • AN (unregistered)

    Oops. That was supposed to be a response to the post wondering why having all the bits set to 1 on true would be useful.

Leave a comment on “SQL Four Joy”

Log In or post as a guest

Replying to comment #:

« Return to Article