- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
ReferenceError: bool is not defined
Admin
Admin
Or perhaps tears of laughter.
Admin
Admin
I love how the submitter's own name should fail the check. How appropriate.
Admin
Why didn't anyone else think of that?
Admin
Admin
"There is no problem in computer science that cannot be solved with another level of indirection". Including the problem of horrible code not being horrible enough.
Admin
Admin
In my case, this may be literally true. I don't remember lower case being available on an IBM 026 keypunch, much less any of these other wierdo characters. Now I feel old.
Admin
plz email me teh java codez. i have impartan tclient. thx :)
Admin
Wow! I am flatered that you are chosing to impersunate me only. has nobody else catch your fancie?
Admin
Evne basterd askimet is being with me on this one.
Admin
Admin
Admin
Admin
Wow, fletary like that will get you everywhere! What do you want my # 1 stalker?
Admin
Too much troling hapening over here, since I signed and registered.
Admin
Admin
Admin
from string import ascii_letters VALID = set(ascii_letters + "".join(str(i) for i in range(10)))
def valid_name(subfolder): return all(c in VALID for c in subfolder)
Admin
I wouldn't have cried. My first reaction would be to yell out:
"áàããäéèêëíìîïóòõôöúùûüçñ"
My second reaction would be to curse up a storm:
"!"#$%&\/=?'»«}{[]§£@,;.:-`´^~<>"
Admin
Pedantically regulary new articles, Akismets adjusted to 11 and answers to above's comment get censored?
Has Alex himself turned into a Bronie now?
Addendum (2011-11-16 15:08): Are we talking about this"free scotch" then?
Admin
TRWTF is the commented attempt at regex blacklist foiled by an extraneous backslash before the closing bracket
Admin
Admin
Define an Enum for each letter, and define two booleans on each one, "valid" and "invalid", and then you can do a string comparison with each one in turn, and if it matches the particular Enum you're looking at, see whether the "invalid" flag is set. If so, ignore that letter. If the "invalid" flag is not set, check the "valid" flag is set. If it is, include that letter.
That's a really good solution because then if you get another letter you think of, like if they invent a new letter of the alphabet, you can add it in by just adding it as another case in your Enum.
I mean, for fuck's sake, why overcomplicate this stuff by bringing in SQL and regexps?
Admin
Admin
Since the list of what's allowed is so much shorter than what's not allowed, the real WTF is trying to maintain a list of what's not allowed. If it was up to me, I'd fill a 62 value array with 0-9,a-z,A-Z. I'd have an outer loop that steps through the string one character at a time, and an inner loop that steps through the array one by one looking for a match with the character from the outer loop. I'd have an outer counter that I'd increment for each step through the string, and an inner counter that I'd increment each time the inner loop got a "hit". Then I'd compare the counters. If they match, all characters in the string are good; if they don't match, at least one character is bad. There, fixed and still wrong! :-)
Admin
Admin
Whats so hard about true, false, and file_not_found?
Admin
and what if they spell troo and faulse rong?
Admin
Sounds like someone has been reading "If you give a Moose a muffin" - If you have not read this book you are missing out!
Nothing is EVER as simple as anyone seems to think.
Admin
Admin
I would add an ajax call on top of that, that does the same exact thing as far as validation (all those chars and all), just to double-check (with an excuse that JS can be hacked/changed by the user. Then I would repeat the server validation again when that input was finally posted to the server (as it's probably a part of some form). Then, I would act as no class should trust its input, so then I would include the same code on the top of every method that receives that value, including the sproc (or equivalent) at the database. As a bonus, maybe encrypt/hash it also, to make less possible to tamper with. In that case, I would possibly use the same function to force at least one of those chars to actually be a part of the encryption key. That's a code re-usage with there: using the same function but interpreting the result differently.
Admin
my previous comment was supposed to quote this one :)
Admin
Thanks God nobody listen to you ever, sucker
Admin
Easy: interpolate a polynomial,p(x) of degree 255 with p(x) = 1 if x is the code of a character to be accepted, p(x) = 0 otherwise (that’s 0.3257445245E-429 * x ^ 255 - 0.1059273072E-424 * x ^ 254 … - 0.5491952357E74 * x ^ 2 + 0.8985219766E73 * x), implement the beast, and call it with each character in subfolder until it returns 0 (reject), or you’re done with subfolder (accept).
Admin
If they were using boolean, then the application would throw an exception when it got compiled (syntax error). If they were using the string method (that they in fact are using) then the string compare would fail and it would assume that the directory contained invalid characters (logic error).
The difference between a syntax error and a logic error is typically logic errors are a lot harder to track down. You spend 3 days in the debugger (estimate based on the sample of code provided) following your code to find out why "kitties" isn't a valid filename because you spelled "true" as "treu" in your string and it failed the compare check.
Admin
Hang on a minute, careful. Muffin the Mule is a criminal offence. So is Dobbin the Donkey.
Admin
Admin
Maybe you should go learn something about refactorization and text search...
Admin
Oh dear, and you were doing so well up to there. Instead, start off with a (double) value of 1, and multiply it by the result of the polynomial for each character in the input string (no early exit). When you've finished, use a floating-point equality test to see if the temp variable is equal to 1, and reject the input string if not. That way you can fail randomly on valid strings too, with the probability of failure increasing as the strings get longer.
Admin
That is a nice use of chaos theory. I liked, +10.
Admin
That is a nice use of chaos theory. I liked, +10.
Admin
(Also, javascript uses 16-bit UTF-16 unicode chars, so you'd need a table of 65536 branches. In both cases, a bitmap would probably be more efficient anyway.)
Admin
Admin
Apparently so. So also are a few other things:
Intelligence.
The idea of using a white list of 36 characters, rather than a blacklist composed of a tiny subset of of 65,500 characters.
In closing, let me say that when I get on their site, my password is going to be:
ĈØ¥ŅĘ¡¡¯§Ф¯†нễЯễ¡¡
Admin
I remember my Apple 2 e. Man, I felt superior to my II+ owning mates, with my fancy lowercase.
Admin
I wonder how many non-programmers take programmer job positions. Okay, an infinite fuel supply for TDWTF :)
Admin
At my last place, plenty. There was a teaching agency down the road that used to retrain broken-down old middle-managers into the fine art of FORTRAN programming, which they'd then conveyor-belt through our personnel department into our code-cutting boiler-house. Most never lasted that long - it was just a confidence-booster to get them back into the workforce - but the most useless of the lot stayed with us for considerably longer than they ought to have done.
As you say, an infinite fuel for TDWTF. On my first week in the job I assembled an extensive file on programming stupidities as I found them, complete with amusing captions and witty one-liner putdowns, which is as far as I know still doing the rounds there.
TRWTF is that I'm still thinking of that company in terms of "we" and "us".