- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
When Texas started doing the lottery, I was give 20 tickets as a birthday present, all losers. Ah, nothing like a zero-value present. I would have rather had the gift-giver spent the money on themselves.
Admin
Looking at the code, that intern should be shot. No one should be using scriptlets anymore, they encourage putting business logic in the presentation layer. The JSTL (standard tags), a few custom tags and EL (expression language) should be the only non-template text in a JSP. As for links with .jsp on the end, this is another longstanding don't do. Any decent MVC framework will provide a mapping from a path like /peoplecontactinfo to the actual JSP. The securing of the page should also be handled in the MVC framework, as extra info in the mapping file.
Admin
When we aren't janitors, we are a commodity, to be outsourced to another country.
Organizing might help some, but it would be those who don't need as much help. The companies that think that a lottery ticket is a raise/bonus are the same ones that will hire the boss' neighbor's son to build a critical website. If he's not available, they will bid it out on one of the offshoring websites and be proud of reducing development costs.
Admin
Admin
and a red stapler??
Admin
Ha-ha. I am now currently supporting and extending a system that has been actively developed since 1994. Compilation takes 4 hours. I have seen a lot of bad code in my life, so I can understand what a pain it could be.
But we talk about a freaking corporate website, not some monstrous app, and about 2 years of time. The site could have been completely rewritten 10 times in this time. It's just a web site. If the original code was so bad and the guy had to "fix" it all the time, in 2 years nothing from the original code would remain anyway.
So I believe this is just a typical case of a clueless supporter who blames original developers for his own incompetency.
Admin
Yeah, maybe they did some important things originally, but after this genius "fixed" them they could behave unpredictably resulting in that e-f replace. Or maybe he did it manually when he tried to "fix" some problem in the database.
Anyway it is much more probable that the e-f replace was just a result of some mistake made by Jared and not a clever revenge plan plotted by the intern.
Admin
jtl "So your solution is to spam everybody and make the company look incompetent?"
That assumes that the users are members of the public. I got the impression that this was an internal web-app. Everyone on the inside knew stuff was messed up already.
Veinor "Erank, Erancis, Erancine, Steeanie, and Josee would like to have a word with you."
My ten lines of code includes the "oops these go to the same thing, fix it my hand" check. Oh, and the other 99% than got fixed an about 20 min are getting out the ticker-tape
Admin
Admin
More likely the code was vulnerable to a SQL injection attack. All of the web applications I've inherited to further customize have been completely open to SQL injection attacks.
Admin
I guess I shouldn't complain too much, but you've got to be a little disheartened if your project gets your boss on the cover of an industry magazine, and all you get for a bonus is a jacket with the company logo. Oh wait... everyone got a company jacket. Mr. Positive... that's me!
Admin
that'd be one hell of a mistake. I mean, replacing every 'e' in the database with an 'f' is not something that'd be necessarily easy to do by accident. Granted none of us know that his batch scripts don't have some wierd replace thing in them, but that should be easy enough to figure out, right?
And yes, that website should have been re-written, from scratch, as soon as all the problems started cropping up. Trying to convince the management to spend the money on that when they JUST built the thing is an entirely different WTF. Basically, I'm agreeing with the fact that it shouldn't have taken 2 years, but I think that it could if the management didn't want it re-written (happens all the time where I work).
Admin
wtf there are people out there which can rewrite apps before they grew into 10 year old monoliths?
it took me a year to get the most crappy business case rewritten! well, the payment is good enough :D
Admin
You've worked in Quality Assurance for how long?
Admin
Wow.... i mean... wow!
Admin
Admin
Of course! He went to Cornell. It is located in Ithaca, right? ;-)
Admin
They should have emailed the "new" usernames to each user stating that it has been changed for security reasons. Developers have the real power, why should we give in to their demands? Never let the client win, never - you're in charge, don't ever forget that.
Admin
Actually, you might be surprised at how quickly "small, simple website" can turn into "evil, gigantic spaghetti code mess" in the hands of clueless management (clearly seen here) plus incompetent interns. Been there, seen that, and yes it is hell to convince people to 1) change it at all and 2) rewrite it correctly. The original management doesn't like to admit mistakes, not ever.
Admin
Actually, pray you don't. The last job I was on, the CEO thought he was god's gift to the world of technology - between micromanagement, absurd changes to production code on the eve of release, and a total lack of understanding the need for testing any change, it is no wonder the company is no longer in business - thank god I left two years earlier!
Admin
idk about jared but I couldnt find a job fresh out of school that didnt require 2-3 years of experience, so i was lucky enough to have a friends mom in it and she got me on as a contractor at her company when she needed some extra help for an upgrade that was time crunched, my contract ended but a full time position opened and I am still there.
Admin
It wasn't "Who in hell." It was, Who in THE hell." Anyway, there are a lot of Stefanie's around. same as Megan's vs Meghan. Sara vs Sarah.
Admin
I'm sorry, but Jared sounds like a complete tool. Anyone working 10-12 hours a day without extra compensation is a fool and deserves what he's getting. Grow a backbone.
And why did the intern make the site in the first place while Jered was sitting on his ass reading books? Here's a hint to the Jared's out there - you learn more from doing than by reading about doing.
And then, as someone else also pointed out, why did it take him so long to recreate a system that some intern made working 2 hours a day for 4 months? Sounds to me that Jared may in fact be the incompetent one. Maybe they should hire that intern back.
Admin
That's likely not why they did it - doing something sensible for a batshit insane reason is still batshit insane.
Admin
For anonymizing purposes Alex said two years. In reality I started re-writing that dung heap one MONTH after the intern left. When the intern came back less than ONE year later to "get his code" (that crap we deleted once I re-wrote everything) he found it had been deleted. His site was completely GONE, so there is no way it could have had some sort of "back door" (plus he was NOT that clever). He had root access to the servers/databases so he easily could have just gone in there and ran an UPDATE on the USERS table. There were actually 3 ex-employees and 2 contractors with similar open access, but the network admin was never too worried about it until the e's changed to f's.
Once the es got changed to fs, the network admin started going nuts and locking everything down. The cron jobs that got disabled simply called a shell script that checked to see if a .war file had been placed in the "deploy" directory to be "deployed". If there was a war file in that directory, the shell script would call the "deploy" script (written by someone else before I got to the company, it was 300 lines of code) which would actually deploy the site. When the network admin disabled my cron jobs, I could no longer deploy because I didn't have rights to manually call the deploy script. The deploy script was required because the server environment was a mess from being migrated improperly from jBoss to Tomcat (it was so mucked up that the network admin couldn't even get Apache to "play nice" with Tomcat after trying for almost a full year).
I spent the first TWO months reading two 1000 page books, and building a small website for the company as a learning project. There simply wasn't anything else for me to DO. They had hired a consultant two years previously to build a website that he was finishing up when I got there (although after two years and 200k he never did finish it). The intern had already been there the summer before, and came back that summer to finish the site he had started the previous summer. They told me to just focus on learning Java, it would have been going against what I was told to do to try and "take over" either of those projects. I was simply doing exactly what I was told.
The 10-12 hours a week were leading up to the launch of a major website. I 100% expected a raise or a bonus (and was told I would be getting one). I eventually got a raise (after I had already been interviewing for other positions, and the week before I put in my two weeks notice) but it was way too little, way too late. After the "lottery tickets" I began looking for a new job post-haste (I worked there less than 18 months).
Now I am on a six person team at a larger company where I actually have someone over me reviewing my code and teaching me, plus I'm writing in a language I actually know. I never had any business taking a job writing large scale apps in a language I'd never seen straight out of college. Especially since I was an art major with a cs minor...
Oh and the intern's website that I re-wrote was used heavily by at least 20000 customers. The notion that we could somehow e-mail them to get their usernames is laughable. Especially because if the owner had found out that it happened someone probably would have been fired.
Also when we noticed the es had been changed to fs it was my boss who noticed it while he was manually editing the user's table in Access. I actually suspect it may have been him who did it accidentally, I just never wanted to challenge him on it because there was no way I would ever be able to convince him to stop manually editing the live data on an hourly basis through Access. Anyways, he was the one who went back and fixed it, and it wasn't my job because we had a DBA who theoretically should have been telling us these things.
Any time I suggested that perhaps we were doing things improperly, they shrugged me off and told me just to focus on coding (since that was my job).
Admin
Ugh. Good to know he found a new job.
To those who say he's a fool for staying as long as he did... keep in mind this was a couple years ago, when the job market was really bad. After all the .coms went belly-up, experienced IT people were a dime a dozen. I would hate to have been a kid just out of college at that time. I had years of experience, and still had trouble finding a decent job. One place I worked went through a huge round of lay-offs exactly a month after I started. Guess who was one of the first out the door. I know people who went over a year without being able to get so much as an interview. Things are much better now.
So don't judge too harshly.
Admin
As for your issue with taking 4 months to learn java before he tried to take ownership ... it's generally tough to get any traction telling people they're full of it while you're holding the 'learn to program x in 21 days' book in your hand.
Admin
There are multiple ways to tell if a company is going belly-up... Here is a list:
Any of the above flags should tell you "A Better Job Awaits, or at least one 1/2 as annoying"
Admin
i worked as an intern for 2 companies on the same building a the same time (but only got 1 paycheck) as system administrator, programmer and general problem solver (everything from php to coffee machine). one was a .net developer and the other a voip telco. after 1,5 year i left the job because it was, well, shitte and i still have root/administrator access to all the linux and windows servers and the databases on the companies and most of their clients as well. it's been three months now since i got out. talk about security...
Admin
Having just struggled with a Perl regex to extract repeated Oracle errors from a slurped output file (trust me, backslash-G and //g don't work in Cygwin either intuitively or to perlretut spec), it beats me why anybody would think that regexes are a particularly good example of parsing. Thankfully, most meaningful input in CS is not simply a random string. But I digress.
Rather a lot of comments here that ignore the facts: (a) Jared was fresh out of college. None of us would have rewritten a large swathe of company code on the side, fresh out of college. Most of us would have done exactly the same as Jared, and tried to cope with it. This is the point at which we learn. (b) It's anonymised, guys. Up until Jared's post, you had no idea of the back-story. I admit: as presented, Jared sounds fairly lame. But, it's anonymised. (c) Even anonymised, this company is seriously fucked up. Almost as fucked up as the customers who pay money for its services. But not quite.
And we've all been there. I was perusing the following posts to do with quite how difficult it might be to change every X into a Y in a database (just dump it, run sed over it, and reload. cron jobs are a whizz for this! But make sure not to read the actual text of the OP, which points out that this only happened on a single table ... I'm no database fanboy, so I'd use a cursor, but I'm pretty sure you could do this with a single select in most *SQL procedural languages). Cue Access flames.Mind you, it's not the technology, stupid, it's the stupidity, stupid. I once observed from afar the wonder that was an upgrade to a credit-card processing system running to, ahem, hundreds of billions of zlotys per annum. (Units of currency, country of origin, and variety of industry anonymised. Your mileage may vary.) The bosses decreed that, whatever else, it was essential that they had access to free-form SQL queries on the database. Which of course translated to free-form SQL requests, as in the rest of CRUD. SQL injection has nothing on this. But even with drastic access rights control, this idea is, well, sub-optimal.
I can't remember whether it was the architects, the coders, the DBAs or the turquoise pixie who buzzed the company flagpole every Tuesday that finally dissuaded them from this lunacy, but I do remember that it took them three years to do so.
By then I'd been co-opted on to the "upgrade." So I left.
Addendum (2007-11-02 21:11): Well, maybe it is the technology, stupid.
Despite the desperate pleas of esteemed posters on TDWTF, the choice of grammar does indeed matter. As, indeed, does the control of that grammar, and control of the effects of that grammar.
It's common for defendants of VB, or Access, or PHP, or <insert favourite hate here> to say that "you can screw up similarly with any language" (which is untrue. You can screw up just as often with any language. But it won't be similarly). End of conversation, perhaps? Or, if you're a really facile clever-dick (like me), you can glibly quote the fact that your <language of preference> is Turing-complete and therefore one-for-one convertible.
Which is true, if you have a really good parser, an excellent AST walker, and an AST generator. Now, I'm going to assume that you're a CompSci major. Can you do that? Have you got all of that in your head? Quick: it's an interview, and you've only got a pen, a pad, and twenty minutes ...
Now, obviously, you could do it. (Hem hem.)
Leaving tools like Access (with little security control, and none that I can imagine is mappable to the actual database) in the hands of managers is, to me, the epitome of the anti-Turing pattern. They can do pretty much anything they want, and there are no constraints.
Flee!
Admin
If you're not a contractor and you work for any corporation, you almost certainly work extra hours for free. Companies just dont pay bonuses like they used to, and there is no such thing as an 8 hour day. It has nothing to do with not having a backbone - sure you can take a stand. A stand in the unemployment line when they laugh and tell you to beat it.
Admin
This reminds me of a company I used to work for. The year before I joined, the xmas bonus got paid to them in chocolate money!
That must have broke the bank, because when I joined, they stopped giving bonuses.
Admin
Stefanie/Stefan is the common spelling here and in a lot of other countries as well.
Admin
In Germany, Stefanie is über common.
Admin
I always hate it when some executive suggests we bring in his son, neighbor, friend of a friend, who is "really good at this computer stuff, I swear to God." So far, I have been able to dodge the bullet and keep them at bay.
I'm hoping my luck doesn't run out.
Admin
Replace JSP with ASP and that's pretty much exactly the same experience I had with my first development position, except that when it came to pay-rise time (early December) we didn't even get lottery tickets (we were at least expecting a small Christmas bonus), as the budget wouldn't cover it. The CEO and his wife (a director) still bought themselves his 'n' hers beemers that Christmas though.
Admin
With Bush in office (and thus having control over the National Labor Relations Board), I suspect:
The strike would be declared illegal, and therefore:
The organizers would either cancel the (organized) strike or end up in jail for contempt of court.
The workers would either go back to work, or be fired.
Admin
Admin
As the Roman soldiers flogged him, paid him in lottery tickets, and forced him in total ignorance of technology to work without a login, he gasped "Forgive them, Father, they know not what they do."
On the third day, a recruiter stumbled over and cut Jared Christ down from the cross, where his suffering was vast. He rose again 72 hours later in another anonymous cubicle job.
How did he not turn to armed revolt after that WTF experience? I would have left a trail of bodies to the recruiter's office.
Admin
Having been the 'intern', I'd be scared to let you guys see some of my code. I was an internal transfer, they needed a programmer, and hiring somebody from outside would be too much of a hassle.
The only saving grace - it was purely network internal, my production server was also the test server(just a different directory, usually).
How'd I learn programming? One class in HS that the teacher made us write our programs down on paper before ever typing them in(and he graded for syntax on paper). The language? Pascal.
I learned basic, asp scripts, java, and SQL database in OJT, programming all sorts of web apps. Most fun job I ever had.
Admin
Fucking hell that's clever. Give this man a cookie.
Admin
Definitely F*** "company loyalty"! A company needs to show you that you are important by always staying competitive. I can understand this story though, because that's exactly how my career started. I got some lame gig, pushed it out for 2 years, then started my REAL career with REAL jobs. I had NO college ANYTHING, and thats how it goes. Now i make a lot and i tell companies to screw off the second they start screwing me around.
Admin
Now that's the most brilliant thing I've read all day! Good on ya...
Admin
That's what I thought as well.
Admin
The lottery thing reminded me of this company I worked for that did this thing every year where they brought in one of those money booths where you go in and there's all this money flying around and you have thirty seconds to grab as much as you want.
The booth thing was part of a larger, mandatory all-day event where the execs would talk about the profit in the last year what the plans were for the future etc.
Now this was a company with something like a half billion in annual revenue.
At the time I had been working over 40 hours a week for some time due to errors in the production system. So the mandatory day of stupidy frosted me a bit. But then to see them select three or four people to go in that booth and grab three or four hundred dollars was just demeaning, IMO.
I was gone within a few months and I have never regretted leaving.
Admin
It's possible that his INACTION caused the failure, and he was there merely to see if he should stop it, or maybe it checked on some physical condition he created.
Admin
If it is a SQL Server database, the script below will change all e's in varchar columns to f's. The tricky part is not getting caught...
select syscolumns.name as ColumnName, sysobjects.name as TableName into #Temp1 from syscolumns join sysobjects on syscolumns.id = sysobjects.id where sysobjects.xtype = 'U' and syscolumns.xtype = 167 order by ColumnName
declare @colName varchar(50) declare @tblName varchar(50)
DECLARE Columns_Cursor CURSOR FOR select ColumnName, TableName from #Temp1 OPEN Columns_Cursor FETCH NEXT FROM Columns_Cursor INTO @colName, @tblName
While @@FETCH_STATUS = 0 BEGIN exec('UPDATE ' + @tblName + ' SET ' + @colName + '= REPLACE(' + @colName + ', ''e'', ''f'')')
END
CLOSE Columns_Cursor DEALLOCATE Columns_Cursor drop table #Temp1
Admin
Homeric. Not homerian.
Admin
But man, it would suck if he scratched them and won ten grand.