- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
I don't see the issue. Sure there was a misspelling. And sure the comments might be incorrect.
But it has logic behind it and no insane syntax tricks. The code is fine.
Admin
I wrote this: Query is intentionally spelled not good for the obsfucation purpose and the securities.
Admin
I thought that the logAllQeurys() function would log all qeuries, but according to the comment, it's logging all the queries..
I wasn't expecting that!
Admin
There is nothing inherently wrong with creating a wrapper around the PHP mysql functions, indeed, done right it's pretty essential in the manner of creating an abstraction layer to allow you to create a lot of convenience and safety - even if you never forsee using anything except mysql.
Of course, this one isn't done right. But still, he's half way up the first step of the ladder, at least he recognises the need.
Admin
I post again to agree. captcha = dolor. My custom CMS will make me a lot of dolor.
Admin
I'm pretty sure qeury is only consistently misspelt so as to not clash with the name of the function, that is, query.
Admin
Whatever you're paying this guy, I'll dubble it.
Admin
I agree, that is if we are using the defintion of dolor (and not a mispelling): http://www.medterms.com/script/main/art.asp?articlekey=24911
Admin
Geez, what does people expect to find when posting job openings for a PHP project? Programmers?
Admin
Admin
/* You fail */ SELECT 1 + 1
Admin
Wow, it's still June? I wish I were a little kid because my summer vacation would have just extended an extra month!
Admin
[quote user=RHuckster]Wow, it's still June?[/quote]
Even June, Friday 13th, so it's still 2008, 2003 or even earlier ;-) Don't know how old you will be in the far away Friday 13th of July 2012, but maybe now (2003? 2008?) you are still a lucky child?
Admin
It's planned for Friday the 13th, something was bound to go wrong... BTW, doews MySQL support the WITH clause? Because that would throw off his 'select' substring a little.
Admin
the way the weather is here in London you wouldn't think it was July or June. More like March or April
Admin
[quote user="q.kontinuum"][quote user=RHuckster]Wow, it's still June?[/quote]
Even June, Friday 13th, so it's still 2008, 2003 or even earlier ;-) Don't know how old you will be in the far away Friday 13th of July 2012, but maybe now (2003? 2008?) you are still a lucky child? [/quote]
During my lifetime any of 1969, 1975, 1980, 1986. 1997, 2003 or 2008. In future years 2014, 2025, 2031, 2036, 2042 and if I live that long 2053.
Admin
Lame. Crying over misspelled words and lack of error logging does not make a WTF.
Admin
I bet the code come from France. Not that french are inherently bad programmer, but because the broken english sound very much like french going through google translate.
Then again, broken english comment may not be the main problem in this code.
Admin
Admin
You deserve this if you use PHP.
Admin
It makes my eyes bleed...
Admin
Admin
Maybe that's why it's held at night. :)
Admin
Almost everything we see in this function (result testing, connection testing, looping over the resultset, getting insert ID's, etc) is common code. Most of this is required for every query you execute. Putting all that in a wrapper so you don't have to copy-paste it time and again is, if anything, good coding practice. And make no mistake: this is a pretty simple way to do so - I have seen versions of mysql wrappers requiring a thousand lines of undocumented code. In comparison, this is neatly done indeed.
Of course, there are a number of problems with it (lack of flexibility, unpredictable behavior, etc), but the basic idea of a simple method to handle all that tedious default stuff concerning database interaction in PHP, is far from a WTF.
Admin
Admin
Incorrect! It log's all hi's query's!
Admin
What is inherently wrong with it, buddy, is that it has already been written for you. You've heard of PDO, surely? And if you don't like that, every single damn framework has its own wrapper already.
A developer should be given a good slapping for attempting to write their own wrapper.
Admin
Do you really think that's all that's wrong with this code, or are you trolling?
Admin
WHile qeury would be kind of a common mistake in french (the u being totally silent), the specific phrase I was refering to is :
///loop through the result and full the array
It does not make any sense in english. But it is a blind idiot translation of the french phrase. Maybe other language too, but being hideously bad at english is a common quirk of french software engineer, since english comment are mandatory but there is no other reason to learn english.
Admin
Admin
Seems to me it could also be spanish ...
Admin
Admin
I definitely have my own personal limits on sociability, but for me it's more of a "hang out with folks once or twice every few months".
At this point, I'm more worried that I'm going to completely forget and be halfway home before I remember I was planning to meet people after work.
Admin
He was creating his own CMS; he obviously can't use someone else's framework because the superiority of his own is his competitive advantage. Mandatory Joel link.
I wonder if this is a theme among PHP developers. It would not be the first time I've seen one brag about their own awesome CMS. Maybe it is like how template engines proliferate in Python because they are so easy to create.
Admin
TRWTF is PHP.
Admin
That's true as a rule, but in modern English orthography, 'qu' is very common and associated with the 'kw' consonant sound, so it's not really a vowel confusion, and I'm doubtful that it's accidental.
Someone suggested he deliberately misspelled it to differentiate it from a library term; that would be TRWTF if that's the case since that's a horrible convention.
Admin
Joel's got a point... I have no idea about PHP developers, but one thing about web frameworks and web stuff in general is how awful it tends to be. If I were going to hire someone to work on an existing web framework, if he's already written one himself, even if it sucked, at least it means he knows how one works and has already learned some lessons about it.
Admin
Okay? Aside from dropping punctuation and capitalization, that is perfect American Standard English. All of the comments are fragments without capitalization or punctuation, which is appropriate for comments. As far as fragments can be, they're grammatically perfect. The misspellings all look like typos, except dubble* looks like a learned mistake, he probably inferred it (quite logically) from bubble. Most people have that; I can't, for some reason, get "receive" right without checking it, and always want to pronounce the 'ch' in "chimera" as a "sh".
Admin
Frameworks create unnecessary overhead, and unless you find in planning that you will need many of a framework's features in any particular project they should be avoided. I've found that often a framework's promise of saving development time is mitigated by the time it takes to get around a framework when it fails to provide needed functionalities. Often framework's are like learning a new language to do something that would be just as easy in straight PHP.
PDO is great but it also requires access to the server to install the drivers, thus making your code a lot less portable, so not necessarily the best choice for a CMS.
That being said this guy's approach is not great. Better to make one class that provides all the methods needed to read and write to the database. This class can contain normal mysqli statements and will be the abstraction layer in case you ever need to use something other than mysql. You will have to make sure that all user input gets processed to prevent mysql injection of course.
Admin
We had someone write a similar (in some ways) wrapper around the standard Python DB query; like this one, it would sometimes return an array of results, and sometimes just a single result (which was itself an array). I'm not sure we ever did convince him that a predictable function return-type is a good idea, but we did make him fix it. :)
Admin
No, he doesn't recognize the need. He's a cargo cult programmer. All he knows is "good coders create wrapper classes," and he assumes that if he creates a wrapper, his code will be good. He has no idea why creating a wrapper is good (in some cases), so he goes about it all wrong.
Admin
There are no bad languages. Bad programmers only. and bad programmers can ruin good language like java also, so PHP is not exception to this.
-A good programmer.
Admin
Admin
It seems to be a common theme these days with people just learning PHP. "I'm going to make my own CMS." Some even claim they're going to start a company with it.
I just point them at the existing mature, debugged projects that have active developers maintaining them and support and say "the only value in writing your own CMS is to learn what not to do, you don't really stand a chance at competing with existing solutions."
Though I like taking their initiative to create something and using it as a tool to force them to learn how to do things the right way. I ask them what happens if I am evil and I input bad stuff here? You have a box to enter HTML, what if I enter a script tag that steals information from a client's computer or if I embed image tags that don't go to this domain (http://www.somesitewithCSRFvulnerability.com/admin/do/sendUserDatabase/to/[email protected]). What if I use "scary" characters in my query, like quotes? What if I try to write a blog post in Chinese? Why does this script have a state-changing side effect when I issue a GET request on it? You have an XHR here to get the blog content to display, how are you going to make this crawler-friendly so blogs in your CMS are indexable by search engines? What's stopping me from uploading a PHP file when you expect an HTML file? What happens when a bad guy compromises your software and gets access to the database, can he see my password?
Then I'll introduce them to how we have caching networks built to make the internet faster and ask them why their PHP pages return a 200 with cache control (or worse, a cache control of no-cache, no-store, max-age=0). Then I'll ask them how they can use cache control headers properly to make their site more efficient. I'll ask why are you using jQuery and hosting it locally when Google hosts it on a CDN and everyone who's ever been to YouTube will likely have it cached for 1 year in their browser?
And on and on. Needless to say, there's a LOT of stuff to consider when making any decent web application especially something as involved as a really good CMS. I would agree that "I'm going to start a company with my own CMS and it's going to be better than Joomla and Drupal" is a big red flag unless this person has serious credentials to back that up.
Admin
Yes, writing their own CMS is the "JAPH" of PHP. Everybody has to do it. Except that nobody's a good enough PHP programmer to fit it into a .sig
--Joe
Admin
Unfortunately the advice that is missing is:
And that is the Worse-Than-Failure that inevitably folllowed.
Admin
Using an abstraction layer is good; using a single function for your entire abstraction layer is bad. If the original coder had paid attention to any of the principles of good usage of PHP, I would agree that this is far from a WTF; but the complete lack of object-orientation and typing discipline push it solidly back into WTF territory.
These days there are a lot of Object-Relational Mapping frameworks available for PHP: Doctrine, RedBean, Propel. Every serious PHP programmer I know either uses an off-the-shelf ORM solution, or makes their own by wrapping some objects around Zend Framework or PDO statements. No serious PHP programmer would use the above function for this.
Admin
Appropriately enough, "dolor" is Latin for pain. =P
Admin
Did you never read Peter Benchley's article on how to speak French? With its table of French vowels for handy reference:
"a" -> pronounced -> "ong" "e" -> pronounced -> "ong" "i" -> pronounced -> "ong" "o" -> pronounced -> "ong" "u" -> pronounced -> "ong"
Add to this the impossible-to-ignore fact that all French consonants are silent, and the profusion of flyspecks that sprout from every letter. (Most French people don't even realize that the Vietnamese, their former colonials, have perpetrated a hilarious satire on the latter, with an average of 3.2 accent marks per letter.)
Foriegn spelling is wierd.
Admin
We get it, you fat nerds don't like php. You've made that quite clear...