• Jonathan Perrine (unregistered) in reply to Anon') or 1=1; DROP TABLE comments; --

    It just goes to show you that anyone can write SQL injection vulnerabilities, especially Java programmers.

  • fishdude (unregistered)

    I thought it was a reference to K-Mart... the store that used to have "Blue Light Specials".

  • AAF (unregistered) in reply to Not James Gosling

    It's called J#.

  • AAF (unregistered) in reply to Not James Gosling
    Not James Gosling:
    Severity One:
    Nagesh:
    That code is not compiling, brother! Which java are you using?
    One that apparently has null reference exceptions.
    Probably java.net

    It's called J#.

  • Zunesis: Nothing Less Than The Best (unregistered) in reply to Hmmmm
    Hmmmm:
    dr memals:
    what is S-MART ? americanism ?
    Sounds like a disgusting, revolting, sub-human, Americanised contraction of "Super-MARkeT", which I find so abhorrent that I want to fuck kittens to death!

    Though if that was really the state of the code before Bob joined the project then I doubt I'd employ any of the original coders to sweep the streets let alone work in a supermarket...

    It's kind of an obscure reference to the move Army of Darkness. I don't think anyone's going to catch it, though.

  • (cs)

    Army of Darkness is never obscure.

  • (cs) in reply to Code Slave
    Code Slave:
    And Bob's first reaction was to cobble the project back together from what was on developer's workstations instead of calling Jim up in systems and saying "Jim, could you restore Operation Blue Light's svn repository from backups, to what we had there on Thursday? Oh, and could you ask Tammy to restore the development database to the same time as well please? ... Come on, I know she's sitting right beside you."

    WTF.

    Yeah. That was my first reaction, also. Restore from backup!

  • (cs) in reply to Matteo
    Matteo:
    Well, no offense, but it looks like you are a "poor" .Net guy, because you can have all that shiny stuff in .Net and even better than java.

    With modern ORMs (like EF 4.2/4.3), an amazing web framework (Asp.Net MVC with Razor, mind you, not that piece of crap of webforms), the synatx power of C# (lambda expressions, linq, dynamic, etc), the awesome package manager nuGet, etc, you really don't have anything to envy to the Java community, I'd say it's the other way around.

    Except the fact most .NET guys I've worked with have no idea about EF, or MVC, or NHibernate and want to do everything with DataSets and stored procedures and thousand-line code-behind files.

    .NET can be awesome, but it's harder (IMO) to find competent .NET guys who don't come from a drag-and-drop RAD background. Java seems the opposite, most people in Java know what design patterns are, know about Hibernate, and WANT TO USE IT instead of fighting against it.

    I love .NET, but I hate the typical .NET shop's mentality, is what I meant.

  • (cs) in reply to ObiWayneKenobi

    Being the guy who pushes EF and MVC in my shop, I know exactly what you're talking about. The tool is fantastic, but you have to actually embrace the tool. I work with a bunch of Classic ASP developers who love web forms and don't get MVC. I always hated ASP and WebForms, and I took to MVC instantly.

  • A Brit (unregistered) in reply to Andrew
    Andrew:
    That said, why run around cobbling working copies from dev workstations?! Repositories not backed up? Or did Randy junk those as well?
    Glad someone else mentioned this in the first 10 or so comments. From my experience, backups - even of dev servers - really ought to be outside the dev team's control, to avoid a single-point-of-failure risk.
  • (cs) in reply to Remy Porter
    Remy Porter:
    Being the guy who pushes EF and MVC in my shop, I know exactly what you're talking about. The tool is fantastic, but you have to actually embrace the tool. I work with a bunch of Classic ASP developers who love web forms and don't get MVC. I always hated ASP and WebForms, and I took to MVC instantly.

    I'm at a shop that actively refuses to even let us refactor code, seeing it as a "waste of time" and not delivering "new features". I spent a few days looking through our code seeing if there was anything at all that can be refactored to provide some kind of architecture (there is no architecture, no structure, just lots of WebForms and code behind) and I found nothing. It would be a herculean effort to even begin to refactor this thing, since it's so tightly intertwined and half the time looks like nobody understood OOP.

    THAT is what I envy about Java; the embracing of design patterns and the SOLID principles and MVC and ORMs and all of those lovely things that .NET is like "Pah! We just use DataSets and Stored Procedures"

  • Hmmmm (unregistered) in reply to Zunesis: Nothing Less Than The Best
    Zunesis: Nothing Less Than The Best:
    It's kind of an obscure reference to the move Army of Darkness.
    So my original description was spot on then. I thought it sounded familiar but I couldn't be arsed to Google it...
    Zunesis: Nothing Less Than The Best:
    I don't think anyone's going to catch it, though.
    Except for the 6 people who already have...
  • rrc (unregistered)

    Why call our PHP hero, Randy? Why not just call him Well Hung Horny PHP Dude Who Likes To Sabotage Java Projects In His Spare Time?

    I taught myself JAVA in 2000 in about 2 weeks . Easy for anyone who comes from a C/C++ background. Java is easier than C++ and PHP is even easier.

    You can write really great code in PHP and really shit code in Java. Whether a language is strongly typed or is Object Oriented is not what produces good code. Good Programmers write Good Code.

    Shit Programmers will write Shit Code, no matter what language they use.

    I develop in PHP and MySQL today. It works.

    And no, I don't feel the need to sabotage a project that is written in Java or Visual Basic. I think VB is evil. Basic is not a language one should use in the modern age of computing.

  • (cs)

    To be fair, VB.NET is not that bad. I prefer C# myself but VB.NET is a perfectly capable language provided you write it using proper development practices and not treat it like VB6.

    I'd rather have a job using VB.NET at a shop using MVC, NHibernate, Ninject and the like than a C# job using WebForms, DataSets and stored procedures with everything in code-behind.

  • redwolf (unregistered) in reply to Bobbi Taibels
    Bobbi Taibels:
    No one is going to comment on the fact that they apparently keep the password in an unencrypted column in the database?

    Wait, SQL injection like Bobby Table is in this code, too.

    http://bobby-tables.com/

  • fbomb (unregistered) in reply to DCRoss

    Good... Bad... I'm the guy with the gun.

  • (cs) in reply to ObiWayneKenobi

    C# and VB.NET are, as of Framework 4, feature-compatible. There is no practical difference between C# and VB.NET. I threw a little party the day that was announced (since I work in a VB.NET shop). Yeah, it's a little more verbose, but whatever.

  • Anon (unregistered) in reply to Loren Pechtel
    Loren Pechtel:
    Yeah. That was my first reaction, also. Restore from backup!

    Backup? What's that?

  • JAJP (unregistered)

    No one is going to mention the other error in the Java code? You select a single field from the database then ask for the 2nd String from each row in the database? That's likely to throw an ArrayIndexOutOfBoundsException. Another WTF is using an offset of 1 (instead of 0) in ResultSet.

    CAPTCHA: valetudo - it's all worth it to get Randy off the team.

  • (cs)

    If you're going to do the comparisons, please do them appropriately:

    Java vs C# (languages) JEE vs .Net (environments)

    And yes, I totally agree, talk about using JDBC in any project today and you'll be kicked out the door. Didn't know .Net shops were so lame... I feel your pain guys.

    Funny thing, many stuff in .Net land is a port from JEE (junit, hibernate, spring, etc)

  • (cs) in reply to JAJP

    Yeah well, after seing this:

    "if(val = password)"

    I thought the code was pretty broken from the anonymatiation (this should be a captcha!)

  • (cs) in reply to Steve The Cynic
    Steve The Cynic:
    There are times when workplace violence is justified. This is one of them.

    One act of workspace violence deserves another, after all.

  • (cs) in reply to ubersoldat
    ubersoldat:
    If you're going to do the comparisons, please do them appropriately:

    Java vs C# (languages) JEE vs .Net (environments)

    And yes, I totally agree, talk about using JDBC in any project today and you'll be kicked out the door. Didn't know .Net shops were so lame... I feel your pain guys.

    Funny thing, many stuff in .Net land is a port from JEE (junit, hibernate, spring, etc)

    Yep, but for the longest time .NET focused on "RAD" techniques while that stuff quickly came up in Java land, so in .NET you're more apt to be kicked out the door if you are all "We need to use MVC and leverage NHibernate instead of DataSets, and we can use NUnit for testing" since chances are good the .NET shop has no idea what unit testing is, and everything is DataSets.

  • corroded (unregistered) in reply to Hmmmm
    Hmmmm:
    Zunesis: Nothing Less Than The Best:
    It's kind of an obscure reference to the move Army of Darkness.
    So my original description was spot on then. I thought it sounded familiar but I couldn't be arsed to Google it...
    Zunesis: Nothing Less Than The Best:
    I don't think anyone's going to catch it, though.
    Except for the 6 people who already have...

    It's not even that obscure of a reference.

  • Ralph (unregistered) in reply to Jack Foluney
    Jack Foluney:
    Reminds of a guy I work with who insists that oracle is evil because he can't write a SQL statement to save his life.
    But isn't that exactly what the never-satisfied GUI shills have been selling us for 20 years now? If the carefully designed and well thought out computer system can't magically just work no matter what nonsense spastic unconscious inputs the user provides while playing whack-a-mole against warning dialogs, it's the computer's fault?

    Whether it is software design, marketing, or politics, extroverts are the problem. They don't care what is good, just what looks good, so they can bask in the hollow approval of their fellow groupthinking conformist sheep.

  • Tractor (unregistered)

    The real WTF is SVN. If they had used git, it didn't matter if someone deleted the central repository. You'd still have your own copy, including history.

  • axmil (unregistered) in reply to rrc
    rrc:
    You can write really great code in PHP and really shit code in Java. Whether a language is strongly typed or is Object Oriented is not what produces good code. Good Programmers write Good Code.

    Shit Programmers will write Shit Code, no matter what language they use.

    ^ this. I was fortunate enough to be at a large company on a PHP-based project back in '00. Met w/ Zeev a few times and had Stas Malyshev working out of our office for a week or so; 12 years and many projects/jobs/languages later, I still rank them well above most of the other coders I've worked with.

    PHP coders can be just as brilliant or just as stupid as any other schmuck in front of a keyboard.

  • Aargle Zymurgy (unregistered) in reply to Jack Foluney
    Jack Foluney:
    Reminds of a guy I work with who insists that oracle is evil because he can't write a SQL statement to save his life.

    I briefly worked under a manager whose experience was in BASIC. As the company moved in a new direction, by fiat he became a C programmer, but he didn't like it. So he wrote his own string functions (MID, LEFT, RIGHT) and other comfort replacements and a few extras:

    #define BEGIN { #define END }

    And then banned the user of the ternary operator because he didn't understand it. He insisted everyone use his C-BASIC ("capitalize those variables!"). The nightmare didn't last long as upper management then hired a horde of experienced C programmers who summarily ignored his petty dictates.

  • TheManWho (unregistered)

    .NET guy here.

    As far as backups go, some people may work in organisations that just aren't cut out for supporting developers.

    I work in one of them. It's tough to get the IT guys to restore anything from backups. The usual response is, 'we're too busy'. Pretty much everything on my machine is officially unsupported by IT as they're only used to dealing with Office Apps.

    That said, in those situations, it's the responsibility of the developer to mitigate against this. We use GIT, and everything is pushed to an offsite server.

  • (cs)

    I call bullshit on a PHP dev knowing how to configure and use SSH.

  • (cs) in reply to Melnorme
    Melnorme:
    Army of Darkness is never obscure.
    If an army of darkness can't manage to be dark, that's TRWTF.
  • geoffrey, MCP, PMP (unregistered) in reply to ObiWayneKenobi
    ObiWayneKenobi:
    ubersoldat:
    If you're going to do the comparisons, please do them appropriately:

    Java vs C# (languages) JEE vs .Net (environments)

    And yes, I totally agree, talk about using JDBC in any project today and you'll be kicked out the door. Didn't know .Net shops were so lame... I feel your pain guys.

    Funny thing, many stuff in .Net land is a port from JEE (junit, hibernate, spring, etc)

    Yep, but for the longest time .NET focused on "RAD" techniques while that stuff quickly came up in Java land, so in .NET you're more apt to be kicked out the door if you are all "We need to use MVC and leverage NHibernate instead of DataSets, and we can use NUnit for testing" since chances are good the .NET shop has no idea what unit testing is, and everything is DataSets.

    Unit testing is nothing more than an excuse for a programmer to take three times as long as it should to code a simple feature.

  • LANMind (unregistered) in reply to DCRoss
    DCRoss:
    dr memals:
    what is S-MART ? americanism ?

    Bruce Campbell. "Army of Darkness". I thought that movie was required viewing before starting a career in IT.

    You can always tell the PHP developers.

  • (cs)

    At the risk of sounding racist, probably because a lot of J2EE development was sent overseas to India where new and inexperienced grads were thrown into the deep end coding up lots of garbage.

  • soju (unregistered) in reply to Melnorme
    Melnorme:
    Army of Darkness is never obscure.

    What would you say my girlfriend means when she says "Army of Darkness is not obscure yet."

  • (cs) in reply to LANMind
    LANMind:
    DCRoss:
    Bruce Campbell. "Army of Darkness". I thought that movie was required viewing before starting a career in IT.
    You can always tell the PHP developers.
    Klaatu! Verata! N... Necktie? Nectar? Nickel? Noodle?

    <-- Not a PHP developer.

  • Peter (unregistered) in reply to Tom
    Tom:
    I had a coworker do that to me. But when I reported it, I got fired for "not being a team player".

    Isn't it funny how bad employment choices seem to take care of themselves? Some teams, you just don't want to be on...

  • (cs)

    Alright you Primitive Screwheads, listen up! You see this? This... is my ORM system! Entity Framework, 4.3. Microsoft's top of the line. You can find this in the NuGet package repository. That's right, this sweet baby was made in Redmond, Washington. Distributed under a permissive license. It's got Code First, a walnut stock, a fluent API, cobalt blue steel, and a hair trigger. That's right, shop soft, shop Microsoft.

  • BR (unregistered) in reply to Hmmmm
    Hmmmm:
    dr memals:
    what is S-MART ? americanism ?
    Sounds like a disgusting, Americanised contraction of "Super-MARkeT".

    Though if that was really the state of the code before Bob joined the project then I doubt I'd employ any of the original coders to sweep the streets let alone work in a supermarket...

    http://www.youtube.com/watch?v=pFriRcIwqNU

    You foreigners need to get out more.

    :-)

  • trtrwtf (unregistered) in reply to DCRoss
    DCRoss:
    dr memals:
    what is S-MART ? americanism ?

    Bruce Campbell. "Army of Darkness". I thought that movie was required viewing before starting a career in IT.

    Nope.

  • (cs) in reply to Harold
    Harold:
    No, you're supposed to notice the fact that passwords are stored plaintext, and also the fact that it iterates over the result set to see if the password matches, rather than just including it in the where clause.
    A big one is that the SQL statement infers that the username is not unique. I would also wager that the username/password combination is not unique either, which would produce interesting results.
  • Hmmmm (unregistered) in reply to BR
    BR:
    http://www.youtube.com/watch?v=pFriRcIwqNU

    You foreigners need to get out more.

    :-)

    And "people" like you need to read the whole of the comment thread before trying to post funny comments or they just end up sounding stupid/pathetic/American (delete as appropriate)...

  • ZachBora (unregistered)

    Where's the WTF? It's only a guy sabotaging a project voluntarily.

  • (cs) in reply to geoffrey, MCP, PMP
    geoffrey:
    Unit testing is nothing more than an excuse for a programmer to take three times as long as it should to code a simple feature.

    What unit testing is is something that a lot of people don't understand.

    A lot of people think unit testing came from the Java ecosystem, but Java actually got it from Smalltalk. It was invented there because it was necessary: Smalltalk doesn't have a static type system, so you can't get the compiler to do correctness checking for you, so you end up having to write the correctness checks yourself if you don't want your code blowing up in production.

    Anyone using it in a language with a proper type system is just plain silly.

  • Wyrm (unregistered)

    Well, that's not a WTF story. It's plain old sabotage. Well, not sabotage to benefit someone else, just stupid sabotage to promote one language. Petty behaviour that got its fair "reward".

  • LANMind (unregistered)

    A passing unit test may make PM's nod their heads sagely, but a passing unit test does not equal working code. That's why good developers understand the business and its needs before cracking open an IDE.

  • (cs) in reply to Mason Wheeler
    Mason Wheeler:
    geoffrey:
    Unit testing is nothing more than an excuse for a programmer to take three times as long as it should to code a simple feature.
    What unit testing is is something that a lot of people don't understand.
    I had more faith in you. You've been here so long, how did you fall for such an obvious troll?!!?!
    Mason Wheeler:
    Anyone using it in a language with a proper type system is just plain silly.
    I see what you did there...
  • Bananas (unregistered) in reply to Remy Porter
    Remy Porter:
    I have to wonder what kind of person looks at a code snippet where a variable is obviously declared outside of said snippet, and then marvels when that snippet won't compile.

    Of course, there is a line in the code that is completely wrong that prevents compilation anyway. That is, in fact, the joke.

    Oh, and I thought it was just a typo.

  • Bananas (unregistered) in reply to Ross Presser
    Ross Presser:
    From now on I am going to refuse to work with anyone named Randy who has PHP and Apache in his work experience.
    You surely don't come to thedailywtf.com for lessons learned, do you?
  • (cs)
    Fred Flintstone:
    If finding competent Java developers is easier that .net why is it that Java EE code has the most technical debt?

    http://www.castsoftware.com/news-events/press-release/press-releases/new-worldwide-software-quality-study-from-cast-exposes-millions-in-hidden-it-costs

    A press release of a study by Java consultants, released by said consultants, that says that Java applications have the most technical debt? Gasp! Oh my stars and garters, what should I do? Perhaps this consultancy has -- oh look there under the solutions menu! Reducing Technical Debt. Just what this company needs!

    And no, I'm not a Java guy, or an enterprise software guy in general. But quoting marketing copy, really?

Leave a comment on “The Strong Type”

Log In or post as a guest

Replying to comment #:

« Return to Article