• (nodebb)

    Actually, this code almost works. An empty array can be coerced to 0 when using weak type checking, so changing the check$output != 0 to $output == 0 would check for an empty array "correctly". Still pretty ugly code, so not using empty($output) to check is probably the real WTF.

  • (nodebb)

    Just think about the level of WTFery which led them to write PHP code which looks for an executable across different folders. Is this serving web requests? Because if so, I'm glad they couldn't find the file.

  • Naomi (unregistered)

    I know this is a bit off-topic, but I just wanted to say that I really appreciate when these articles use gender-neutral language. So many people assume that (almost) everyone in IT is a man, and it's always nice to see people acknowledge that that's not the case.

  • winapster (unregistered)

    Interesting! Thanks for sharing! I always Loves your blogs

  • (nodebb) in reply to Naomi

    1, like I wrote previously, using male pronouns is a way to signify unknown gender, not to presume it's a man. 2, given the context of this article, I think most women would prefer that the characters were in fact men :))))

  • WTFGuy (unregistered)

    Assuming the last version we see is the one currently in production ...

    The fact the shell-out search doesn't work is apparently immaterial. In actual use, the desired file is on one of the two known paths. So while it that bit of the code is broken, it doesn't need fixing. So the general attitude of maintenance programmers both rears its head and legitimately applies (for once): "Fix only the immediate problem and with as little awareness of any bigger picture as possible. Actual comprehension takes time you do not have to spare."

    I wonderwhat the calling function(s) do with this result. And what the provenance of $path is. I can sure see "malicious code injection potential" written all over this one.

  • WTFGuy (unregistered)

    @Mr. TA Ref

    1, like I wrote previously, using male pronouns is a way to signify unknown gender, not to presume it's a man.

    That may well have been true as a matter of general usage 30+ years ago. In recent years (decades actually) It is increasingly viewed as archaic and increasingly offensive by an ever-increasing number of people of both genders.

    You or I may disagree with that change in attitude. But it takes something that looks a lot like willful ignorance not to acknowledge the change is now occurring around us.

  • Sole Purpose Of Visit (unregistered) in reply to WTFGuy

    I presume the calling site proceeds to call system($path), possibly with arguments to the executable. Which, as you say, might be considered dangerous. Although not as dangerous as using PHP in the first place.

    I'm not entirely sure I have a problem with the original formulation. (U)nix is pretty lax with its definition of "special folders," because historically it depended upon env variables (and possibly OS-specific resolution between those env variables.) I'm wide open to correction (having not worked on Linux for a long while), but I would have thought that, if you're looking for a system executable, you should be looking in those two places. And if you're not looking for a system executable, you should be looking somewhere else,

    So, by my guess ... the best thing to do with this steaming pile is to revert it back to the original version. Which at least does what it claims to do.

  • seebs (unregistered)

    I feel I should point out: The string referring to the location of a single file is also a path, it's just not a search path. The word "path" is used both for the specific /foo/bar string and the list of possible directories to search. So, the name is right and "findPathOf" is a reasonable name for this.

  • pif (unregistered) in reply to WTFGuy

    it is increasingly viewed as archaic and increasingly offensive

    People have the right to get offended at how the world works. Other people have the right to ignore them.

  • ooOOooGa (unregistered)

    Normally if I need to shell out to a system command from PHP, I only need the command name. Let the OS search $PATH.

    If for some reason I do need to find which directory the executable is in, I think the version that came the closest to what was needed was #2 - the one using 'which'. Even though it was wrong 100% of the time, it only needed to be tinkered with a bit to be right 100% of the time. All of the other methods may be right some of the time, but would never be right all of the time.

  • Argle (unregistered) in reply to Naomi

    Back in 1978 I signed on at a company with well over 100 programmers. Two were women. One of them had a sign in her cube with the dark humor of "TOKEN FEMALE." Despite the prominence of Adm. Hopper and Margaret Ellis (who, by chance, is a friend), it's been a male dominated industry for some time.

  • minnmass (unregistered)

    The "which" version has a pair of subtle differences from the "file_exists" version: handling of slashes and file permissions.

    The "which" command searches for a file in $PATH or under the local directory. Eg., if I'm in /usr, which bin/time finds the time command in "/usr/bin"; if I'm not in "/usr", which bin/time fails to find the time command in "./bin". So, if there are sub-directories under "/usr/bin" or "/usr/local/bin" that have files of interest (eg., "/usr/bin/consonto/file"), the "which" version won't find them.

    Also, the "which" command searches for executable files in $PATH. If the caller is trying to find a non-executable file (setting aside the WTF-ery of putting one in $PATH), which won't find it.

    Yay fractal WTF-ery.

  • Dave (unregistered) in reply to Mr. TA

    Using male pronouns for indeterminate gender is one of those bits of Victorian 'English is Latin, so Roman Empire -> British Empire' grammatical nonsense. Prior to that, they\them was in common use in this context, and had been since before recognisably modern English came along.

    It sounds like you grew up just at the end of its fairly brief stint in common usage. It's generally considered rather silly these days, whilst the insistence on using it despite the silliness and offence it causes is generally associated with incels, neckbeards, and MRArseholes.

  • (author)

    Since this is a "little history", let's take a moment to recognize the history of the singular they, and remember that you can't complain about the singular "they" unless you also complain about the singular "you", because if you're going to get hung up on usage rules that don't matter, you have to get hung up on all the usage rules that don't matter.

  • (nodebb) in reply to Dave

    Prior to that, they\them was in common use in this context, and had been since before recognisably modern English came along.

    Less than you think - in Middle English of the 13th Century or so, "he" and "they" were both spelled H-E.

  • richarson (unregistered) in reply to ooOOooGa

    That method will break if you call this program/script from cron, which sanitizes PATH to /bin:/usr/bin.

    I don't know if you can alter PATH from PHP to avoid these issues.

  • John (unregistered)

    Could be searching for a sub-directory.

  • richarson (unregistered) in reply to minnmass

    But wouldn't you just do which time? What if time in this case was in /usr/sbin?

    I think this is the first time I see which bin/time (and I've been admining linux systems for 20 years). What's the use case for this form?

  • James (unregistered) in reply to Mr. TA

    like I wrote previously, using male pronouns is a way to signify unknown gender, not to presume it's a man.

    Until about 1970.

  • My Precious (unregistered)

    Gollum knew the secret - just use "it." Gollum knew a lot of secrets, actually, except for what was in that darn front pocket - a problem that was far too tricksy.

    I hate to kick PHP while everyone else is already kicking it, but does it irk anyone else that the hashtable is called an array??!?!? It's a relaxation of formality that just ends up summoning end-of-days chaos, aka lower code readability.

  • Asinine (unregistered) in reply to WTFGuy
    Comment held for moderation.
  • (nodebb) in reply to Sole Purpose Of Visit

    I wouldn't be so sure, since it would imply knowledge of the EXISTENCE of system(), which function is what these people are mistaking exec() for.

  • Officer Johnny Holzkopf (unregistered) in reply to richarson

    Just as the value of $PATH is different among various Linuxes, UNIXes, and BSDs, for certain commands it could be that they are shell-internal commands, builtins. In such a case, calling (for example) "which time" from the C shell would result in an appropriate message, of course not containing any path-like information, and the exit code would be 0, because the requested command has been found (even though the shell implements it by itself). A similar case would be calling "which ls" where ls is a shell alias for a ls binary call with custom command line options added - same problem. Depending on the environment this PHP script is intended to be run in, and considering if it should be portable code or not, the WTF remains: it only works for the two obvious cases.

  • (nodebb) in reply to WTFGuy

    "That may well have been true as a matter of general usage 30+ years ago." indeed it was... what suprises many people is that a few hundred years ago it was NOT! The singular "they" was quite common.... and in fact has remained in subtle use even by those to argue against it.... consider the following conversation after person #1 just got off the phone talking to ONE other person...

    #1) "Well that did not go well". #2) "Sorry to hear that.. what did THEY say, did you tell THEM all the details?"

  • (nodebb) in reply to WTFGuy

    Thank you for the information, Karen.

  • J.G.Harston (unregistered) in reply to Mr. TA

    Well, I read it as multiple identity-not-specified people doing the updates, so it was plural they. I had to go back and read the article again to find the gender-nonspecific language being refered to.

  • J.G.Harston (unregistered) in reply to seebs

    But $path really should be called $leaf, as it's looking for a path to a specified file.

    I suppose you could argue that it could be called with FindPathOf("tools/web/webbify") so it would be finding the path to a path.

  • (nodebb)

    I'm amazed at how even a software-related website just does not escape the escapades of social justice warrior types. Is there anything that everybody, regardless of their opinions on other topics, can discuss, without sliding into yelling "discrimination" at each other?

    Sad.

  • kingscharterbususa (unregistered)
    Comment held for moderation.
  • kingscharterbususa (unregistered)
    Comment held for moderation.
  • kingscharterbususa (unregistered)
    Comment held for moderation.

Leave a comment on “A Little History”

Log In or post as a guest

Replying to comment #:

« Return to Article