- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Actually, this code almost works. An empty array can be coerced to 0 when using weak type checking, so changing the check
$output != 0to$output == 0would check for an empty array "correctly". Still pretty ugly code, so not usingempty($output)to check is probably the real WTF.Admin
Just think about the level of WTFery which led them to write PHP code which looks for an executable across different folders. Is this serving web requests? Because if so, I'm glad they couldn't find the file.
Admin
I know this is a bit off-topic, but I just wanted to say that I really appreciate when these articles use gender-neutral language. So many people assume that (almost) everyone in IT is a man, and it's always nice to see people acknowledge that that's not the case.
Admin
Interesting! Thanks for sharing! I always Loves your blogs
Admin
1, like I wrote previously, using male pronouns is a way to signify unknown gender, not to presume it's a man. 2, given the context of this article, I think most women would prefer that the characters were in fact men :))))
Admin
Assuming the last version we see is the one currently in production ...
The fact the shell-out search doesn't work is apparently immaterial. In actual use, the desired file is on one of the two known paths. So while it that bit of the code is broken, it doesn't need fixing. So the general attitude of maintenance programmers both rears its head and legitimately applies (for once): "Fix only the immediate problem and with as little awareness of any bigger picture as possible. Actual comprehension takes time you do not have to spare."
I wonderwhat the calling function(s) do with this result. And what the provenance of $path is. I can sure see "malicious code injection potential" written all over this one.
Admin
@Mr. TA Ref
That may well have been true as a matter of general usage 30+ years ago. In recent years (decades actually) It is increasingly viewed as archaic and increasingly offensive by an ever-increasing number of people of both genders.
You or I may disagree with that change in attitude. But it takes something that looks a lot like willful ignorance not to acknowledge the change is now occurring around us.
Admin
I presume the calling site proceeds to call system($path), possibly with arguments to the executable. Which, as you say, might be considered dangerous. Although not as dangerous as using PHP in the first place.
I'm not entirely sure I have a problem with the original formulation. (U)nix is pretty lax with its definition of "special folders," because historically it depended upon env variables (and possibly OS-specific resolution between those env variables.) I'm wide open to correction (having not worked on Linux for a long while), but I would have thought that, if you're looking for a system executable, you should be looking in those two places. And if you're not looking for a system executable, you should be looking somewhere else,
So, by my guess ... the best thing to do with this steaming pile is to revert it back to the original version. Which at least does what it claims to do.
Admin
I feel I should point out: The string referring to the location of a single file is also a path, it's just not a search path. The word "path" is used both for the specific /foo/bar string and the list of possible directories to search. So, the name is right and "findPathOf" is a reasonable name for this.
Admin
People have the right to get offended at how the world works. Other people have the right to ignore them.
Admin
Normally if I need to shell out to a system command from PHP, I only need the command name. Let the OS search $PATH.
If for some reason I do need to find which directory the executable is in, I think the version that came the closest to what was needed was #2 - the one using 'which'. Even though it was wrong 100% of the time, it only needed to be tinkered with a bit to be right 100% of the time. All of the other methods may be right some of the time, but would never be right all of the time.
Admin
Back in 1978 I signed on at a company with well over 100 programmers. Two were women. One of them had a sign in her cube with the dark humor of "TOKEN FEMALE." Despite the prominence of Adm. Hopper and Margaret Ellis (who, by chance, is a friend), it's been a male dominated industry for some time.
Admin
The "which" version has a pair of subtle differences from the "file_exists" version: handling of slashes and file permissions.
The "which" command searches for a file in $PATH or under the local directory. Eg., if I'm in /usr,
which bin/timefinds the time command in "/usr/bin"; if I'm not in "/usr",which bin/timefails to find the time command in "./bin". So, if there are sub-directories under "/usr/bin" or "/usr/local/bin" that have files of interest (eg., "/usr/bin/consonto/file"), the "which" version won't find them.Also, the "which" command searches for executable files in $PATH. If the caller is trying to find a non-executable file (setting aside the WTF-ery of putting one in $PATH),
whichwon't find it.Yay fractal WTF-ery.
Admin
Using male pronouns for indeterminate gender is one of those bits of Victorian 'English is Latin, so Roman Empire -> British Empire' grammatical nonsense. Prior to that, they\them was in common use in this context, and had been since before recognisably modern English came along.
It sounds like you grew up just at the end of its fairly brief stint in common usage. It's generally considered rather silly these days, whilst the insistence on using it despite the silliness and offence it causes is generally associated with incels, neckbeards, and MRArseholes.
Admin
Since this is a "little history", let's take a moment to recognize the history of the singular they, and remember that you can't complain about the singular "they" unless you also complain about the singular "you", because if you're going to get hung up on usage rules that don't matter, you have to get hung up on all the usage rules that don't matter.
Admin
Less than you think - in Middle English of the 13th Century or so, "he" and "they" were both spelled H-E.
Admin
That method will break if you call this program/script from cron, which sanitizes PATH to /bin:/usr/bin.
I don't know if you can alter PATH from PHP to avoid these issues.
Admin
Could be searching for a sub-directory.
Admin
But wouldn't you just do
which time? What if time in this case was in /usr/sbin?I think this is the first time I see
which bin/time(and I've been admining linux systems for 20 years). What's the use case for this form?Admin
Until about 1970.
Admin
Gollum knew the secret - just use "it." Gollum knew a lot of secrets, actually, except for what was in that darn front pocket - a problem that was far too tricksy.
I hate to kick PHP while everyone else is already kicking it, but does it irk anyone else that the hashtable is called an array??!?!? It's a relaxation of formality that just ends up summoning end-of-days chaos, aka lower code readability.
Admin
I wouldn't be so sure, since it would imply knowledge of the EXISTENCE of system(), which function is what these people are mistaking exec() for.
Admin
Just as the value of $PATH is different among various Linuxes, UNIXes, and BSDs, for certain commands it could be that they are shell-internal commands, builtins. In such a case, calling (for example) "which time" from the C shell would result in an appropriate message, of course not containing any path-like information, and the exit code would be 0, because the requested command has been found (even though the shell implements it by itself). A similar case would be calling "which ls" where ls is a shell alias for a ls binary call with custom command line options added - same problem. Depending on the environment this PHP script is intended to be run in, and considering if it should be portable code or not, the WTF remains: it only works for the two obvious cases.
Admin
"That may well have been true as a matter of general usage 30+ years ago." indeed it was... what suprises many people is that a few hundred years ago it was NOT! The singular "they" was quite common.... and in fact has remained in subtle use even by those to argue against it.... consider the following conversation after person #1 just got off the phone talking to ONE other person...
#1) "Well that did not go well". #2) "Sorry to hear that.. what did THEY say, did you tell THEM all the details?"
Admin
Thank you for the information, Karen.
Admin
Well, I read it as multiple identity-not-specified people doing the updates, so it was plural they. I had to go back and read the article again to find the gender-nonspecific language being refered to.
Admin
But $path really should be called $leaf, as it's looking for a path to a specified file.
I suppose you could argue that it could be called with FindPathOf("tools/web/webbify") so it would be finding the path to a path.
Admin
I'm amazed at how even a software-related website just does not escape the escapades of social justice warrior types. Is there anything that everybody, regardless of their opinions on other topics, can discuss, without sliding into yelling "discrimination" at each other?
Sad.
Admin
I for one welcome the return of "thou" to our lexicon.