• PJH (disco)

    One down, only a dozen 235112 left.

  • RaceProUK (disco)

    In theory, you don't need Request.QueryString["number"]; Request["number"] will do. But only if you don't have number in both the query string and the submitted form.

  • JBert (disco) in reply to RaceProUK
    RaceProUK:
    only if you don't have `number` in both the query string *and* the submitted form.
    Seeing how it was built by interns, it's a tossup.
  • Eldelshell (disco)

    Is this so stupid?

    Listen moron, when you start counting the number of characters in a string, you're probably fucking something up.

  • Tsaukpaetra (disco) in reply to JBert

    It's highly likely that both POST and GET parts are used, simultaneously.

    No joke, I'm maintaining an app developed last year that does this to the extreme.

  • RaceProUK (disco)
    Comment held for moderation.
  • Vault_Dweller (disco) in reply to RaceProUK

    She needs to catch up on all the older topics she forgot to list

  • PWolff (disco)
    strNumber = strUrl.Substring(58, strUrl.Length - 58);
    

    They're Doing It RightTM - preparing for future extension. Otherwise, they'd used simply

    strUrl.Substring(58)
    

    OTOH, they should have checked the URL to be well-formed before:

    if (strUrl.Substring(57, 1) == "?") {
      // above stuff
    } else {
      throw new Exception("Something went wrong", new Exception("Something went really badly wrong"), null));
    };
    
    Tsaukpaetra:
    It's highly likely that both POST and GET parts are used, simultaneously.

    Took me some time to convincepersuade my boss that submitting a password in the URL is a bad ideanot so much easier than to put it into the POST data and that a secure connection is better anywayjust one more character in source code

    At least, all of the data are transferred to POST, meanwhile. AFAIK.

    Edit: Just had a look into those Piles of Unsanitized ClothesCode, it isn't.

  • Yazeran (disco) in reply to RaceProUK

    Ok this was a new one. :laughing:

    I immediately thought about something along the line of a regexp: host.domain/cgi-bin/script.cgi?name=(\w+)/... (not that that would have been in anyway better....)

  • PWolff (disco) in reply to Yazeran
    Yazeran:
    host.domain\/cgi-bin\/script.cgi\?name\=(\w+)/...

    It is a number, so you could have used /...(\d+).../ instead.

    Unless they use decimals for future insertions, like

    customerNo = 123.45600128173828;
    

    Or

    customerNo = 0x789A;
    
  • RFoxmich (disco)

    TRWTF is that whomever was handling their DNS had never heard of CNAMEs. ;-)

  • dkf (disco) in reply to RFoxmich
    RFoxmich:
    TRWTF is that whomever was handling their DNS had never heard of CNAMEs.

    Either that, or Management freaked out at the idea of a CNAME and explicitly ordered that the service must be moved and must not be accessible via the old name. (Unfortunately, something that they're almost competent to check…)

  • kupfernigk (disco) in reply to Eldelshell
    Eldelshell:
    Listen moron, when you start counting the number of characters in a string, you're probably fucking something up.

    Unless you're parsing fixed width records from a mainframe, yes. Of course, if you spent a lot of time doing this you might, in a moment of forgetfulness, do something as crass as the article describes. But I don't think that's the case here somehow.

  • Drakkie (disco) in reply to RaceProUK

    You forgot request.cookies :stuck_out_tongue:

  • TheCPUWizard (disco) in reply to RFoxmich
    RFoxmich:
    TRWTF is that whomever was handling their DNS had never heard of CNAMEs

    Don't think that would have worked...The goal would be to allow access from the NEW name (access via the old name would be immaterial from this point of discussion)....

  • Shoreline (disco) in reply to dkf
    dkf:
    ... almost competent to check...

    Basically unrelated, but that phraseology reminded me of a manager I had who enjoyed checking the JIRA burndown.

    Sometimes I would work on some issue(s) and create new tickets for bugs I found, or things that needed to be fixed but weren't blocking me right now, so I'd do it later. Usually low priority things. Obviously this increased the number of unresolved tickets.

    Instead of getting off his maximised gluteus and doing some investigation, he must have glanced at the chart and instantly skype-called me demanding an explanation for the increase in unresolved tickets. I must have had this conversation three times:

    Him: Why has the number of tickets gone up? Me: I created a new one for an issue I found.

    He never complained about me doing this, but I always found it baffling that he was smart enough to setup a JIRA chart widget but not smart enough to understand what it meant. Maybe I'm just uptight and he found me easy to talk to (devs are normally uptight about being directly contacted, usually because they're in the middle of thinking).

  • dse (disco)

    :wtf: is that core functionality written by interns, with no testing and not in a code repository! If interns were unpaid , there is no :wtf: in the code.

  • Eldelshell (disco) in reply to Shoreline

    You seem to have a very basic setup of JIRA or your boss is doing the filtering wrong. Create a new ticket type like "Shoreline TODO" and tell your boss to filter out those from their chart.

  • kupfernigk (disco) in reply to Shoreline
    Shoreline:
    devs are normally uptight about being directly contacted, usually because they're in the middle of thinking

    This comment should be part of every management course and every MBA course.

    You know what? I'm not antisocial. Except when I'm working on something that needs several hours of concentrated thought. Your calling up and asking me about this ticket I have to go back and look at has cost the company a load of productive time. Is scheduling meetings so beyond you? Is "I'm stuck in traffic let's call all the devs" a clever management approach?

  • TimeBandit (disco) in reply to Eldelshell
    Eldelshell:
    Listen moron, when you start counting the number of characters in a string, you're **absolutely** fucking something up.
    FTFY
  • PWolff (disco) in reply to TimeBandit
    TimeBandit:
    Eldelshell:
    Listen moron, when you start counting the number of characters in a string, you're **absolutely** fucking something up.

    FTFY

    Of course you don't do that. You type

    thatString.Length [Enter]
    

    into Visual Studio's Immediate Window and memorize the result.

  • Shoreline (disco) in reply to Eldelshell
    Eldelshell:
    You seem to have a very basic setup of JIRA or your boss is doing the filtering wrong. Create a new ticket type like "Shoreline TODO" and tell your boss to filter out those from their chart.

    As opposed to filtering out by a milestone? Making a new ticket type so that my boss can answer his question, when he could answer it with perhaps multiple seconds of ordering the issue list by creation date (because where the fried-duck did these tickets come from otherwise?) seems like a bigger Workaround-Than-Fail.

    Admittedly I haven't tried filtering by a milestone or component or creation date, but it looks like the kind of thing it should be able to do. Although I did come across a case where I couldn't filter by something I needed, but possibly the way we were using JIRA was TRWTF in that case, since all my tickets were assigned to my line manager, whose first (and representative) response when I pointed out that I can't get a definitive to-do list out of JIRA was "I can see my tickets just fine".

    Fun times with JIRA.

    But yeah, always I have had a very basic setup with JIRA, usually without project managers or project owners.

    PWolff:
    You type

    thatString.Length [Enter]

    into Visual Studio's Immediate Window and memorize the result.

    You forgot to print it out and photograph it on a wooden table.

  • PWolff (disco) in reply to Shoreline
    Shoreline:
    You forgot to print it out and photograph it on a wooden table.

    Whenever it is necessary to touch woodto photograph something on a wooden table you find the world is made of plastic and aluminium.

    Anyway, that URL is a constant string before the question mark, so why bother with printing it out, photographing it on a wood decor table, printing out the photograph, scanning in the printout of the photograph and sending the scan per e-mail to oneself.

  • Mikey1 (disco)

    TRWTF: Who let a bunch of interns build an app that has any importance whatsoever without reviewing the code?

  • PWolff (disco) in reply to Mikey1
    Mikey1:
    TRWTF: Who let a bunch of interns build an app that has any importance whatsoever without reviewing the code?

    I suppose they hired another intern to do the code review.

  • ScholRLEA (disco) in reply to kupfernigk
    kupfernigk:
    I'm not antisocial.

    Then what are you doing posting on WTDWTF? :wink:

  • Matt_Westwood (disco)

    I worked with a man who was tasked with writing a (FORTRAN) program to load an array with the contents of a file, one element per line. At the end of reading the array, the program was also supposed to get the number of elements in the array. In FORTRAN the easiest way of doing it is to count the elements as you read them in.

    What my cow-orker did was make the file being read from contain, as the last line (or might have been first, can't remember), the count of the number of elements of the file.

    "Can't you just get the program to count them as it reads them?" I asked innocently.

    "Oh come on, it's perfectly reasonable to ask the people setting up the files to just count them up and make sure the number is added to the top (or bottom, I misremember) of the file."

    It took an intervention to get him to mend his ways and add a simple incrementor to count the elements as it went.

  • Gaska (disco) in reply to Matt_Westwood

    Maybe he learned programming by doing exercises from high-school-level programming competitions? You know, the ones that go like "on the first line you get some number N; on the next N lines, you get the data you need...".

  • herby (disco) in reply to Matt_Westwood

    This is an example of who is more accurate? The computer counting things, or the user who can only count up to twenty-one if barefoot and dropping his trousers.

  • dkf (disco) in reply to herby
    herby:
    This is an example of who is more accurate? The computer counting things, or the user who can only count up to twenty-one if barefoot and dropping his trousers.

    Oooooh, look at the microaggressing MCP not even considering those who are without! :trollface:

    (You can count higher than that. Use your knees as well. Or, if you're being advanced, use each “digit” to represent a binary digit, allowing you to make it to millions. My favourite is the representation of 132…)

  • RaceProUK (disco) in reply to dkf

    IIRC, there's a method that involves the knuckles that can get you up to 60

  • redwizard (disco) in reply to Drakkie
    Drakkie:
    request.cookies

    Here you go: [image]

  • Maciejasjmj (disco) in reply to Mikey1
    Mikey1:
    TRWTF: Who let a bunch of interns build an app that has any importance whatsoever without reviewing the code?

    Heh... heh. That's funny.

    If I counted the things I could have fucked up when I was an intern...

  • Scarlet_Manuka (disco)

    My favourite issue I encountered along these lines was when we were trying to use an early version of a certain product, and encountered trouble because it was failing to set an authentication cookie that it needed.

    The app was set up with a bunch of domains of the form server.app-area.companydomain and they wanted to set a cookie for *.companydomain. It turned out that they worked out the domain for the cookie by taking the last two elements of the domain. Which is fine if, like the vendor, your company domain is company.com, but less fine if (like us) it is company.com.au. The browser, reasonably, didn't think setting a cookie for *.com.au made sense and refused to store it. Fortunately there was an override we could use to tell it the correct domain for its cookies.

  • kupfernigk (disco) in reply to ScholRLEA
    ScholRLEA:
    Then what are you doing posting on WTDWTF?

    I was describing a generic developer. However in my personal case, the answer is "suffering from a condition that limits my active time each day".

  • PJH (disco) in reply to Matt_Westwood
    Matt_Westwood:
    "Oh come on, it's perfectly reasonable to ask the people setting up the files to just count them up and make sure the number is added to the top (or bottom, I misremember) of the file."

    Was the line the count was on included in the count of number of lines in the file.

  • anotherusername (disco) in reply to Matt_Westwood

    It was probably the first line. IIRC, Fortran had an inflexible array type, so you absolutely had to know how much it was expected to hold before you created it, or else risk running out of space when you're filling it. There was no way to increase the size of an existing array without destroying it.

    Of course, you don't need to have the count at the top of the file. You could open it, count the lines, allocate your array, and re-read the file into the array. I can see why he'd want to just have the number there, though. Especially if the code that wrote the file knew how many lines it was going to write, it would certainly be more efficient if it put that at the top of the file rather than requiring the code that read the file to do so twice, once just to get a number that was known at the time the file was written.

  • swayde (disco) in reply to anotherusername
    anotherusername:
    inflexible array

    Most arrays are inflexible. Sane languages (mostly) use lists or the like for flexible storage. Does fortran not have lists or something ? Is it really that hard to create a flexible array? In c# that's built in, but DIY would take 2 minutes and like 5 lines of code.

  • ScholRLEA (disco) in reply to swayde

    Yes, it is, actually, at least in older versions of Fortran. Prior to F77, all allocation was static - not stack - based local, but static, at compile time - so you could not even have dynamic auto arrays or recursive functions. In fact, the earliest versions didn't have chars at all, but had a weird integer hack for using strings.

    I don't know if F90 or later versions added heap allocation, but I doubt it.

  • HardwareGeek (disco) in reply to swayde
    Comment held for moderation.
  • ScholRLEA (disco) in reply to HardwareGeek

    Ah, thanks for the correction.

  • HardwareGeek (disco) in reply to ScholRLEA
    ScholRLEA:
    Ah, thanks for the correction.

    No problem. I only learned a few minutes ago that it had ever been added to the language. The last time I ever used Fortran, F77 was still the current version.

  • swayde (disco) in reply to HardwareGeek
    ScholRLEA:
    all allocation was static
    HardwareGeek:
    all variables were allocated statically at compile time.

    Wait, what. This makes no sense.
    If it's compile time static, then you can't increase the size at runtime anyway, and he couldn't use the variable in the file.

  • Gribnit (disco) in reply to swayde

    Hi, it is perfectly possible that an oversize array was allocated, usually wastefully, and that there was therefore a hard file length limit - not all of which was populated. Not sure if temp arrays would have brought anything to the party.

  • dkf (disco) in reply to HardwareGeek
    HardwareGeek:
    The last time I ever used Fortran, F77 was still the current version.

    I remember F77, though not fondly. That was back when everything was passed by reference — even constants — and you could cause serious mischief by assigning 1 to 0 or vice versa. The absolute pinnacle was when some misguided fellow student decided that numeric literals would be great formal parameters to the function they were working on. The compiler really did not like that, and the diagnostics it produced were… both confusing and misleading.

  • dkf (disco) in reply to swayde
    swayde:
    Wait, what. This makes no sense.

    Just declare it really large and use as much as you need. Efficiency is for wimps.

  • HardwareGeek (disco) in reply to dkf
    dkf:
    I remember F77, though not fondly.

    I said that F77 was current when I last used fortran, and that's true, but I'm not really sure whether I ever actually used it. I know I originally learned FORTRAN IV, and I don't remember whether my uni had yet moved to F77 when I last used fortran in the mid-80s. Even if it had, I don't think we used any of the enhancements.

  • dkf (disco) in reply to HardwareGeek
    HardwareGeek:
    I said that F77 was current when I last used fortran, and that's true, but I'm not really sure whether I ever actually used it. I know I originally learned FORTRAN IV, and I don't remember whether my uni had yet moved to F77 when I last used fortran in the mid-80s. Even if it had, I don't think we used any of the enhancements.

    I have no idea really whether we used the enhancements or not. We had our own home-grown F77 implementation that ran on a home-grown OS on a weird IBM mainframe. It was the first programming language taught to physics and chemistry students at the time, and they really bodged things as they tried to make their assignments work. (By this point, I'd already moved on to Pascal and C and was starting to experiment with other languages too. No surprise I moved to computing. :smile:)

    I guess it was one of these things where it all seems fine until you see what other people are doing and you realise “Oh! There are much better ways of doing this!”

  • Matt_Westwood (disco) in reply to anotherusername
    Comment held for moderation.
  • anotherusername (disco) in reply to ScholRLEA

    That's even worse than I remembered before, but yeah, now I remember. Basically using any sort of array in Fortran was a huge pain. The version that I was using actually did have some way to allocate arrays at runtime, I think, but I found it to be more of a really easy way to have your program crash for no apparent good reason. There were probably a bunch of gotchas that I didn't know about.

Leave a comment on “Count On It”

Log In or post as a guest

Replying to comment #:

« Return to Article