- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
The last one: Tragically, that's one error your luxurious handler won't help you find.
Admin
Ref Home Depot's coupon: That's an Easter Egg from the HD IT team to us IT folks. We can instantly see it's just a series of 4 digit blocks separated by %20 space characters for readability but ordinary schlubs who work on buildings can't redeem the code. Har har har. Since it's supposedly a 26 character code, there must be a short block someplace. At least they were thoughtful enough to include a horizontal scroll bar so we can maneuver to see the whole code; just clipping the end off would have been mean. Thank you HD IT folks wherever you are; we appreciate the joke. And the free $5.
As to memegenerator.net's ASP.Net error dump: I notice the dumped urls of the source code are all to F:\Eff\Development\Code\Work...
So maybe, just maybe, we've got a screenshot a dev took on their dev system while debug dumping was legitimately enabled. Either that or memgenerator.net is running production in dev. Naah, couldn't be ... could it?
Admin
An online code browser for a government (or government-contracted) website, written in PHP? Oh, I bet someone could have lots of fun hunting TDWTF submissions in that.
Admin
Showing all your internal information in an exception in production is a sure sign of concrete incompetence.
Admin
Re the last one - I'm not familiar with whichever PHP framework this is (I avoid PHP like the plague it is), but clearly someone has managed to leave "debug mode" (or whatever this framework calls it) turned on in production. Tragically easy to do, especially by those who don't understand the security implications - the real WTF isn't though that someone did it but that there wasn't some sort of process to guard against it.
Admin
re: concrete dump
at least
concrete.proxy.passwordis not revealed... and is a Vespa a motorcycle?
Admin
ASP isn't live-interpreting the .cs files, or is it? This might just be the path from which the .cs files where originally compiled from, but it doesn't have to meant that the server is running in that location.
Admin
It is a scooter if I recall correctly. So, similar to a motorcycle.
Admin
It depends on the Vespa model, as well as local and state jurisdictions. In my state, for example, looking at a couple of the Vespa models, the Sprint 150 would in fact be classified as a motorcycle, with all of the privileges and responsibilities given to any other motorcycle. Meanwhile, the Sprint 50 would be classified as a Motor Driven Cycle class B.
Admin
Yep! It's Laravel, and yep, it's in debug mode. I'm allll too familiar with that screen haha.
Admin
This is a flip on the "I only test in production" - "I only run in development"
Admin
It's Laravel and this is the default for DEBUG=TRUE variable in .env file. Unfortunately, this will also show db connection details including password etc.
I guess they don't have separate dev and live .env files.
Admin
This. However, this still means that they probably have no build pipeline and the last person to touch the code built it on their machine and copied it to production.
Admin
Thanks for reminding me with that callstack that .NET shares the same level of WTF-inducing abstraction insanity as Java.
Admin
Wow, I saw that same memegenerator.net error live. It did happen on April 1st, so it could just have been an elaborate prank, but I cannot be sure.
Admin
The last one isn't Laravel. The handler is Whoops, and the CMS is concrete5.
Admin
Alright, then it uses the same Symfony stack and debug components so it looks like Laravel.