Would you like to guarantee your project ends up on this site? Antoon's employer has a surefire technique. First, hire a freshly graduated architect with no programming experience. Second, chuck them into a project in a programming language they don't know. Third, give them absolutely no supervision and no guidance or support, and watch what happens.
<?php
function copy_tables($table1, $table2, $copy, $size, $link, $action, $testOper)
{
global $link; //global so we can retrieve it in the fuction "update"
global $result;
global $timezone;
$result[1] = $copy;
if ($size = 'EXIST')
{
$queryz0 = "drop table if exists $table1";
$requestz0 = db_query($queryz0, $link) or error_log("copy_tables *** $table1 : Error in the execution of request z0", db_error() , $action, $testOper) . "\n";
if ($result[1] == "error")
{
exit;
}
$queryz1 = "create table $table1 LIKE $table2";
$requestz1 = db_query($queryz1, $link) or error_log("copy_tables *** $table1 : Error in the execution of request z1", db_error() , $action, $testOper) . "\n";
if ($result[1] == "error")
{
exit;
}
}
elseif ($size = 'NOTEXIST')
{
$queryz2 = "create table if not exists $table1 LIKE $table2";
$requestz2 = db_query($queryz2, $link) or error_log("copy_tables *** $table1 : Error in the execution of request z2", db_error() , $action, $testOper) . "\n";
if ($result[1] == "error")
{
exit;
}
}
$queryz3 = "insert $table1 select * from $table2";
$requestz3 = db_query($queryz3, $link) or error_log("copy_tables *** $table1 : Error in the execution of request z3", db_error() , $action, $testOper) . "\n";
if ($result[1] == "error")
{
exit;
}
}
?>
The WTF, of course, is less the code itself, and more the process which lead to it, but there are things in this code which terrify me. I never want to see a DROP TABLE
just sorta chucked into the middle of a SQL injection vulnerability. Having the connection string in a global $link
variable doesn't bother me, but why is $result
an array? What is $copy
? Why might it be "error", and why do we drop the table before checking if that's an error? And why is the variable that can be either "EXIST" or "NOTEXIST" called $size
? Wait, let's go back to $result
, because I just realized that db_query
must be a wrapper and it also uses the $result
global variable to store anything that happens. But also it returns a value if it succeeds or fails and…
Sorry. The more time I spend looking at this code, the worse I feel about the experience. Again, I don't fault the underqualified developer, I fault the organization which put them in a position they were guaranteed to fail. If anything, they should be proud that they failed in such a stomach-churning way. Better that than being boring.