intercal:

I’m tasked with reimplementing/extending this portal we have for our clients. This is code that was written maybe 3 or 4 years ago, by the guy whose job I’m doing now (he left about a year after I started for Greener Pastures).

It is truly some of the worst code I have ever seen. I’m going to try to list everything I’ve seen so far. It dips its toes into “holy shit, how did this go unnoticed for so long” territory.

• Plaintext passwords, managed by a “misc-tbl” of data that’s been jumbled together.
  
• Logins and password changing is done with this sort of process:
• Create a file with the username and password.
• Upload that file to the database server(???)
• Run a script (on that database server, we’re in PHP exec() land babey) to that either checks or updates the password.
• If it was successful, the last line of the script’s output is “true”.
• The files are never cleaned up, either, so we have a treasure trove of plaintext username/password files just sitting around the server. Lots of files with duplicate contents (but unique names, wouldn’t want an accidental collision!)
• Deployment configuration is (was, after I cleaned it up) through two nearly identical files, with only a few values changed. Configuration was softlinked to “config.php”, which was also part of the git repository. If you accidentally commit config.php pointing to your development config, you’ll bring down the whole site because all of a sudden you’re using development config in production.
• This “conf” directory lived above the webroot directory, so PHP files were able to include them, but they would not be publicly accessible. Makes sense, until you realize that that there’s a copy of that exact same directory that’s publicly visible. They are used seemingly interchangeably. I have no idea what it’s for.
• For some reason, the author had this strange idea of “modularization” of his code. He would write “libraries” for exclusive use by the website, and then put them in strange, unrelated directories outside of the repository.
• There are two “libraries” which live somewhere in the /usr/ directory. There’s no reason for this other than needless complexity.
• There’s a third “library” that was a git submodule. Again, this library is used no place other than this project. I have no idea why he thought this was a good idea.
• There are so many utility functions and classes that simply never get used. Maybe he had an idea for using them in the past, but those plans never came to fruition. Trying to figure out where a function actually gets called in PHP is a pain in the ass.
• We have a perfectly good MySQL database for storing website-related data. However, he found it to be in his best interests to spin up a Postgres database for his special application.
• My coworker found some of his more recent work, and it has the same braindamaged ideas. The one that stood out the most to me was where he made two functions, “truth” and “deception”. All they would do is return “true” and “false”. AND HE ACTUALLY USED THEM. Names don’t actually have to mean anything, right??

The man is a walking anti-pattern. I feel like the first thing I’m going to say to him, should I ever see him again, is to never code for the rest of his life. He makes too much work for the rest of us to be considered “productive”.

danger:

Montmartre steps, Paris 18th by Chris Bonnie

privilegejunkie:

Gotta get up in 3 hours for work. Do I sleep or say fuck it?

Whoops sat in bed and daydreamed for 3 hours instead.

Gotta get up in 3 hours for work. Do I sleep or say fuck it?