The PHP WTF - stuff that makes you go wha? http://www.thephpwtf.com en 2004-12-02T00:11:23-08:00 [email protected] hourly 1 2000-01-01T12:00+00:00 When a function just won't do...http://www.thephpwtf.com/node/view/33Thanks to Michael for sending this in! He was doing a code audit on a PHP application developed by a contractor. Our story starts with an include file named magdit.inc, which is Dutch for "isthisallowed". This example makes it into the WTF Hall of Fame because it violates so many good design principles. Take a look at magdit.inc to get you started... 2004-12-02T00:07:37-08:00phraxThanks to Michael for sending this in! He was doing a code audit on a PHP application developed by a contractor. Our story starts with an include file named magdit.inc, which is Dutch for "isthisallowed".

This example makes it into the WTF Hall of Fame because it violates so many good design principles. Take a look at magdit.inc to get you started...

includes/magdit.inc

Can you spot the multiple WTF's in magdit.php? The most blatent ones are the use of eval() (why?!), and at the end of the file where $magdit is either "ja" (yes) or "nee" (no). I bet you're wondering what's the point of this code if it just ends?! There's also another WTF in there that's a doozy. Can you spot it? Read on, it gets worse...

left_frame.php
Gebruikers"; } $magdit = 13; include 'includes/magdit.inc'; $magdit2 = $magdit; $magdit = 14; include 'includes/magdit.inc'; $magdit3 = $magdit; $magdit = 15; include 'includes/magdit.inc'; $magdit4 = $magdit; $magdit = 29; // ... ohh the agony! ?>

In left_frame.php we see why magdit.inc ended so abruptly! It is used to reuse PHP logic! I particularly like how $magdit is the hardest working variable in PHP. It's an integer then a string, then an integer again, etc.

Another thing that needs to be pointed out is the use of literals in the code. What does 6,7,12,13,14,15,29 really mean? Integer literals in code are the only thing more confusing than building a PHP application with billions of includes. This WTF makes me dizzy. Thanks again to Michael for sending it in, and we all pity you.

]]> one wtf, two wtf, three wtf...ah ah ah!http://www.thephpwtf.com/node/view/31 I had to confirm that this was production code. It's always more funny, or tragic, when production code is bad. Thanks to Søren for sending this in. What's the most efficient way to skip a few numbers? Well it's not this way! It's bad enough that 2, 3 and 4 are literals and not constants, but they also represent database logic. At least they didn't select * and skip records with the wrong TypeId's. 2004-12-01T11:30:44-08:00phrax

I had to confirm that this was production code. It's always more funny, or tragic, when production code is bad. Thanks to Søren for sending this in.

What's the most efficient way to skip a few numbers? Well it's not this way! It's bad enough that 2, 3 and 4 are literals and not constants, but they also represent database logic. At least they didn't select * and skip records with the wrong TypeId's.

0) { if ($TypeId == 2) { } else if($TypeId == 3) { }else if($TypeId == 4) { } else { $sql .= " AND D.TypeId = $TypeId"; } } ?>]]> The magic in header.inc.php...http://www.thephpwtf.com/node/view/30Last week we looked at PHP's limited MySQL functionality. Today we have another example for the PHP guys to improve the MySQL library. That's sarcasm for those that missed it the first time. On a more WTF note, I wonder what's inside header.inc.php. Especially since it is included into the code like nine times! Anybody know the difference between using include() versus require()? Thanks to Stefan for sending this in. 2004-11-30T11:05:26-08:00phraxLast week we looked at PHP's limited MySQL functionality. Today we have another example for the PHP guys to improve the MySQL library. That's sarcasm for those that missed it the first time.

On a more WTF note, I wonder what's inside header.inc.php. Especially since it is included into the code like nine times! Anybody know the difference between using include() versus require()?

Thanks to Stefan for sending this in.

]]> Drinking on the job...http://www.thephpwtf.com/node/view/29A friend of mine works in Germany as a Java developer/Oracle DBA. He's quite intelligent, making a decent 6 figure income in a meager 16 hour work day. He tells me in Germany beer is nearly cheaper than water. In fact, I hear about the cheap beer a lot! I'm starting to suspect that the cheap beer and the number of German PHP WTFs I'm getting is not a coincidence. This is today's WTF. There are a few newbie things but the WTF is where the array from mysql_fetch_row() is separated into variables only to be immediately jammed into another array. Thanks to elias for sending this in. 2004-11-29T23:01:43-08:00phraxA friend of mine works in Germany as a Java developer/Oracle DBA. He's quite intelligent, making a decent 6 figure income in a meager 16 hour work day.

He tells me in Germany beer is nearly cheaper than water. In fact, I hear about the cheap beer a lot! I'm starting to suspect that the cheap beer and the number of German PHP WTFs I'm getting is not a coincidence.

This is today's WTF. There are a few newbie things but the WTF is where the array from mysql_fetch_row() is separated into variables only to be immediately jammed into another array.

Thanks to elias for sending this in.

]]> Farewell thephpwtf...http://www.thephpwtf.com/node/view/28And welcome the PHPWTF2. Tonight I'm going to finish off the migration of content to the new Drupal website. The big change will affect those who use the feeds. Unfortunately Drupal doesn't have very good Atom or RSS2 feeds. If you can, I recommend you use the plain RSS. I have added in a 3rd party module to support RSS2/Atom feeds. I'm not sure how stable it is though. Let me know if it sucks. 2004-11-27T20:19:39-08:00phraxn/a PHP's limited MySQL and math functionality...http://www.thephpwtf.com/node/view/27I've been using PHP for about 5 years and I like it a lot. However, two of my biggest complaints is that it has limited MySQL functionality and limited arithmetic operators. This isn't really a WTF but an example of what should be fixed in PHP. I pray to the PHP gods! Please let me select a single field from a table! Please give me the modulus operator! I beg of thee! Thanks to Wonko for sending this in. 2004-11-28T23:32:52-08:00phraxI've been using PHP for about 5 years and I like it a lot. However, two of my biggest complaints is that it has limited MySQL functionality and limited arithmetic operators. This isn't really a WTF but an example of what should be fixed in PHP.

I pray to the PHP gods! Please let me select a single field from a table! Please give me the modulus operator! I beg of thee!

Thanks to Wonko for sending this in.

"; if ($i==25 || $i==50 || $i==75 || $i==100 || $i==125 || $i==150 || $i==175 || $i==200 || $i==225 || $i==250 || $i==275 || $i==300|| $i==325 || $i==350 || $i==375 || $i==400 || $i==425 || $i==450 || $i==475 || $i==500 || $i==525 || $i==550 || $i==575 || $i==600 || $i==625) { $opp .= "
\r\n"; $j = $j+226; } else { $j++; } $i++; } echo $opp; ?>

On another note. The site will be moving to Drupal. I've migrated over all the posts and the comments and putting together the PHPWTF theme for it. It should be done by next week. The change will bring some notable improvements.

  1. Automatic PHP Code highlighting
  2. Threaded Comment support
  3. WYSIWYG HTML comment support
  4. Clean URL's
  5. Better platform to develop new stuff

If you have any suggestions feel free to submit to them to [email protected], or you can just use the Submit WTF form. It all goes to the same place.

]]> Rolling your own Date/Time functionshttp://www.thephpwtf.com/node/view/23What do you do when there are just too many working hours in the day? Re-invent some PHP functions. While you're at it also add some global variable requirements to make sure free time doesn't happen in the future. 2004-11-28T23:33:36-08:00phraxWhat do you do when there are just too many working hours in the day? Re-invent some PHP functions. While you're at it also add some global variable requirements to make sure free time doesn't happen in the future.

Comments are submitter's:

]]> When I was your age I didn't have luxuries like...http://www.thephpwtf.com/node/view/26being able to select more than one column from the database at a time! (thanks to Nightflyer for this submission) 2004-11-28T23:35:05-08:00phraxbeing able to select more than one column from the database at a time!
(thanks to Nightflyer for this submission)

]]> echo "using echo sucks!";http://www.thephpwtf.com/node/view/25Nicely formatted, easy to read, but oh so wrong. The switch is bad enough but using all those echo makes me so angry. I pity all pour souls that have to work with code like this. 2004-11-24T15:27:02-08:00phraxNicely formatted, easy to read, but oh so wrong. The switch is bad enough but using all those echo makes me so angry. I pity all pour souls that have to work with code like this.

"; echo " <tr>"; echo " <td>"; echo " <form method=\"post\" type=\"text/css\" action=\"http://www.example.com/index.php?section=Replays\">"; echo " <select name=\"bewertung\" size=\"1\">"; for ($bew = 1 ; $bew <= 10 ; $bew++) { echo "<option>".$bew."</option>"; } echo " </td>"; echo " <td>"; echo " <input type=\"submit\" value=\"Vote\" name=\"vote\">"; echo " </form>"; echo " </td>"; echo " </tr>"; echo "</table>"; ?>]]> Error! You have used up your lifetime quota of tabs.http://www.thephpwtf.com/node/view/24Do you have a co-worker that writes perfectly formatted and meticulous code that is easy to read? This submitter doesn't. This code was written by his supervisor. Comments in code are submitters. Personal Note: I had to work on some nasty code that put me in a foul mood today. However this cheered me up. I just have to keep repeating, "it can always get worse. It can always get worse!". 2004-11-24T15:25:29-08:00phraxDo you have a co-worker that writes perfectly formatted and meticulous code that is easy to read? This submitter doesn't. This code was written by his supervisor. Comments in code are submitters.

Personal Note: I had to work on some nasty code that put me in a foul mood today. However this cheered me up. I just have to keep repeating, "it can always get worse. It can always get worse!".

No more spaces for you!]]> 5 Ways to show that you're l33thttp://www.thephpwtf.com/node/view/22Somebody sent this in yesterday, it's in German, but bad code is bad in any language. There are so many WTFs with this code I had to summarize the best WTFs for you: \n"); I guess actually declaring the variables $as and $nl took too many lines of code. 2004-12-02T00:11:23-08:00phraxSomebody sent this in yesterday, it's in German, but bad code is bad in any language. There are so many WTFs with this code I had to summarize the best WTFs for you:
  • list($as,$nl)=explode("0","array_slice0<br>\n"); I guess actually declaring the variables $as and $nl took too many lines of code.
  • $am=str_replace('slic','merg',$as); *no comment*
  • while (($d=@fgetcsv($h,1000,";"))!==!true) { I guess s/he doesn't know about false
  • if (($l1=@fopen($ll,chr(0162))) === (bool) 0) return $Il; to be l33t you gotta use 0162 rather than 'r'. Not sure what to say about casting 0 to a boolean false other than it is pointless.
  • if ($I1[(int)0==4]===$lI||(int)4==0) { This is the worst use of casting I've ever seen. Especially since (int)0==4 and (int)4==0 will always be 0. Maybe it's more l33tness.
    • list($as,$nl)=explode("0","array_slice0<br>\n"); // WTF #1 $am=str_replace('slic','merg',$as); // WTF #2 $h=@fopen("test.txt",chr(114)); while (($d=@fgetcsv($h,1000,";"))!==!true) { // WTF #3 $I=$d[0]; if (($t=lI1("fahrzeuge.txt",$I,NULL,0))===NULL) { $Q=lI1("bundesland.txt",$I[1],$nb,1); $o=lI1("ort.txt",$I[2].$I[3],$no,1); $O=lI1("organisation.txt",$I[0],$nO,1); $t=array("$O $Q $o","$I[4]$I[5]-$I[6]$I[7]"); } $z=$am($as($d,0,1),$t,$as($d,1)); echo implode(";",$z),$nl; } fclose($h); function lI1($ll,$lI,$Il,$b) { global $as; if (($l1=@fopen($ll,chr(0162))) === (bool) 0) return $Il; // WTF #4 while(($I1=fgetcsv($l1,1000,";"))!==!(bool)1) { if ($I1[(int)0==4]===$lI||(int)4==0) { // WTF #5 $II=$as($I1,1); break; } } fclose($l1); return@$II?($b?$II[0]:$II):$Il; } ?>]]>     More solutions for idle CPU time.http://www.thephpwtf.com/node/view/21Yesterday we had a great example of how to make sure your database isn't slacking off. Here's a example to make sure your web server keeps working hard too. Also thanks to everybody who submitted a WTF. Keep them coming! :) 2004-11-24T15:20:09-08:00phraxYesterday we had a great example of how to make sure your database isn't slacking off. Here's a example to make sure your web server keeps working hard too.

    Also thanks to everybody who submitted a WTF. Keep them coming! :)

    1 ) { $usermenu = new Template( $_CONF['path_layout'] ); $usermenu->set_file( array( 'option' => 'useroption.thtml', 'current' => 'useroption_off.thtml' )); $usermenu->set_var( 'site_url', $_CONF['site_url'] ); $usermenu->set_var( 'layout_url', $_CONF['layout_url'] ); $usermenu->set_var( 'block_name', str_replace( '_', '-', 'user_block' )); if( empty( $title )) { $title = DB_getItem( $_TABLES['blocks'], 'title', "name='user_block'" ); } //.... ?>]]>     Holy SQL Batman!http://www.thephpwtf.com/node/view/20Thanks to Alex @ The Daily WTF for forwarding this to me. This little chunk of code comes from a home made discussion forum. Too bad I didn't get this before Halloween because it's high on the scary factor. There's nothing like doing 35 string operations in a SQL query to make sure your database server isn't slacking off. 2004-11-24T15:17:16-08:00phraxThanks to Alex @ The Daily WTF for forwarding this to me. This little chunk of code comes from a home made discussion forum. Too bad I didn't get this before Halloween because it's high on the scary factor.

    There's nothing like doing 35 string operations in a SQL query to make sure your database server isn't slacking off.

    ]]>     Why check one password when you can check them all...http://www.thephpwtf.com/node/view/19Of all the WTF submissions I've gotten, this is one that I actually wanted to confirm. I didn't think anybody, no matter how beginner would pull something like this: Short and not so sweet. Thanks to Piotr Budny for sending this in. Somebody complained that his web sites wasn't working so Piotr dug into it and found today's WTF! Yikes! 2004-11-24T15:15:55-08:00phraxOf all the WTF submissions I've gotten, this is one that I actually wanted to confirm. I didn't think anybody, no matter how beginner would pull something like this:

    Short and not so sweet. Thanks to Piotr Budny for sending this in. Somebody complained that his web sites wasn't working so Piotr dug into it and found today's WTF! Yikes!

    ]]>     Why is my code so slow?http://www.thephpwtf.com/node/view/18Don't you hate it when the Internet makes your PHP run slow? I do. Props to Andrew Lindeman for sending this snippet in. I trimmed it to reduce the boring. This code checks the status of a bunch of Diablo II game servers and generates a pretty table that shows a server's status. Unfortunately the code runs really, really slow. Damn the Internet! <style type="text/css"> <!-- ... --> </style> <p align="center" class="style1">Overall PKA Server Status</p> <table width="100%" border="0" align="center" cellspacing="0"> <tr bordercolor="#990000" bgcolor="#990000"> <td><strong>Diablo II Realms </strong></td> <td bgcolor="#FF0000"><span class="style5">Status</span></td> <td bgcolor="#660000"><strong>Diablo II Game Servers 1 </strong></td> <td bgcolor="#660000"> </td> <td bgcolor="#660000"><span class="style6">Diablo II Game Servers 2 </span></td> <td bgcolor="#660000"> </td> </tr> <tr> <td width="172">Diablo II Open Server is :</td> <td width="121"><?php if ($fp = @fsockopen("bnet.pkaclan.com","6112")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> ... </tr> <tr> <td>PKA Realm is :</td> <td><?php if ($fp = @fsockopen("bnet.pkaclan.com","6113")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> <td>D2GS PKA1.1(Soulzek):</td> <td><?php if ($fp = @fsockopen("68.56.114.98","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> <td> </td> <td> </td> </tr> <tr> <td>PvP Realm is :</td> <td><?php if ($fp = @fsockopen("bnet.pkaclan.com","7113")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> <td>D2GS PvP1.09(<SPAN class=postbody>Shiznoo</SPAN>):</td> <td><?php if ($fp = @fsockopen("141.158.150.28","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> <td> </td> <td> </td> </tr> <tr> <td>Ancestrall Recall Realm is :</td> <td><?php if ($fp = @fsockopen("bnet.pkaclan.com","8113")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> <td>D2GS AR1.10(Wallbot):</td> <td><?php if ($fp = @fsockopen("wow.pkaclan.com","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> <td> </td> <td> </td> </tr> <tr> <td>Hell Unleashed Realm is : </td> <td><?php if ($fp = @fsockopen("bnet.pkaclan.com","9113")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> <td>D2GS HU1.10 (Gnecromancer): </td> <td><?php if ($fp = @fsockopen("24.71.57.148","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> <td>D2GS HU1.10 (D2Classic): </td> <td><?php if ($fp = @fsockopen("69.133.108.231","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; } ?></td> </tr> <tr bgcolor="#990000"> ... more of the same ... 2004-12-02T00:09:28-08:00phraxDon't you hate it when the Internet makes your PHP run slow? I do. Props to Andrew Lindeman for sending this snippet in. I trimmed it to reduce the boring.

    This code checks the status of a bunch of Diablo II game servers and generates a pretty table that shows a server's status. Unfortunately the code runs really, really slow. Damn the Internet! 

    <style type="text/css">
<!--
...
-->
</style>
<p align="center" class="style1">Overall PKA Server Status</p>
<table width="100%" border="0" align="center" cellspacing="0">
 <tr bordercolor="#990000" bgcolor="#990000">
   <td><strong>Diablo II Realms </strong></td>
   <td bgcolor="#FF0000"><span class="style5">Status</span></td>
   <td bgcolor="#660000"><strong>Diablo II Game Servers 1 </strong></td>
   <td bgcolor="#660000"> </td>
   <td bgcolor="#660000"><span class="style6">Diablo II Game Servers 2 </span></td>
   <td bgcolor="#660000"> </td>
 </tr>
 <tr>
   <td width="172">Diablo II  Open Server is :</td>
   <td width="121"><?php
if ($fp = @fsockopen("bnet.pkaclan.com","6112")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
...
 </tr>
 <tr>
   <td>PKA Realm is :</td>
   <td><?php
if ($fp = @fsockopen("bnet.pkaclan.com","6113")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
   <td>D2GS PKA1.1(Soulzek):</td>
   <td><?php
if ($fp = @fsockopen("68.56.114.98","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
   <td> </td>
   <td> </td>
 </tr>
 <tr>
   <td>PvP Realm is :</td>
   <td><?php
if ($fp = @fsockopen("bnet.pkaclan.com","7113")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
   <td>D2GS PvP1.09(<SPAN class=postbody>Shiznoo</SPAN>):</td>
   <td><?php
if ($fp = @fsockopen("141.158.150.28","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
   <td> </td>
   <td> </td>
 </tr>
 <tr>
   <td>Ancestrall Recall Realm is :</td>
   <td><?php
if ($fp = @fsockopen("bnet.pkaclan.com","8113")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
   <td>D2GS AR1.10(Wallbot):</td>
   <td><?php
if ($fp = @fsockopen("wow.pkaclan.com","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
   <td> </td>
   <td> </td>
 </tr>
 <tr>
   <td>Hell Unleashed Realm is : </td>
   <td><?php
if ($fp = @fsockopen("bnet.pkaclan.com","9113")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
   <td>D2GS HU1.10 (Gnecromancer): </td>
   <td><?php
if ($fp = @fsockopen("24.71.57.148","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
   <td>D2GS HU1.10 (D2Classic): </td>
   <td><?php
if ($fp = @fsockopen("69.133.108.231","4000")) { echo "<img src=images/open.gif>"; } else { echo "<img src=images/closed.gif>"; }
?></td>
 </tr>
 <tr bgcolor="#990000">
... more of the same ...
    ]]>