Skip navigation.
Home

Drinking on the job...

Wonky Code

A friend of mine works in Germany as a Java developer/Oracle DBA. He's quite intelligent, making a decent 6 figure income in a meager 16 hour work day.

He tells me in Germany beer is nearly cheaper than water. In fact, I hear about the cheap beer a lot! I'm starting to suspect that the cheap beer and the number of German PHP WTFs I'm getting is not a coincidence.

This is today's WTF. There are a few newbie things but the WTF is where the array from mysql_fetch_row() is separated into variables only to be immediately jammed into another array.

Thanks to elias for sending this in.

<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
               
extract($_POST);
       }else{
               
extract($_GET);
       }

include(
"config.inc.php"); $verbindung = @mysql_connect("$MySQL_Host","$MySQL_User","$MySQL_Passw");

$abfrage = "SELECT name,adresse,ort,oeffnung,clublink,groesse,floors,
            preise,besonder,bildlink,musik,clubtyp from club where id=$id"
;
$zeilen1 = mysql_select_db("$dbname");
$zeilen2 = mysql_query($abfrage,$verbindung);
$spalten_anzahl = mysql_num_fields($zeilen2);
$p=0;
while(list(
$name,$adresse,$ort,$oeffnung,$clublink,$groesse,$floors,
           
$preise,$besonder,$bildlink,$musik,$clubtyp) = mysql_fetch_row($zeilen2))
{
    
$xname[0] = "$name";
    
$xadresse[0] = "$adresse";
    
$xort[0] = "$ort";
    
$xoeffnung[0] = "$oeffnung";
    
$xclublink[0] = "$clublink";
    
$xgroesse[0] = "$groesse";
    
$xfloors[0] = "$floors";
    
$xpreise[0] = "$preise";
    
$xbesonder[0] = "$besonder";
    
$xbild[0] = "$bildlink";
    
$xmusik[0] = "$musik";
    
$xclubtyp[0] = "$clubtyp";
    
$p=$p+1;
}
mysql_close($verbindung);
?>

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

I know the site just got move

I know the site just got moved over to a new system, but I'm seeing some really weird stuff in the feeds.

I think the Atom feed is a little wonky.

I think the Atom feed is a little wonky. I haven't had enough data to test it out yet. I'll keep an eye on it. If you can please send me the weirdness in the submit a wtf page.

WTF #1: she/he/it never heard

WTF #1: she/he/it never heard about the import_request_variables() function and then she/he/it emulates it with the first five lines.

WTF #2: she/he/it counts number of rows with $p, instead of a simply mysql_num_rows()

 

i think, she/he/it would write only brackets, not [0] ...

 

bbalint

It's also worth noting that n

It's also worth noting that not using superglobals causes all sorts of possible problems.  It's preferred to use superglobals all the time, instead of cluttering the global scope and introducing the possibility of security issues, especially when dealing with such an inexperienced coder (register_globals and friends are not inherently insecure, but do introduce a possibility of accidentally introducing a vulnerability easier).

If one also looks closely, on

If one also looks closely, one can see that $id is not validated or cleansed with mysql_escape_string().  A client could enter a non-numeric value for ?id= in the query string to either screw up the query, or cause unintended results (imagine "1 OR 1=1" or something similar)

Always cleanse input!

I'm in Firefox 1.0: bring up

I'm in Firefox 1.0: bring up the main page, click the comments link at the bottom of the story, then hit back: nothing will happen. Drupal is doing something weird, looking at the dropdown from the back button it's apparently going through several pages to go to the comment page. Breaking the back button is a WTF in its own right.

What's breaking it is the HTM

What's breaking it is the HTML WYSIWYG editing area. It does something that causes the back button to stop working, maybe a redirect or something. This doesn't bother me so much since, on my powerbook, the Home key is Cmd+right arrow (themacwtf.com..heh), which is also Back in Firefox.

Why oh why?#1: extract?! Th

Why oh why?

#1: extract?! This should be illegal.

#2: Why is he quering for the number of columns?

#3: list(....) = mysql_fetch_assoc(...) ?!

#4 $x...[0] = ... ?!

#5 .... = "$name" ?! Yeah.. Let's make the server WORK for a living..

This is altogether too much like the code I'm currently struggling with.

6 bottles of good german beer

6 bottles of good german beer costs round about 3.5 $. But more interresting is that 1 bottle vodka costs 5 $. I think many german php-sites were writen while drinking hard alcohol / smokin weed.

I think you guys are just too

I think you guys are just too shy for posting your own errors...

Can anyone please tell me w

Can anyone please tell me why you would do

#4 $x...[0] = ... ?! in a while-loop?

How stupid is that?

And btw.

- beer is cheap

- sometimes I have one while coding

- I'm german

but I wouldn't produce stuff like this even if I my head fell on the keyboard and rolling all about it when becoming unconcious.

Year I know 2l good old reiss

Year I know 2l good old reissdorf and it will happen all the time :)

It shows that thephpwtf has alot of german readers. I know a lot of german developers, hey I am german, but they never drink and code - or do they? I never watched them working? I know that they drink alot, but not in front of theire editor!?

To me this looks like reused

To me this looks like reused code, from another piece, which does nearly the same (like reading the hole table into an array). Perhaps the author was in hurry and tried to make the things going work very fast, in which this method of code reuse is  a very safe method.

Despite from that, there are much more ugly code pieces on this site; but the code above is't <em>that ugly</em>. It's really understandable and easy, it does the things not very efficient, but everyone can change this within minutes without side effects.

And btw: german programmers are better cause they drink beer :)

Post new comment




*

  • Web and e-mail addresses are automatically converted into links.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <pre> <p> <br /> <br>