real world programming

my own ‘Worse Than Failures’

Posted by kevinup on June 30, 2008

I read a lot of blogs. This post is to honor one of my favorite blogs The Daily WTF(Worse than failure).

Me(Explaining NHibernate): When you have a new DB column you just 1) add the column, 2) edit the XML file and 3) change the entity.
Developer X: Thats ridiculous. You should have your data access all in stored procedures.
Me: So when you have a new DB change you have to 1) add the column, 2)change the entity, 3) change the Update Stored Procedure, 4) change the Select Stored Procedure, 5) change the Insert Stored Procedure 6,7, 8 Change all code that calls Update/Insert/Select Stored Procedures and 8) cry (which is optional).
Developer X: Yeah, that sounds about right.
Me: *Rolling eyes.*

Developer X: You’d like working at company X. They are all theory and no practice.
Me: Really? I hate people that are all theory and no practice because if you can’t apply what you are talking about then it’s pretty worthless. Why do you think I’m all theory?
Developer X: Because you’ve been pushing NHibernate.
Me: NHibernate actually works, and I actually know and use it.
Developer X: Yeah, but NHibernate is new and unproven.
Me: *Rolling eyes*.

Developer X: So, I was looking at this page and I saw a Javascript security vulnerability.
Me: Really? What was it?
Developer X: When I hit View->Source, I could see the Javascript.
Me: And???
Developer X: Well… you shouldn’t be able to do that. You should put your Javascript in a JS file so the user can’t see your Javascript.
Me: Actually, while I think putting javascript in a JS file is good practice, it’s not a security problem. Besides the user can just browse to the JS file anyway and see it. The browser is downloading it when you hit the page. Try using something like Fiddler or YSlow, and you’ll see what I mean. After all, the whole point of Javascript is “Client Side Scripting.”
Developer X: You’re wrong. The user can’t see JS files.
Me: *Rolling my eyes.* Then I created a sample Web app to put the smack down.

Developer X: I think we should use Microsoft’s ASP.Net ajax framework.
Me: That’s cool with me. I think you should download Fiddler so that you can have a better idea of the request size. In the past while using it, I had problems with ViewState getting corrupted, and I ended up using so be careful with what you are doing and be careful with your ViewState.
Developer X(2 days later): My ViewState is getting corrupted. Can you help?
Me: Sure. You can either 1) simplify the page 2) not use ASP.Net ajax framework 3) disable ViewState validation 4) use something different like or my favorite 5) cry about it.
Developer X: Well, I guess we can disable ViewState validation. I don’t like creating a security vulnerability, but the site is going to use SSH so that shouldn’t matter.
Me: *Rolling eyes.*

Developer X: I can’t deploy this other team’s code. It’s blowing up when I try and hit their web app. I’ve requested the source code, but I’m stuck.
Me: Do you have access to the DLL’s?
Developer X: Yes
Me: Open up the DLLs with Reflector. and then use the stack trace to figure out what the code is bombing on.
Developer X: Isn’t that illegal?
Me: *Rolling eyes.*

Me: So how do you test your code?
Developer X: Well, I just implement the business requirements.
Me: Yeah, but how do you know it works?
Developer X: I just know. In four years, I’ve only had two defects, and one of them wasn’t my fault.
Me: *Rolling eyes.*

Me(Looking over a template for a code review checklist given to us by management): These look pretty good. We just need to tweak the lingo to give it a .Net flavor (The checklist was borrowed from a Java project.)
Developer X: Yeah, this is exactly what we need.
Me: I especially like the last one.
Developer X: Yeah, we need to handle Exception like that. (looking at the wrong bullet)
Me: No turn the page over. I’m talking about the one saying that the code being checked in has sufficient JUnit tests.
Developer X: Oh, I see. I don’t have time to write tests.
Me: *Rolling eyes.*

Developer X: I’m on one page, and I need to pass the information to another page. What can I do?
Me: You can 1) post, 2) redirect, passing info via querystring information, 3) store in session, 4) store in DB then redirect,  or 5) store in cookie , which is not a good idea.
Developer X: There has to be another way.
Me: Actually there isn’t. Those are the standard methods and only methods I believe of passing information between pages.
Developer X (2 hours later): I found a better way.
Me (Intrigued): Really? What did you end up doing?
Developer X: I changed the page to post to the new page.
Me: I think that was option “1.″
Developer X: Yeah… but…. its different.
Me: *Rolling eyes.*


2 Responses to “my own ‘Worse Than Failures’”

  1. Dave D. said

    Dude, those are awesome. I hope to god they are all true 😉

  2. kevinup said

    Yeah, unfortunatly they are all real. 😦

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: