Recent CodeSOD

Code Snippet Of the Day (CodeSOD) features interesting and usually incorrect code snippets taken from actual production code in a commercial and/or open source software projects.

Aug 2022

Ordering Off This Menu

by in CodeSOD on

While browsing one day, Emma clicked a link on a site and nothing happened. That was annoying, but Emma wasn't about to give up. She tried to get the URL out of the link, only to discover that there wasn't a URL. Or a link. A quick trip to the DOM inspector highlighted what was going on:

<div id="I32" align="left" onclick="ItemClick(3,2)" onmouseout="RollOut(3,2,false)" onmouseover="RollOver(3,2,false)" style="position: absolute; top: 43px; left: 1px; width: 176px; height: 16px; font: bold 8pt Arial; color: rgb(1, 35, 69); background: none repeat scroll 0% 0% rgb(255, 255, 255); padding: 2px; cursor: pointer; border: 0px solid rgb(255, 255, 255);">Project Office</div>

Duplication

by in CodeSOD on

NoSQL databases frequently are designed to shard or partition across many nodes. That, of course, makes enforcing unique IDs different than you might do in a SQL database. You can't efficiently have an autoincrement sequence, and instead have to have something like a UUID.

But if you've designed your NoSQL database badly, or your input data isn't well sanitized, you might find yourself in a situation where you can't guarantee uniqueness without validating every row. That's a bad place to be, but it's probably how the code Remco found started its life.


A Tip

by in CodeSOD on

David was poking around in some code for a visualization library his team uses. It's a pretty potent tool, with good code quality. While skimming the code, though, David found this mismatched comment and code:

def get_tip(self): # Returns the position of the seventh point in the path, which is the tip. if config["renderer"] == "opengl": return self.points[34] return self.points[28] # = 7*4

Around 20 Meg

by in CodeSOD on

Michael was assigned a short, investigatory ticket. You see, their PHP application allowed file uploads. They had a rule: the files should never be larger than 20MB. But someone had uploaded files which were larger. Not much larger, but larger. Michael was tasked with figuring out what was wrong.

Given that the error was less than half a megabyte, Michael had a pretty good guess about why this was.


Image Uploading

by in CodeSOD on

The startup life is difficult, at the best of times. It's extra hard when the startup's entire bundle of C-level executives are seniors in college. For the company Aniket Bhattacharyea worked for, they had a product, they had a plan, and they had funding from a Venture Capitalist. More than funding, the VC had their own irons in the fire, and they'd toss subcontracting work to Aniket's startup. It kept the lights on, but it also ate up their capacity to progress the startup's product.

One day, the VC had a new product to launch: a children's clothing store. The minimum viable product, in this case, was just a Magento demo with a Vue Storefront front-end. Strict tutorial-mode stuff, which the VC planned to present to stakeholders as an example of what their product could be.


Junior Reordering

by in CodeSOD on

"When inventory drops below the re-order level, we automatically order more," was how the product owner described the requirement to the junior developer. The junior toddled off to work, made their changes. They were not, however, given sufficient supervision, any additional guidance, or any code-reviews.

Dan found this in production:


A Sniff

by in CodeSOD on

In November of 2020, the last IE release happened, and on June 15th of this year, the desktop app officially lost support on Windows 10. But IE never truly dies.

Eleanor inherited a web application for a news service. And, you won't be shocked that it's still doing user-agent sniffing to identify the browser. That's just plain bad, but by the standards of user-agent sniffing, it's not terrible code.