Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
donuts236728yHey that sounds like some good code to use at a bank.... I wonder if that's why the big banks give such low interest rates....
-
Have seen the same thing happen once:
"€1,000.00" > sanitize > "1000"
"€1.000,00" > sanitize > "1"
"€1000,00" > sanitize > "100000"
This is why I tell people: "sanitize sparingly, and validate like an asshole".
Related Rants
Python. Changed a function to return a tuple instead of one value in some database code. Tests pass, gets deployed, everything works. End of the month comes. Suddenly, we get a report that we're draining people's bank accounts and credit cards.
It turns out there was an untested bit of code inside the billing process that used this function. It used the function that was changed. To make matters worse, when the exception was thrown, the billing had already completed successfully, and due to another unrelated bug it would retry despite this.
So, needless to say, type safety and good unit tests are things I prioritize nowadays.
undefined
wk53