You can't imagine how many lines of pure and utter horseshit, seemingly written in PHP, I had to dig through this whole weekend. (relating to my 2 previous rants)

How is it even possible to write code this unbelievably ugly?

Examples:
- includes within loops
- included files use variables from parent files
- start- and endtags separated to different files
- SQL queries generated by string concatenation, no safety measures at all (injection)
- repeating DB calls within loops
- multiple directories with the same code (~40 files), only different by ~8 lines, copied
- a mixture of <?php echo ... ?> and <?= ... ?>
- a LOT of array accesses and other stuff prefixed with "@" (suppress error messages)
- passwords in cleartext
- random non-RESTful page changes with a mixture of POST and GET
- GET parameters not URL-encoded
- ...

My boss told me it took this guy weeks and weeks of coding to write this tool (he's an "experienced dev", of course WITHOUT Git).

Guess what?
It took me only 20 hours and about 700 lines of code.

I must confess, since this task, I don't hate PHP anymore, I just simply hate this dev to death.

Addendum: It's Monday, 5:30am. Good night. 😉

String concatenation in PHP is the 'dumb'.'est';

SQL Queries built up using string concatenation.

Death is too kind.

Php code without any class. Every page is a separate php file in project root folder.

Everything is all over the place, code repetition is everywhere.

The worst part? No security. The sql calls are with mysql_ functions and string concatenation. Files are just uploaded without checking.

And I had to repair it.

1.5 million lines of undocumented spaghetti code. Think 500~1000 lines functions, 5k+ lines classes, string html concatenation. You name it, it had it. And complete unwillingness to improve it by the company. I eventually quit after considering doing it about 2, 3 times.

Ahhh yes Prof, because I really want to be doing more work than I need to be...

// Tedious string concatenation.
System.out.println("a: " + a + " b: " + b);

// Output using string formatting.
System.out.printf("a: %d b: %d\n", a, b);

But, hey that's just my opinion.

I worked with a developer for months. He was senior to me; on more money than me and had way more experience. I spent at least 25% of my time explaining the most basic stuff to him. Things like 'no, that's not how a cache works', 'no, you shouldnt be doing string concatenation inside a loop', 'no you've completely written the wrong thing because you didn't listen'

When he left, he claimed to have finished off a feature for our application. We dove into it, rewrote it, made it more efficient, the code cleaner, the documentation more succinct and the logic more obvious. When I say we, I mean me and a student, and by me and a student, I mean the student with some very light prodding from me.

Thanks to Template literals 

To save my concatenation of the days

Am currently at a jamboree where one kid said he was really good at maths. Then another younger kid asked him what 12 + 12. The first kid then said 24 to which the second kid laughed and said "twelvetwelve". Then the small kid promptly ran away yelling "catch me catch me".

They really do say the darnest things, but concatenation was unexpected :v

Best debugging trick ever:

Wear your fucking glasses while coding so that you do not mistake COMMA(,) with a DOT (.).

So by
1. Doing that (which obviously aren't a huge number) and
2. Cleaning my screen (yes that).

I was able to wrap my head around the issue that almost wasted one day.
So what I intended to pass as string concatenation join operation value actually was being passed as an argument to the underlying function (that wasn't taking care of it and returning a timestamp from thin air).

Murphy's Law in production and practice.
Nice!

Depressing music continues......!

Today's rant: JavaScript's type system.

I realized halfway through that I can't happily call JavaScript a "programming language" so just assume
alias programming="scripting"

I'm sure it's not actually as frustrating as it seems to me. Thing is, I'm used to either statically-typed languages or dynamically-typed languages that actually make sense. If I were to try to add an integer to something I'd forgotten was a string in Python, it'd immediately tell me "look, buddy, do you want me to treat this as a concatenation or an addition? I have no idea the way you've got this written." I've found that mistakes are a common thing with dynamic typing. Maybe I'm just not experienced enough yet, maybe it's really as stupid as it looks. JavaScript just goes "hey look I'm gonna tack all of these guys together and make a weird franken-string like '$NaN34.$&' because that's absolutely what we want here!" Then I run my webpage and instead of a nice numeric total like I wanted, good old JavaScript just went "Yep, I have no idea what I'm doing here I'm just gonna drop this here and pretend it's right." Now absolutely I do not expect my programming language to make correct assumptions and read my mind, otherwise JavaScript would be programming me and not the other way around. But it could at least let me know that I had incompatible types going on rather than just shamelessly going along with what it's doing. Good GRIEF, man, some of the idiosyncrasies of the EMCAScript language definition itself just make me want to punch a horse.

Who the hell returns a SOAP response with a CDATA node containing a text string that is a concatenation of XML document?

Someone hates me...

Post concatenation algorithm
Cat+Cat+....

I thought I'd seen the worst possible code.
Until I saw this stored procedure. It was forming a string of JSON by concatenation of double quotes and queries in between.
No wonder it took upwards of 200 seconds to insert just one record.

after two days of intense javascript i had a few difficult minutes to realize that concatenation in php doesn't work with +

C++ overloaded operators are so cringe. They think they're being so clever with their pipes and the path concatenation being a "/" character but you're just making one of the most ugly languages on the market even uglier. Fuck C++ and its operator overloading fetish.

When rookies start learning new ways to format Python strings...

My god, I just had to use a very ugly hack involving HTML generation via string concatenation, passing a function as a parameter and closures.

Now I appreciate languages that achieve such things naturally even more.

Concatenation of strings in a loop (in C#). Seriously. It's just so easy and unless you are doing something memory intensive or awful (in which case I am sorry) it really doesn't do much harm if any.

Why the fuck...!

Wrote code to import a spreadsheet... A "class code" field is in there to define the the product category... But when no products matching I find that the number is the result of a concatenation, one half of which is not in this file...

Just... Why... ?!?!?!

There have been a few :)

If say it's a videos utter project I initially though was good. Apart from loading a view the controllers didn't do anything - my initial thought was some magic was happening behind the scenes.

However, when I opened up the view things changed.

ALL the business logic happened in the view. Everything. Form processing, consuming an app, file uploads, validation, crud ... You name it, it happened in view. The developer created a raw MySQL connection and build his queries by concatenation g strings, the whole system was wide open to sql injection.

Even more annoying was the "source control" he invented. Every file had several copies. I.e. "User(working).php", "user_v3.php" and even "user(working_no_profile_fields_1.php". It wasn't even like there was any consistency in what file was actually used either. A complete mess. The system had around 69 screens too. No idea how the developer got that gig.

String concatenation using + instead of StringBuilder....
Using prototype objects instead of singleton wherever required..

Just sat through a demo of some clicky-draggy data visualisation stuff.

The guy showed us how you can write a custom script that takes a user input and pokes it into a sql command using string concatenation, so a very obvious injection vulnerability.

Ok, so it's only a demo. But you wouldn't do a demo with an example user called Captain Cock, so why do a demo with a screamingly obvious security hole?

Whole thing was basically pivot tables in a short skirt anyway.