Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "id only"
-
- Hello! Gordon's pizza?
- No sir it's Google's pizza.
- So it's a wrong number?
- No sir, Google bought it.
- OK. Take my order please ..
- Well sir, you want the usual?
- The usual? You know me?
- According to our caller ID, in the last 12 times, you ordered pizza with cheeses, sausage, thick crust
- OK! This is it
- May I suggest to you this time ricotta, arugula with dry tomato?
- No, I hate vegetables
- But your cholesterol is not good
- How do you know?
- Through the subscribers guide. We have the result of your blood tests for the last 7 years
- Okay, but I do not want this pizza, I already take medicine
- You have not taken the medicine regularly, 4 months ago, you only purchased a box with 30 tablets at Drugsale Network
- I bought more from another drugstore
- It's not showing on your credit card
- I paid in cash
- But you did not withdraw that much cash according to your bank statement
- I have other source of cash
- This is not showing as per you last Tax form unless you got it from undeclared income source
-WHAT THE HELL? Enough! I'm sick of Google, Facebook, twitter, WhatsApp. I'm going to an Island without internet,where there is no cell phone line and no one to spy on me
- I understand sir, but you need to renew your passport as it has expired 5 weeks ago..42 -
I’m a senior dev at a small company that does some consulting. This past October, some really heavy personal situation came up and my job suffered for it. I raised the flag and was very open with my boss about it and both him and my team of 3 understood and were pretty cool with me taking on a smaller load of work while I moved on with some stuff in my life. For a week.
Right after that, I got sent to a client. “One month only, we just want some presence there since it’s such a big client” alright, I guess I can do that. “You’ll be in charge of a team of a few people and help them technically.” Sounds good, I like leading!
So I get here. Let’s talk technical first: from being in a small but interesting project using Xamarin, I’m now looking at Visual Basic code, using Visual Studio 2010. Windows fucking Forms.
The project was made by a single dev for this huge company. She did what she could but as the requirements grew this thing became a behemoth of spaghetti code and User Controls. The other two guys working on the project have been here for a few months and they have very basic experience at the job anyways. The woman that worked on the project for 5 years is now leaving because she can’t take it anymore.
And that’s not the worse of it. It took from October to December for me to get a machine. I literally spent two months reading on my cellphone and just going over my shitty personal situation for 8 hours a day. I complained to everyone I could and nothing really worked.
Then I got a PC! But wait… no domain user. Queue an extra month in which I could see the Windows 7 (yep) log in screen and nothing else. Then, finally! A domain user! I can log in! Just wait 2 extra weeks for us to give your user access to the subversion rep and you’re good to go!
While all of this went on, I didn’t get an access card until a week ago. Every day I had to walk to the reception desk, show my ID and request they call my boss so he could grant me access. 5 months of this, both at the start of the day and after lunch. There was one day in particular, between two holidays, in which no one that could grant me access was at the office. I literally stood there until 11am in which I called my company and told them I was going home.
Now I’ve been actually working for a while, mostly fixing stuff that works like crap and trying to implement functions that should have been finished but aren’t even started. Did I mention this App is in production and being used by the people here? Because it is. Imagine if you will the amount of problems that an application that’s connecting to the production DB can create when it doesn’t even validate if the field should receive numeric values only. Did I mention the DB itself is also a complete mess? Because it is. There’s an “INDEXES” tables in which, I shit you not, the IDs of every other table is stored. There are no Identity fields anywhere, and instead every insert has to go to this INDEXES table, check the last ID of the table we’re working on, then create a new registry in order to give you your new ID. It’s insane.
And, to boot, the new order from above is: We want to split this app in two. You guys will stick with the maintenance of half of it, some other dudes with the other. Still both targeting the same DB and using the same starting point, but each only working on the module that we want them to work in. PostmodernJerk, it’s your job now to prepare the app so that this can work. How? We dunno. Why? Fuck if we care. Kill you? You don’t deserve the swift release of death.
Also I’m starting to get a bit tired of comments that go ‘THIS DOESN’T WORK and ‘I DON’T KNOW WHY WE DO THIS BUT IT HELPS and my personal favorite ‘??????????????????????14 -
Hello! Is this Gordon’s Pizza?
No sir, it’s Google’s Pizza.
Did I dial the wrong number?
No sir, Google bought the pizza store.
Oh, alright - then I’d like to place an order please.
Okay sir, do you want the usual?
The usual? You know what my usual is?
According to the caller ID, the last 15 times you’ve ordered a 12-slice with double-cheese, sausage, and thick crust.
Okay - that’s what I want this time too.
May I suggest that this time you order an 8-slice with ricotta, arugula, and tomato instead?
No, I hate vegetables.
But your cholesterol is not good.
How do you know?
Through the subscribers guide. We have the results of your blood tests for the last 7 years.
Maybe so, but I don’t want the pizza you suggest – I already take medicine for high cholesterol.
But you haven’t taken the medicine regularly. 4 months ago you purchased from Drugsale Network a box of only 30 tablets.
I bought more from another drugstore.
It’s not showing on your credit card sir.
I paid in cash.
But according to your bank statement you did not withdraw that much cash.
I have another source of cash.
This is not showing on your last tax form, unless you got it from an undeclared income source.
WHAT THE HELL? ENOUGH! I’m sick of Google, Facebook, Twitter, and WhatsApp. I’m going to an island without internet, where there’s no cellphone line, and no one to spy on me …
I understand sir, but you’ll need to renew your passport … it expired 5 weeks ago.16 -
How I went from loving my job to wishing i dont wake up tomorrow just to avoid it.
Ive been a backend dev in the company im at for 2 years now.
First year was a blast, i loved my work so much, I used to get so many random features to do, bug fixes, campaigns, analytics, etc..
Second year i started getting familiar with the part of the code that has to do with Search in our music streaming app. Nobody wanted to work on it, so i wanted to take initiative and start doing a few tasks.
A few tasks turned into sprints, and sprints turned into months worth of sprints. And because the code was the definition of tech debt, and because it was so messed up that changing one thing can blow up everything else, working on Search was not too fun.
However, people seemed to be happy search tasks are no longer piling up and someone is handling them so that used to make me feel good about it. They also gave me so much freedom and i felt like my own manager because no one told me what to do (not even my actual manager) they just let me be and were happy i was handling the part they want nothing to do with. I was also given an intern to mentor and have her work on Search tasks with me which turned out amazing.
During the last few months, I completely rewrote search, made it 10 times more performant in such a neat way, made an inhouse dashboard to automate certain tasks so we wont need to waste developers on them (all of which were extra effort on my own time without being asked), all meanwhile still tending to the fixes of the old implementation.
I felt so accomplished, and in a way, i felt like a lead (even tho im not managing any employees, i had so much freedom and I was literally responsible for everything about Search and if i decide to play with the sprint task order i can even do that).
Then 6 or so weeks ago my manager left the company, and while i thought id be a standalone team / person (single person teams are not uncommon in the company) i was instead put under someone else. Someone who likes to micro manage the fuck out of me. I have been happy working on shit code because it was my baby, my project, no one interferes and no one tells me what to do and everyone would call me the search lead (unofficially). now if i dont report to that guy every two hours he calls to see if im working. preplans sprints i no longer have a say in, and im the only dev who knows the code so all tasks go to me. I feel i got demoted so fucking much. I felt like a lead on a project and now im back to being a normal code minion. From deciding everything about a project to blindly following a some irrelevant manager's opinion. (who btw is making Search worse) And after all the extra effort i put in, after actually caring, after actually embracing Search as my responsibility i get rewarded with losing everything i liked about my job...My Independence. From feeling like a lead to feeling demoted. I am so demotivated.
I love the company, but this is hell for me and this made me hate a job i always loved. I am thinking of talking to the CTO asking to work on other stuff because i no longer want this. If i am to be a code minion at least let it be on code i like, let me go back to dealing with PMs, fuck my new manager I dont wanna work with that guy he can take the project along with all its poopoo.16 -
In Germany, the official API for querying the validity of a tax ID, has opening hours. It can only be queried from 5 am to 11 pm, and a response may take up to multiple minutes.
This is the most German thing I can think of. My assumption is that there's an employee manually checking the ID and then pressing a button depending on the result, which then triggers the response.
This API is supplied by the Bundeszentralamt für Steuern, which is basically the German version of the IRS: https://evatr.bff-online.de/eVatR/...20 -
So, here's how online payment works in my country:
1. The selling website creates a hidden <form> and populates it with product ID, price and etc.
2. Some Javascript posts the mentioned form to the bank from the browser.
3. User enters credit info, and submits. If all is right, the bank creates another hidden <form>, and populates is with status code and an invoice ID.
4. Said form is then posted back to the selling website.
I don't know how the programmers behind this scenario call themselves programmers if they don't know basic things about server-side only verifications, but thanks to them I've been buying a lot of products for free these past years. 😂😂
How? 1. Just install Requestly, Tampermonkey and enable Chrome's dev tools.
2. Change price to zero, and the bank's response code to success.
3. Profit!
P. S. I have notified the people behind this, but they don't listen and go fix their codes. Oh well, serves them right.13 -
Welcome back to practiseSafeHex's new life as a manager.
Episode 2: Why automate when you can spend all day doing it by hand
This is a particularly special episode for me, as these problems are taking up so much of my time with non-sensical bullshit, that i'm delayed with everything else. Some badly require tooling or new products. Some are just unnecessary processes or annoyances that should not need to be handled by another human. So lets jump right in, in no particular order:
- Jira ... nuff said? not quite because somehow some blue moon, planets aligning, act of god style set of circumstances lined up to allow this team to somehow make Jira worse. On one hand we have a gigantic Jira project containing 7 separate sub teams, a million different labels / epics and 4.2 million possible assignees, all making sure the loading page takes as long as possible to open. But the new country we've added support for in the app gets a separate project. So we have product, backend, mobile, design, management etc on one, and mobile-country2 on another. This delightfully means a lot of duplication and copy pasting from one to the other, for literally no reason what so ever.
- Everything on Jira is found through a label. Every time something happens, a new one is created. So I need to check for "iOS", "Android", "iOS-country2", "Android-country2", "mobile-<feature>", "mobile-<feature>-issues", "mobile-<feature>-prod-issues", "mobile-<feature>-existing-issues" and "<project>-July31" ... why July31? Because some fucking moron decided to do a round of testing, and tag all the issues with the current date (despite the fact Jira does that anyway), which somehow still gets used from time to time because nobody pays attention to what they are doing. This means creating and modifying filters on a daily basis ... after spending time trying to figure out what its not in the first one.
- One of my favourite morning rituals I like to call "Jira dumpster diving". This involves me removing all the filters and reading all the tickets. Why would I do such a thing? oh remember the 9000 labels I mentioned earlier? right well its very likely that they actually won't use any of them ... or the wrong ones ... or assign to the wrong person, so I have to go find them and fix them. If I don't, i'll get yelled at, because clearly it's my fault.
- Moving on from Jira. As some of you might have seen in your companies, if you use things like TestFlight, HockeyApp, AppCenter, BuddyBuild etc. that when you release a new app version for testing, each version comes with an automated change-log, listing ticket numbers addressed ...... yeah we don't do that. No we use this shitty service, which is effectively an FTP server and a webpage, that only allows you to host the new versions. Sending out those emails is all manual ... distribution groups?? ... whats that?
- Moving back to Jira. Can't even automate the changelog with a script, because I can't even make sense of the tickets, in order to translate that to a script.
- Moving on from Jira. Me and one of the remote testers play this great game I like to call "tag team ticketing". It's so much fun. Right heres how to play, you'll need a QA and a PM.
*QA creates a ticket, and puts nothing of any use inside it, and assigns to the PM.
*PM fires it back asking for clarification.
*QA adds in what he feels is clarification (hes wrong) and assigns it back to the PM.
*PM sends detailed instructions, with examples as to what is needed and assigns it back.
*QA adds 1 of the 3 things required and assigns it back.
*PM assigns it back saying the one thing added is from the wrong day, and reminds him about the other 2 items.
*QA adds some random piece of unrelated info to the ticket instead, forgetting about the 3 things and assigns it back.
and you just continue doing this for the whole dev / release cycle hahaha. Oh you guys have no idea how much fun it is, seriously give it a go, you'll thank me later ... or kill yourselves, each to their own.
- Moving back to Jira. I decided to take an action of creating a new project for my team (the mobile team) and set it up the way we want and just ignore everything going on around us. Use proper automation, and a kanban board. Maybe only give product a slack bot interface that won't allow them to create a ticket without what we need etc. Spent 25 minutes looking for the "create new project" button before finding the link which says I need to open a ticket with support and wait ... 5 ... fucking ... long ... painful ... unnecessary ... business days.
... Heres hoping my head continues to not have a bullet hole in it by then.
Id love to talk more, but those filters ain't gonna fix themselves. So we'll have to leave it here for today. Tune in again for another episode soon.
And remember to always practiseSafeHex13 -
Worst dev team failure I've experienced?
One of several.
Around 2012, a team of devs were tasked to convert a ASPX service to WCF that had one responsibility, returning product data (description, price, availability, etc...simple stuff)
No complex searching, just pass the ID, you get the response.
I was the original developer of the ASPX service, which API was an XML request and returned an XML response. The 'powers-that-be' decided anything XML was evil and had to be purged from the planet. If this thought bubble popped up over your head "Wait a sec...doesn't WCF transmit everything via SOAP, which is XML?", yes, but in their minds SOAP wasn't XML. That's not the worst WTF of this story.
The team, 3 developers, 2 DBAs, network administrators, several web developers, worked on the conversion for about 9 months using the Waterfall method (3~5 months was mostly in meetings and very basic prototyping) and using a test-first approach (their own flavor of TDD). The 'go live' day was to occur at 3:00AM and mandatory that nearly the entire department be on-sight (including the department VP) and available to help troubleshoot any system issues.
3:00AM - Teams start their deployments
3:05AM - Thousands and thousands of errors from all kinds of sources (web exceptions, database exceptions, server exceptions, etc), site goes down, teams roll everything back.
3:30AM - The primary developer remembered he made a last minute change to a stored procedure parameter that hadn't been pushed to production, which caused a side-affect across several layers of their stack.
4:00AM - The developer found his bug, but the manager decided it would be better if everyone went home and get a fresh look at the problem at 8:00AM (yes, he expected everyone to be back in the office at 8:00AM).
About a month later, the team scheduled another 3:00AM deployment (VP was present again), confident that introducing mocking into their testing pipeline would fix any database related errors.
3:00AM - Team starts their deployments.
3:30AM - No major errors, things seem to be going well. High fives, cheers..manager tells everyone to head home.
3:35AM - Site crashes, like white page, no response from the servers kind of crash. Resetting IIS on the servers works, but only for around 10 minutes or so.
4:00AM - Team rolls back, manager is clearly pissed at this point, "Nobody is going fucking home until we figure this out!!"
6:00AM - Diagnostics found the WCF client was causing the server to run out of resources, with a mix of clogging up server bandwidth, and a sprinkle of N+1 scaling problem. Manager lets everyone go home, but be back in the office at 8:00AM to develop a plan so this *never* happens again.
About 2 months later, a 'real' development+integration environment (previously, any+all integration tests were on the developer's machine) and the team scheduled a 6:00AM deployment, but at a much, much smaller scale with just the 3 development team members.
Why? Because the manager 'froze' changes to the ASPX service, the web team still needed various enhancements, so they bypassed the service (not using the ASPX service at all) and wrote their own SQL scripts that hit the database directly and utilized AppFabric/Velocity caching to allow the site to scale. There were only a couple client application using the ASPX service that needed to be converted, so deploying at 6:00AM gave everyone a couple of hours before users got into the office. Service deployed, worked like a champ.
A week later the VP schedules a celebration for the successful migration to WCF. Pizza, cake, the works. The 3 team members received awards (and a envelope, which probably equaled some $$$) and the entire team received a custom Benchmade pocket knife to remember this project's success. Myself and several others just stared at each other, not knowing what to say.
Later, my manager pulls several of us into a conference room
Me: "What the hell? This is one of the biggest failures I've been apart of. We got rewarded for thousands and thousands of dollars of wasted time."
<others expressed the same and expletive sediments>
Mgr: "I know..I know...but that's the story we have to stick with. If the company realizes what a fucking mess this is, we could all be fired."
Me: "What?!! All of us?!"
Mgr: "Well, shit rolls downhill. Dept-Mgr-John is ready to fire anyone he felt could make him look bad, which is why I pulled you guys in here. The other sheep out there will go along with anything he says and more than happy to throw you under the bus. Keep your head down until this blows over. Say nothing."11 -
Example #1 of ??? Explaining why I dislike my coworkers.
[Legend]
VP: VP of Engineering; my boss’s boss. Founded the company, picked the CEO, etc.
LD: Lead dev; literally wrote the first line of code at the company, and has been here ever since.
CISO: Chief Information Security Officer — my boss when I’m doing security work.
Three weeks ago (private zoom call):
> VP to me: I want you to know that anything you say, while wearing your security hat, goes. You can even override me. If you need to hold a release for whatever reason, you have that power. If I happen to disagree with a security issue you bring up, that’s okay. You are in charge of release security. I won’t be mad or hold it against you. I just want you to do your job well.
Last week (engineering-wide meeting):
> CISO: From now on we should only use external IDs in urls to prevent a malicious actor from scraping data or automating attacks.
> LD: That’s great, and we should only use normal IDs in logging so they differ. Sounds more secure, right?
> CISO: Absolutely. That way they’re orthogonal.
> VP: Good idea, I think we should do this going forward.
Last weekend (in the security channel):
> LD: We should ONLY use external IDs in urls, and ONLY normal IDs in logging — in other words, orthogonal.
> VP: I agree. It’s better in every way.
Today (in the same security channel):
> Me: I found an instance of using a plain ID in a url that cancels a payment. A malicious user with or who gained access to <user_role> could very easily abuse this to cause substantial damage. Please change this instance and others to using external IDs.
> LD: Whoa, that goes way beyond <user_role>
> VP: You can’t make that decision, that’s engineering-wide!
Not only is this sane security practice, you literally. just. agreed. with this on three separate occasions in the past week, and your own head of security also posed this before I brought it up! And need I remind you that it is still standard security practice!?
But nooo, I’m overstepping my boundaries by doing my job.
Fucking hell I hate dealing with these people.14 -
I'm 20, and I consider myself to be as junior as they come. I only started programming seriously in June 2016,and since then, I've been doing mainly Android Work, and making my own servers and backends(using AWS/Firebase nd stuff).
For the first time in life, I was approached by a recruiter for a company on linkedIn. They "stumbled upon" my Github profile and wanted to see if I was interested in an internship opportunity. This company is an early stage start up, by that I mean a dude with an idea calling himself the CEO and a guy who "runs a tech blog" and only knows college level C programming (explaination follows).
So they want me to make the app for their startup. and for that, I ws first asked to solve a couple problems to prove my competence and a "technical interview" followed.
They gave me 3 questions, all textbook, GCD of 2 numbers, binary search and Adding an element to the linked List, code to be written on a piece of paper. As the position was that of an Android Developer, I assumed that Java should be the language of choice. Assumed because when I asked, the 'tech blogger' said, yeah whatever.
But wait, that ain't all, as soon as I was done, Mr. Blogger threw a fit, saying I shouldn't assume and that I must write it in C. I kept my cool (I'm not the most patient person), and wrote the whole thing in C.
He read it, and asked me what I've written and then told me how wrong I was to write 2 extra lines instead of recursion for GCD. I explained that with numbers large enough, we run the risk of getting a stackoverflow and it's best to apply non recursive solution if possible. He just heard stackoverflow and accused me of cheating. I should have left right then, but I don't know why, I apologized and again, in detail explained what was happening to this fucktard. Once this was done, He asked me how, if I had to, I'd use this exact code in my Android App. I told him that Id rather write this in Java/Kotlin since those are the languages native to Android apps. I also said that I'd export these as a Library and use JNI for the task. (I don't actually know how, I figured I can study if I have to).
Here's his reply, "WTF! We don't want to make the app in Java, we will use C (Yeh, not C++, C). and Don't use these fancy TOOLS like JNI or Kotlin in front of me, make a proper application."
By this I was clear that this guy is not fit to be technical lead and that I should leave. I said, "Sir, I don't know how, if even possible, can we make an Android App purely in C. I am sorry, but this job is not for me".
I got up and was about to leave the room, when we said, "Yeah okay, I was just testing you".
Yeah right, the guy's face looked like a howling monkey when I said Library for C, and It has been easier for me to explain code to my 10 year old cousin that this dumbfuck.
He then proceeded to ask me about my availability, and I said that I can at max to 15-20 hours a week since my college schedule is pretty tight. I asked me to get him a prototype in 2 months and also offered me a full time job after I graduate. (That'd be 2 years from now). I said thank you for the offer, but I am still not sure of I am the right person for this job.
He then said, "Oh you will be when I tell you your monthly stipend."
I stopped for a second, because, money.
And then he proceeded to say 2 words which made me walk out without saying a single word.
"One Thousand".
I live in India, 1000 INR translates to roughly $15. I made 25 times that by doing nothing more than add a web view to an activity and render a company's responsive website in it so it looks like an app.
If this wasn't enough, the recruiter later had the audacity to blame me for it and tell me how lucky I am to even get an offer "so good".
Fuck inexperienced assholes trying shit they don't understand and thinking that the other guy is shitsworth.10 -
Day 1 10:00 am
Login to email account (Zimbra)
Your password is incorrect (I entered it correctly, this was a permanent issue ,used to happen in the company with many employees)
Reset your password by logging into internal company portal.
11:00 am
Logged into company portal, somehow. 2 Mbps internet shared among 104 people, you can imagine the speed.
Reset email password
* your password has been sent to your email id*
Are you fucking kidding me? U have emailed me the password to the same email I can't log in to?
Where did the architecture designer get this top notch weed from?
Day 2
Asked HR to reset my password (using a colleague's email)
Day 3
No reply from HR yet
Day 4
I went to meet HR, she's on vacation. So they have 1 person managing the password reset, for 5000 people with no backup person. Cool.
Day 5
Your internal company password has expired. Check your email for link to create new password. This is some next level shit going on.
Day 6
I called up Internal IT team to generate a new email for me.
They asked me to raise a ticket.
I can't raise a ticket because the only way to do so, is through the portal.
Day 7
Nothing. Btw, personal email and all social networks were banned. You can't even open stackoverflow.
And this was a research lab, amazing huh?
Day 8
Loss of pay for 4 days since I can't login to company portal to fill timesheet.
Day 9
HR comes back. Resets my password.
I try to generate my new password for portal.
The password policy:
Password can't be same as last 10 passwords
Passwords expire every week
8 characters minimum, 2 upper case, 2 lower case, NO SPECIAL SYMBOL. WTF. How long do u think its gonna take to crack that?
Fuckers had a company wise policy to automatically lock PC every 1 min if not used. Who the fuck can keep on using it continuously! I'm reading an article, and bam ! Locked. 2 wrong entries and that's it, repeat all steps again. Fuckers really didn't want to let me do my job, just keep on logging in all day.12 -
Root encounters HR at her new job.
So, I left my job a few weeks ago. I was pretty sad about it, so I didn't want to write anything about it. It was a great place to work, with great managers, decent coworkers, and interesting work. I also had free reign over how I built things, what to improve, etc. Within about four months, I authored over half of the total commits on their backend repo, added a testing suite with 90% coverage, significantly improved the security (more accurately: added security), etc. but I got a job offer that allowed me to work remotely, and make well over six figures (usd). I couldn't turn it down, even though I wanted to. So, I left. I'm still genuinely sad about that. I had emotions and everything. 🙁 I stayed on long enough to finish the last of the features for their new product launch, and make sure everything was stable. I'm welcome back whenever, though they don't want to have remote employees, and I want to move, so. that's probably not going to happen. sigh.
Anyway, I started my new job this week. Rented an office (read: professional closet) and everything! It's been veritable mountains of HR paperwork so far. That's all I've done besides some accounts setup. I've seriously only worked on and completed one ticket so far in two and a half days, and I still have six documents/contracts to sign! (and benefits; that'll probably take my weekend.)
But getting an I9 thing notarized? Apparently I only have three days before I'm legally unemployable by them or something, idk. HR made it sound ridiculously dire and important, and reminded me like five or more times. I figured it was just some notary service; that takes like 10 minutes, right? So I put it off until my second day so I didn't have to disappear in the middle of my first day. Anyway, I called a bunch of notary services on day 2, and apparently only like 5% of them both do notary services this time of year and aren't booked full. And of those, probably another 5% will notarize I9 documents.. No idea why it's rare, but whatever, I'm not a notary.
The HR lady assured me that I didn't need any special documents; I should just go there, present my IDs, and the notary will provide or draft documents for everything else. Totally doesn't sound right, but fine; I'm not a notary nor will I ever work in HR, so I'm not very knowledgeable about this. So, against my better judgement I decided to just go anyway. I called around and finally found a place that wasn't closed, busy, or refusing, and drove over there. Waited. Waited. Waited. Notary lady was super slow in every single action. (I should mention that it's now 10am, and I have a meeting with the Senior VP of Engineering [a stern, stubborn old goat who enjoys making people feel inadequate] at 12:30pm.) The notary lady looks like she's an npc updating in slow motion (maybe at 0.25x speed?) and can't seem to understand what I need. Eventually, she tells me exactly what I had assumed: if there's no document, she can't notarize said document, and she doesn't have an I9 for the company I'm trying to work for. (like, duh.) So I thank her for proving the flow of time is variable, which she ignores in slow motion, and drive back home. It's now about 11.
I message the same HR lady, and the useless wench gawks in surprise and says she's never heard of that ridiculous request before. It took prodding to get her to respond every time, but after some (very slow) back and forth, she says she wants to call the notary personally and ask what they need. I waited around for another response that never came, and eventually just drove to the notary place again to have them notarize the required ID documents. That plus my chat history with HR should be enough to show that I bloody well tried, and HR just shit the bed instead. I finally got them notarized at like 12:10, and totally broke the speed limit the entire way to the office, found the last remaining parking spot, and made it to my office just in time for the meeting. seriously, less than two minutes to spare. Meeting was interesting (mostly about security), but totally made me facepalm, shout "Seriously!? What the hell are you thinking!?" and make slapping motions at some of the people talking. I will probably rant about that next.
But anyway, I'm willing to bet that the useless wench won't get back to me before the notary closes, if at all, and will somehow try to blame it completely on me if I bring it up again. Passive aggressive bitch. She's probably thinking: "If I don't help her with these mandatory legal processes, it'll be her fault she didn't get them done in time. I mean, they're so easy! She's just doing it wrong." I fucking hate HR.13 -
So this shit happened today...
We were asked to implement a functionality on the device that allows it to go to standby mode to save battery power. Once the device enters that state, it can only be woken up by actual bus-network activity, and usually that means connecting a shit-ton of wiring harness and network emulation devices... Before implementing and releasing the device software that does this, we told that fucktard customer how difficult it would be for him to connect to the device without such a setup. He seemed to be fine with it and said rather arrogantly that we should implement the requirement as asked...
Well okay you cock-sucking motherfucker, you'll get exactly what you asked for... We implement the functionality and deliver the software...
Now this pile of shit comes back running his mouth on how the device tears down all its interfaces (to reduce power consumption) and he can't connect to the device anymore.... Well what else were you expecting you dickhead.
To make things worse for me apparently he runs to the manager describing his apparent problem. Both of them come to my desk.. With that fucking Bastard hiding his smugly mug behind the manager's back... He thought he was going to have the upper hand... Well guess what fucked piece of shit, I came prepared... I showed the manager how this was a part of the requirements by throwing that JIRA ID in their faces... The manager seems to understand but this relentless fuck wanted me to implement a "workaround" that would allow him to connect to the device easily... The manager almost had me implement that workaround, when I expose a huge security flaw in doing so. Guess what, now the entire team comes to my desk and start supporting my statement... To make it better they also tell how doing so will violate other requirements...
I've never felt so happy in my entire fucking career, when the entire team stood by me and watched that asshole drag his sorry ass back to his place5 -
So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)
Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.
Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.
Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.
It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.
I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.
So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.
I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.
Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.
An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:
"please reenter card number to validate."
Bupkiss. Dead end.
OR SO YOU WOULD THINK.
One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:
"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"
One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:
With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.
So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.13 -
Long story short, I'm unofficially the hacker at our office... Story time!
So I was hired three months ago to work for my current company, and after the three weeks of training I got assigned a project with an architect (who only works on the project very occasionally). I was tasked with revamping and implementing new features for an existing API, some of the code dated back to 2013. (important, keep this in mind)
So at one point I was testing the existing endpoints, because part of the project was automating tests using postman, and I saw something sketchy. So very sketchy. The method I was looking at took a POJO as an argument, extracted the ID of the user from it, looked the user up, and then updated the info of the looked up user with the POJO. So I tried sending a JSON with the info of my user, but the ID of another user. And voila, I overwrote his data.
Once I reported this (which took a while to be taken seriously because I was so new) I found out that this might be useful for sysadmins to have, so it wasn't completely horrible. However, the endpoint required no Auth to use. An anonymous curl request could overwrite any users data.
As this mess unfolded and we notified the higher ups, another architect jumped in to fix the mess and we found that you could also fetch the data of any user by knowing his ID, and overwrite his credit/debit cards. And well, the ID of the users were alphanumerical strings, which I thought would make it harder to abuse, but then realized all the IDs were sequentially generated... Again, these endpoints required no authentication.
So anyways. Panic ensued, systems people at HQ had to work that weekend, two hot fixes had to be delivered, and now they think I'm a hacker... I did go on to discover some other vulnerabilities, but nothing major.
It still amsues me they think I'm a hacker 😂😂 when I know about as much about hacking as the next guy at the office, but anyways, makes for a good story and I laugh every time I hear them call me a hacker. The whole thing was pretty amusing, they supposedly have security audits and QA, but for five years, these massive security holes went undetected... And our client is a massive company in my country... So, let's hope no one found it before I did.6 -
"So you need access to the test server?"
Me:"Yes"
"Please fill these 800000000 forms,sign here,get your blood sample,your ID ,your right kidney,letter of approval from your boss,...."
Fuuuuuuuck!!!! I just want to change only 3 lines of code!!!!!!5 -
- Hello! Gordon's pizza?
- No sir it's Google's pizza.
- So it's a wrong number?
- No sir, Google bought it.
- OK. Take my order please ..
- Well sir, you want the usual?
- The usual? You know me?
- According to our caller ID, in the last 12 times, you ordered pizza with cheeses, sausage, thick crust
- OK! This is it
- May I suggest to you this time ricotta, arugula with dry tomato?
- No, I hate vegetables
- But your cholesterol is not good
- How do you know?
- Through the subscribers guide. We have the result of your blood tests for the last 7 years
- Okay, but I do not want this pizza, I already take medicine
- You have not taken the medicine regularly, 4 months ago, you only purchased a box with 30 tablets at Drugsale Network
- I bought more from another drugstore
- It's not showing on your credit card
- I paid in cash
- But you did not withdraw that much cash according to your bank statement
- I have other source of cash
- This is not showing as per you last Tax form unless you got it from undeclared income source
-WHAT THE HELL? Enough! I'm sick of Google, Facebook, twitter, WhatsApp. I'm going to an Island without internet,where there is no cell phone line and no one to spy on me
- I understand sir, but you need to renew your passport as it has expired 5 weeks ago..11 -
Fuck you idiots at medium.com for your sheer impudence. Not only that you track me, which I havn't agreed to, you think it's a good idea to nag around and gather even more data!
You stinking farts label your stalking as "let's make things official"! Who shit in your head?
I've seen other places way more often, and guess what, no coffee bar has ever had the idea to ask for my ID card just because I bought my second or third coffee there.
But just because it's the internet you think it's OK to be intrusive wankers, yeah?! Fuck off.4 -
so I compiled and printed some mini stickers for my laptop and thought I'd share them with the community. Great if you want to be subtle or don't like big stickers clogging the looks of your precious babe. All images are high res so you can expand them if you'd want that.
(stickers use black background cuz my laptop is black and its easier to cut out but you can change that)
PDF:
https://drive.google.com/open/...
For editing:(plz don't judge for using odp/pptx I was restless and only had openoffice to edit)
ODP:
https://drive.google.com/open/...
pptx:
https://drive.google.com/open/...1 -
I love Linux, but its community can be so full of incompetent assholes..
Just now I asked in Freenode ##linux how to get the process ID of my current running process in bash. I got my answer - it's a shell built-in called "$$".
Then people start to nitpick some more - why do you need it? How is that different from an exit? - to which my response was.. well I know the whole idea behind exit codes, and I'd use it whenever possible, in all defined behavior that allows my program to terminate itself whenever it can. This pidfile however would be used to exit itself and provide diagnostic information whenever the program enters undefined behavior - a segfault in C language. Scenarios in which I don't have full control over the script's behavior anymore, such as the system entering an unworkable state where the system stalled, still got some binaries in RAM but the rootfs got unwritable, such as now - very helpfully, thanks HP! - when my laptop likely overheated and shat itself. I issued sudo reboot into it, but even that wouldn't issue properly anymore due to the /sbin/poweroff binary becoming inaccessible too. I had to issue a hard power cycle.. one of the few times in which I'm thankful to HP for actually causing shit like this, lol.
Point is, that undefined behavior is what I'm trying to mitigate against. I certainly can't let any files other than diagnostics remain in nonvolatile storage like that, especially when their state should be predictable in order to ensure good operation (like files expressing whether the script is already running or not, i.e. lock files).
Back to that IRC chat. Aside from the answer, I got ridicule from people who probably don't even know how to properly compile a kernel. Ubuntu users, overconfident scum. Sometimes I feel like I should ask questions in channels like #archlinux only, where such incompetency is ridiculed on its own.13 -
WordPress related, get ready for some disgust.
So today early in the morning my boss forwarded me an email from a client, it was about a bug, and asked me if I can have a look at it and fix it.
"Yaay, WordPress!" I thought and opened the page containing the mentioned bug. She wrote that in the italian version of the page, users can select dates in the calendar, which should be disabled, like in the german version.
So yeah, I opened the code. Everything in the function looked perfect. Really. And the Data was also correctly set in the backend of WP.
The function was only 3 lines of code:
- Get the german post ID of the current post (german or italian) by its ID (using a Polylang function)
- Get an Advanced Custom Fields field by name and from a post with the ID from before
- json_encode its content and echo it to a JS var for initialization and later use in some AngularJS.
No fucking missing semicolon, it was fucking perfect like a sunset with your soulmate.
So I tried to find the bug with my personal way of debugging:
"Shitstream Debugging"
When a creek suddenly is full of water mixed with shit, walk upstream through the turds until you reach clear water. This is where the bug is.
=> So I first looked at the HTML source: Turds.
=> Then the ACF field content: Still turds.
=> Then the ID of the german post: Shit stain and turds (var_dump: null)
=> Please god at least $post->ID? Nope, fart smell and turds.
=> Nothing more to check: Clear fucking water and the flowery smell of 99 devVirgins
So it replaced $post->IT with get_the_ID() and it worked like a charm.
Afterwards I feel stupid, but $post->IT worked all the times before...
Conclusion:
FUCK YOU WORDPRESS YOU UGLY PIECE OF HUMAN-CENTIPEDE-PROCESSED-DOGFART.
Thanks for your patience.
Only one beer was sucked dry during the writing of this fucking rant.2 -
Follow-up to https://devrant.com/rants/1551635
I think that I've found the reason for this Acer motherboard's refusal to boot up now. Apparently this featureful piece of shit expects "something" on its ID pin as well.. and why ID pin you may ask? I reckon that it's because of "certified replacements". Because you know, if it doesn't come from our shitty factorias it's gotta be shit, right?!
How about no?!! You Acer really aren't the only ones capable of producing a fucking lithium battery! And did you ever think of the edge cases where you may want to feed a lab bench power supply's voltage into the phone to mimic the battery and troubleshoot the bloody thing? Because that's what I initially wanted to do, instead of that Doogee battery. The only reason why I didn't is because the supply is currently charging up another lithium cell that I salvaged from a donated (broken) Samsung tablet, and is taking longer than expected.
Point is, if you receive the appropriate fucking level of angry pixies, YOU SHOULD FUCKING USE THEM AND BOOT UP ALREADY!!! Regardless of whether it's some sort of certified fucking Acer component or not! Somewhere between 4.2 and 2.7V stable should be good enough regardless of what produces it!
At least AliExpress sells these batteries for about €4.5, and another €2 for shipping. Considering that I can buy batteries with this capacity for €2 a pop and free shipping, this would better fucking work. Especially since I'm buying an overpriced battery of which almost half the cost is fucking shipping, just for a stupid "certified" controller that' I'll also have to put between the board and any pixie wrangler or angry pixie containment device that I use to power this shitty board. Acer, you motherfuckers!!!1 -
Ok, so when I inherit a Wordpress site I've really stopped expecting anything sane. Examples: evidence that the Wordpress "developer" (that term is used in the loosest sense possible) has thought about his/her code or even evidence that they're not complete idiots who wish to make my life hell going forwards.
Have a look at the screen shot below - this is from the theme footer, so loaded on every page. The screenshot only shows a small part of the file. IT LITERALLY HAS 3696 lines.
Firstly, lets excuse the frankly eye watering if statement to check for the post ID. That made me face palm myself immediately.
The insanity comes for the thousands of lines of JQuery code, duplicated to hell and back that changes the color of various dividers - that are scattered throughout the site.
To make things thousands of times worse, they are ALL HANDED CODED.
Even if JavaScript was the only way I could format these particular elements I certainly wouldn't duplicate the same code for every element. After copy and pasting that JQuery a couple of times and normal developer would think one word, pretty quickly - repetition.
When a good developer notes repetition ways to abstract crap away is the first thought that comes to mind.
Hell, when I was first learning to code god knows how long ago I always used functions to avoid repetition.
In this case, with a few seconds though this "developer" could have created a single JQuery handler and use data attributes within the HTML. Hell, as bad as that is, it's better than the monstrosity I'm looking at now.
I'm aware Wordpress is associated with bad developers due to it's low barrier to entry, but this site is something else.
The scary thing is that I know the agency that produced this. They are very large, use Wordpress exclusively and have some stupidly huge clients that would be know nationally.
Wordpress truly does attract some of the most awful "developers" and deserves it's reputation.
If you're a good developer and use Wordpress I feel sorry for you, as you're in small numbers from my experience.
Rant over, have vented a bit and feel better. Thanks Devrant.6 -
"Ad targeters are pulling data from your browser’s password manager"
---
Well, fuck.
"It won't be easy to fix, but it's worth doing"
Just check for visibility or like other password managers handle it iirc: assign a unique identifier based on form content and fill that identifier only.
---
"Nearly every web browser now comes with a password manager tool, a lightweight version of the same service offered by plugins like LastPass and 1Password. But according to new research from Princeton's Center for Information Technology Policy, those same managers are being exploited as a way to track users from site to site.
The researchers examined two different scripts — AdThink and OnAudience — both of are designed to get identifiable information out of browser-based password managers. The scripts work by injecting invisible login forms in the background of the webpage and scooping up whatever the browsers autofill into the available slots. That information can then be used as a persistent ID to track users from page to page, a potentially valuable tool in targeting advertising."
Source: https://theverge.com/2017/12/...14 -
So woke up this morning and Paypal had just banned my account with no reason whatsoever. I only receive funds from 3 clients who I have been working with for a few years now. My account is already verified with my ID and utilities bill. Am a freelance so I depend on it. So it's a case of ' hey, we think you did something wrong, we are not going to tell you what but are banning you permanently and keeping your money for 6 months'. F piss of shit of a company.23
-
SICK AND TIRED OF READABILITY VS. EFFICIENCY!!!!!!!
I HAD TO SEPARATE A 4 LOC JSON STRING, WHICH HAD AN ARRAY OF A SINGLE KEY-VALUE PAIRS (TOTAL OF 10 OBJECTS IN THE ARRAY).
ITS READABLE IF YOU KNOW JSON. HOW HARD IS TO READ JSON FORMAT IF YOU GET YOUR STYLE AND INDENTATION PROPERLY?!?
SO I HAD TO
BREAK THE POOR FREAKING JSON APART TO A FUCKING DIFFERENT YAML FILE FORMAT ONLY SO I CAN CALL IT FROM THERE TO THE MAIN CONTROLLER, ITERATE AND MANIPULATE ALL THE ID AND VALUES FROM YAML BACK TO MATCH THE EXPECTED JSON RESPONSE IN THE FRONT END.
THE WHOLE PROCESS TOOK ME ABOUT 15 MINUTES BUT STILL, THE FUCKING PRINCIPLE DRIVES ME INSANE.
WHY THE FUCK SHOULD I WASTE TIME AT AN ALREADY WORKING PIECE OF CODE, TO MAKE IT LESS EFFICIENT AND A SLIGHTLY BIT MORE READABLE?!? FML.5 -
You know what really grinds my gears? As a junior webdeveloper (mostly backend) I try my hardest to deliver quality content and other people's ignorance is killing me in my current job.
Let's rant about a recent project I had under my hood, for this project (a webshop) I had to restructure the database and had to include validation on basicly every field (what the heck, no validation I hear you say??), apperently they let an incompetent INTERN make this f***king webshop. The list of mistakes in this project can bring you close to the moon I'd say, seriously.
Database design 101 is basicly auto incremented ID's, and using IDs in general instead of using name (among a list of other stuff obv.). Well, this intern decided it was a good idea to filter a custom address-book module based on a NAME, so it wasn't setup as: /addressbook/{id} (unique ID, never a problem) but as /addressbook/{name}, which results in only showing one address if the first names on the addresses are the same. Lots of bugs that go by this type of incompetence and ignorance. Want to hear another joke? Look no further, this guy also decided it was a great idea to generate the next ID of an order. So the ordernumber wasn't made up by the auto incremented id on the order model, but by a count of all the orders and that was the next order number. This broke so many times, unbelievable.
To close the list of mistakes off, the intern decided it was a great idea to couple the address of a user directly to an order. Because the user is able to ship stuff to addresses within his addressbook, this bug could delete whole orders out of the system by simply deleting the address in your addressbook.
Enough about my intern rant, after working my ass of and going above and beyond the expectations of the customer, the guy from sales who was responsible for it showed what an a**hole he was. Lets call this guy Tom.
Little backstory: our department is a very small part of the company but we are responsible for so much if you think about it. The company thinks we've transitioned to company wide SCRUM, but in reality we are so far from it. I think the story below is a great example of what causes this.
Anyway, we as the web department work within Gitlab. All of our issues and sprints are organized and updated within this place. The rest of the company works with FileMaker, such a pile of shit software but I've managed to work around its buggyness. Anyway, When I was done with the project described above I notified all the stakeholders, this includes Tom. I made a write-up of all the changes I had made to the project, including screenshots and examples, within Gitlab. I asked for feedback and made sure to tag Tom so he was notified of my changes to the project.
After hearing nothing for 2 weeks, guess who came to my desk yesterday? F**king tom asking what had changed during my time on the project. I told him politely to check Gitlab and said on a friendly tone that I had notified him over 2 weeks ago. He, I shit you not, blantly told me that he never looks on there "because of all the notifications" and that I should 'tell him what to do' within FileMaker (which I already had updated referencing Gitlab with the write-up of my changes). That dick move of him made me lose all respect for this guy, what an ignorant piece of shit he is afterall.
The thing that triggers me the most in the last story is that I spent so much free time to perfect the project I was working on (the webshop). I even completed some features which weren't scheduled during the sprint I was working on, and all I was asking for was a little appreciation and feedback. Instead, he showed me how ignorant and what a dick he was.
I absolutely have no reason to keep on working for this company if co-workers keep treating me like this. The code base of the webshop is now in a way better condition, but there are a dozen other projects like this one. And guess what? All writen by the same intern.
/rant :P10 -
Started a new job today... but I couldn't actually do anything because I had to wait for 4 hours to get an ID card (necessary for computer access because security) only to get told to come back tomorrow to try again. Off to a great start!!
At least my manager realized that this is fucked and filed a complaint against their department. -
If you discount all the usual sql injections the most blatant was not our but a system one customer switched to after complaining over cost.
The new system was a bit more bare bones featurewize but the real gem was the profile page for their customers.
The only security was an id param pointing to the users primary key, which was an auto incrementing integer :)
And not only could you access all customer data but you could change it to.
But since the new system was built by their it chief’s son we realized it was not much we could do.2 -
Same days you just need a duck.
Me: map.get(record.Id)
Code: null
Me: no, map.get(record.id)
Code: null
Me: let's grab this record from the map
Code: null
Me: what the flying fuck, take this fucking ID from this fucking RECORD and find it in THIS god forsaken map.
Code: null
Me:.......
Code: 😉
Duck: did it occur to you the ID exists only AFTER the map is created.
Me: you fucking wha..... oh I'm a dick head.7 -
dear api author at my company pt. 2:
If you're gonna create an api method that takes some arguments.
And one of those arguments is an array.
THEN MAKE THE FUCKING ARGUMENT'S NAME PLURAL YOU FUCKING PIECE OF SHIT.
REPEAT WITH ME, MOTHERFUCKER.
ARRAY, PLURAL, NON-ARRAY, SINGULAR.
I need to pass a shitload of filters for the data for this table, and for every suckin fuckin filter I need to singularize this shit. Thank god for es6.
I know this sounds like nitpick, but I swear to fucking alpha omega this guy is inconsistent as fuck.
Every time it feels like he makes up a new rule.
Sometimes I need to send arrays of ids, other times arrays of objects with an id property on each.
He uses synonyms too, sometimes it's remove, other times erase.
PICK ONE MOTHERFUCKER.
If you can't do the basic things well, then what is to expect of more advanced stuff?
Naming conventions you fucking idiot, follow them. It's programming 101.
You're already sending them as plural in the fucking response. Why change them for the request?
And that's just style, conventions.
This idiot asshole also RARELY DOES ANY FUCKING CHECK ON THE ARGUMENTS.
"Oh, you sent a required argument as null? 500"
We get exceptions on sentry UP THE ASS thanks to this useless bone container.
YOU'RE SEEING THE EXCEPTIONS TOO!!!!! 500'S ARE BUGS YOU NEED TO FIX, YOU CUMCHUGGER
And sometimes he does send 400, you know what the messages usually are?
"Validation failed".
WHYYYYYY YOU GODDAMN APATHETIC TASTELESS FUCK???
WHAT EXACTLY CAUSED THE FUCKING VALIDATION TO FAIL????
EXCEPTIONS HAPPEN AND THANKS TO YOU I HAVE NO IDEA WHY.
The worst of all... the worst of fucking all is that everytime I make a suggestion to change shit, every time, you act like you care.
You act like the api is the way it is because you designed it in a calculated manner.
MOTHERFUCKER. IF A USER HAS ONLY PRODUCT A, THEN HE SHOULDN'T BE ABLE TO ACCESS DATA FOR PRODUCT B. IT IS NOT ENOUGH TO JUST RESTRICT SHIT WITH ADMIN ROLES. IDIOT!!!!!
This is the work of someone who has no passion for programming.10 -
So I have seen this quite a few times now and posted the text below already, but I'd like to shed some light on this:
If you hit up your dev tools and check the network tab, you might see some repeated API calls. Those calls include a GET parameter named "token". The request looks something like this: "https://domain.tld/api/somecall/..."
You can think of this token as a temporary password, or a key that holds information about your user and other information in the backend. If one would steal a token that belongs to another user, you would have control over his account. Now many complained that this key is visible in the URL and not "encrypted". I'll try to explain why this is, well "wrong" or doesn't impose a bigger security risk than normal:
There is no such thing as an "unencrypted query", well besides really transmitting encrypted data. This fields are being protected by the transport layer (HTTPS) or not (HTTP) and while it might not be common to transmit these fields in a GET query parameter, it's standard to send those tokens as cookies, which are as exposed as query parameters. Hit up some random site. The chance that you'll see a PHP session id being transmitted as a cookie is high. Cookies are as exposed as any HTTP GET or POST Form data and can be viewed as easily. Look for a "details" or "http header" section in your dev tools.
Stolen tokens can be used to "log in" into the website, although it might be made harder by only allowing one IP per token or similar. However the use of such a that token is absolut standard and nothing special devRant does. Every site that offers you a "keep me logged in" or "remember me" option uses something like this, one way or the other. Because a token could have been stolen you sometimes need to additionally enter your current password when doings something security risky, like changing your password. In that case your password is being used as a second factor. The idea is, that an attacker could have stolen your token, but still doesn't know your password. It's not enough to grab a token, you need that second (or maybe thrid) factor. As an example - that's how githubs "sudo" mode works. You have got your token, that grants you more permissions than a non-logged in user has, but to do the critical stuff you need an additional token that's only valid for that session, because asking for your password before every action would be inconvenient when setting up a repo
I hope this helps understanding a bit more of this topic :)
Keep safe and keep asking questions if you fell that your data is in danger
Reeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee5 -
Episode 2 of this rant: https://devrant.io/rants/851636/...
PM went to meet with the provider and came back, so I had a talk with the PM and it went like this:
Me: so how did the meeting go? Hope they corporate with you
PM: *in a sarcastic voice* Bro, you need be a good dev, they told me only a good dev can implement Master Card API calls, and its all in the docs. That's all they told me, so you should know how the meeting went
Me: *there is no wifi in jail, there is no wifi in jail, there is no wifi in jail, there is no wifi in jail* Fine bro, I'll go back to school and come back after 12 years.
Seriously when I send the provider the request and the body and all they tell me is: You have an error, Id must be unique but they fail to point out the exact error or at least send me a valid ID to test, how does this make me the bad dev and him the genius that can run Apple, Google, MS all together at once!
What is even worse, when I called the provider he told me: Man transaction ID must always be unique, how could you not know this, how is Mastercard supposed to differentiate between transactions!!
But hey, no one told me transaction id must be unique, primary keys are never unique, like DUH!10 -
Tl;DR; version:
French designer, Mexican PSD -> HTML converter, Indian VueJS developer, Spanish project manager and a Taiwanese back-end developer. Application was made like an tower of pizza from bullcrap held by boogers and constantly licked by an orangutang to keep it standing.
Longer version:
We had to take a "half-finished" project from one of our clients, received the code for full-stack project. The css/design was so unbearable that it mostly broke on anything that had higher than 720px wide screen, structure was full of tables/divs and no fucking flexbox/grid... Then the fun part - we saw it's conversion to vueJS - a single fucken App.vue file that had shitton of conditions for pages.... yea, not even multi-component/routed app, just conditions!!!! And then... A back-end (in which I mainly specify myself) - it was made by a developer that had to mainly use Java/C# as their daily driver while all being build on php and Laravel. 0 Fucken laravel functions used, 0 of models, logic and so on.... Most of the page was running on RAW sql queries. Names... Oh my god the function names....
`getTheUsersThatHasAtLeastOneSpaceAssignedToThemByGivenCompanyId(int $id)`
And it held an RAW sql that was coming from a model....
All of this was managed by a random spanish manager who couldn't really understand what our client needed and what he actually wanted so from 100% of the site, only 20% was correct in logic....
And yet, according to the whole "package" (team) - they did everything correctly, saw no issues and our client was ungrateful fucker that refused to pay 10x the amount that we asked in order to completely re-do the application....
Morale: Remote teams are great... As long as all of them can work remote in TEAM.5 -
OMFG I don't even know where to start..
Probably should start with last week (as this is the first time I had to deal with this problem directly)..
Also please note that all packages, procedure/function names, tables etc have fictional names, so every similarity between this story and reality is just a coincidence!!
Here it goes..
Lat week we implemented a new feature for the customer on production, everything was working fine.. After a day or two, the customer notices the audit logs are not complete aka missing user_id or have the wrong user_id inserted.
Hm.. ok.. I check logs (disk + database).. WTF, parameters are being sent in as they should, meaning they are there, so no idea what is with the missing ids.
OK, logs look fine, but I notice user_id have some weird values (I already memorized most frequent users and their ids). So I go check what is happening in the code, as the procedures/functions are called ok.
Wow, boy was I surprised.. many many times..
In the code, we actually check for user in this apps db or in case of using SSO (which we were) in the main db schema..
The user gets returned & logged ok, but that is it. Used only for authentication. When sending stuff to the db to log, old user Id is used, meaning that ofc userid was missing or wrong.
Anyhow, I fix that crap, take care of some other audit logs, so that proper user id was sent in. Test locally, cool. Works. Update customer's test servers. Works. Cool..
I still notice something off.. even though I fixed the audit_dbtable_2, audit_dbtable_1 still doesn't show proper user ids.. This was last week. I left it as is, as I had more urgent tasks waiting for me..
Anyhow, now it came the time for this fuckup to be fixed. Ok, I think to myself I can do this with a bit more hacking, but it leaves the original database and all other apps as is, so they won't break.
I crate another pck for api alone copy the calls, add user_id as param and from that on, I call other standard functions like usual, just leave out the user_id I am now explicitly sending with every call.
Ok this might work.
I prepare package, add user_id param to the calls.. great, time to test this code and my knowledge..
I made changes for api to incude the current user id (+ log it in the disk logs + audit_dbtable_1), test it, and check db..
Disk logs fine, debugging fine (user_id has proper value) but audit_dbtable_1 still userid = 0.
WTF?! I go check the code, where I forgot to include user id.. noup, it's all there. OK, I go check the logging, maybe I fucked up some parameters on db level. Nope, user is there in the friggin description ON THE SAME FUCKING TABLE!!
Just not in the column user_id...
WTF..Ok, cig break to let me think..
I come back and check the original auditing procedure on the db.. It is usually used/called with null as the user id. OK, I have replaced those with actual user ids I sent in the procedures/functions. Recheck every call!! TWICE!! Great.. no fuckups. Let's test it again!
OFC nothing changes, value in the db is still 0. WTF?! HOW!?
So I open the auditing pck, to look the insides of that bloody procedure.. WHAT THE ACTUAL FUCK?!
Instead of logging the p_user_sth_sth that is sent to that procedure, it just inserts the variable declared in the main package..
WHAT THE ACTUAL FUCK?! Did the 'new guy' made changes to this because he couldn't figure out what is wrong?! Nope, not him. I asked the CEO if he knows anything.. Noup.. I checked all customers dbs (different customers).. ALL HAD THIS HARDOCED IN!!! FORM THE FREAKING YEAR 2016!!! O.o
Unfuckin believable.. How did this ever work?!
Looks like at the begining, someone tried to implement this, but gave up mid implementation.. Decided it is enough to log current user id into BLABLA variable on some pck..
Which might have been ok 10+ years ago, but not today, not when you use connection pooling.. FFS!!
So yeah, I found easter eggs from years ago.. Almost went crazy when trying to figure out where I fucked this up. It was such a plan, simple, straight-forward solution to auditing..
If only the original procedure was working as it should.. bloddy hell!!8 -
Did some updates to an older Web Forms website built by a previous SENIOR developer who is a notoriously horrible developer.
Now before I start, you have to understand this guy studied at a University and had been working for at least two years before I even started working. He is supposed to know the basic shit mentioned below.
This also happened a couple of days ago, so I have calmed down since then so I apologise for the relaxed tone. My next rant will contain a lot more swearing.
This fucking guy did the stupidest shit imaginable.
On the details view of a post|page|article|product|anything that would require a details view this jackass would load the data from the DB.
Using an OleDbConnection, OleDbDataAdapter, DataTable and the poorest writter fucking sql statements you have ever seen. All of these declared in the Page_Load method.
There was literally no reason for him to use OleDb instead of Sql, but he simply did not know any better.
He especially liked: "select * from tbl where id = " & Request("T") & ""
ZERO fucking checks to see if the value is even passed or valid, nothing. He did not even check whether the DataTable had any rows.
He then proceeded to use only the Heading column of the returned row to change the page's title.
Stupidly I assumed the aspx page will be in a better state. Fuck NO!
This fucktard went, added server tags to the opening of the asp:Content tag, copied that shit he used to fetch the data and pasted it between the server tags.
He did not know how to access the DataTable mentioned above from the aspx page!
He did this on every fucking project he worked on. Any place that required <%= %> to display data instead of using asp server controls, this cunt copied whatever was written in the code behind and pasted everything between server tags.
Fuck I could go on forever, but I think this is enough for my first rant.2 -
So now I have to pay taxes because I'm employed. Fair enough, sounds reasonable.
Go to the government's diseased scrotum of a webapp to tramit some ID stuff and shit. All good. Then I go to the bank, so I can open an account, so that I can receive the money, so that I can pay the government.
What happens? The guy at the bank tells me he can't access my ID, so he can't open my account. Understandable. I go once again to the gonorrhea infected maggotsoup that is the government's mother fucking webapp. THEY BLOCKED MY ID.
Problem? I had to attach images of some documentation, they say the images are illegible. I try again with a clearer image, ten fucking times the resoulution.
Is that good enough? NOOOOOOOOOO0=00=======0===000 oo O O OO O O, I am the government, my sole purpose in life is to be a dick in your asshole.
So what do I do? I, calmly, grab the documentation, go to the nearest office, and politely explain the situation to the dude behind the counter. Surely, he can verify himself that my papers are in order, no?
NO. HE CANNOT.
IT CAN ONLY BE DONE THROUGH THE APP.
ARE YOU FUCKING KIDDING ME.
WE ARE DOOMED AS A SPECIES.
LISTEN TO ME, DEAR GOVERNMENT.
AND DEAR TAXMEN.
AND ASSOCIATED BUREAUCRATS.
PLEASE HEAR ME OUT.
IF YOU DON'T UNBLOCK MY ID, I CANNOT OPEN A BANK ACCOUNT.
IF I DO NOT HAVE A BANK ACCOUNT, I CANNOT RECEIVE ANY MONEY.
IF I CANNOT RECEIVE ANY MONEY, THEN I CANNOT PAY **YOU**.
SEE HOW THAT WORKS?
ITS OK.
JUST SUSPEND THE PAYMENT I OWE.
YOU KNOW, THE ONE THAT'S DUE IN A FEW DAYS??
OH RIGHT!
YOU'RE STILL ASKING ME FOR THAT MONEY.
SILLY ME.
I THOUGHT I MAY BE EXEMPT.
SINCE YOU YOURSELF HAVE FORBIDDEN ME FROM PAYING.
ARRHGHHGGHGHGHGHGH!!!!!!!!
YOU IRREDEEMABLY STUPID FUCK.15 -
Samsung Pay > Apple Pay
There I said it. After testing Apple Pay, Google Wallet, and now Samsung Pay I am convinced that Samsung Pay is the best. It works great and the rewards points that you get for using it are just awesome.
Side note: wtf Apple!? The iPhone 8 is the iPhone 7 plus wireless charging and the iPhone X is just a $1000 piece of flashy ass shit that's only real "innovations" are Face ID and animojis.6 -
Oh well, it was just a countdown until somebody finds a way to create the mask.
"On Friday, Vietnamese security firm Bkav released a blog post and video showing that—by all appearances—they'd cracked Face ID with a composite mask of 3-D-printed plastic, silicone, makeup, and simple paper cutouts, which in combination tricked an iPhone X into unlocking."
"But they say that it was based in part on the realization that Face ID's sensors only checked a portion of a face's features, which WIRED had previously confirmed in our own testing."
source: https://wired.com/story/...5 -
Coming back here after years to rant about... myself.
TLDR: I fucked up and now have to call a thousand people as a dev, I'm not even getting paid for it and they all get crazy about a random ID that got assigned to them, so now I want to throw away all my electronics and become a skilift operator.
Stupid me deployed a project shortly before we have the largest amount of orders in the year. (Like 90% of yearly orders in a couple minutes cause they are sold out fast and people wait to order first)
I got this horrible legacy "plain self written framework php" project which I tried to upgrade state of the art.
There was one piece missing to upgrade everything and nicely deploy it to some fresh new servers which can handle the high load which peaks at the time orders open.
So I did it the day before orders open and... everything worked well! Nothing crashed.
I wrote my client to wait a little before he confirms the orders, since after confirmation each of the people who ordered will receive an email where they can choose a unique number which they'll receive as a sticker with the order.
Since it's an event my client is promoting, people will meet each other wearing those unique stickers and being able to identify each other online and in person with this number.
Suddenly my clients call me that "customers are complaining about that there is something wrong"
Turned out he confirmed all orders straight away and that part of the application which makes the number unique was broken on the update.
So everyone could chose any number (also taken ones) as his "unique" number.
In my panic, I told my client "It's my mistake, I'll deal with it of course and call the affected people in my free time, since it's my mistake you don't have to pay for it". (it's my largest client by far, am a freelancer)
Realizing when people can chose any number it'll not be a few ones who have the same, it's like almost everyone did chose "69", "1", "420", "88 (a scary amount of people)",... (with 69 being the number being chosen by most people btw, even more then "1")
So now I have to call about a thousand people telling them a new random ID will be assigned to them. I thought of course about mailing them, wrote a script that deals with the issue automatically, and FUCKED IT UP TOO so everyone is confused and the only way to deal with it is by a call basically.
And while I'm sitting here now for 2 days straight calling people in my free time about their random ID will have to change, I realized that some people are quite crazy about random ID's.
I'm talking about yelling and threatening because "is it too much to ask for a working website when ordering this expensive product".
I hate my life right now and am getting quite serious about throwing all my electronic devices away and become a skilift operator instead. Fuck the higher pay, it's not worth the shit, I wanna have only responsibility about one button to press while watching people fall on their face.5 -
Just spent about a day and a half debugging my code a million different ways, only to discover that the third party call that kept failing needed the id in UPPERCASE.
-
Boss: some consultants worked on this feature extending some legacy code
Boss: it's 90% done
Boss: they used FTP. It uses iframes and we fired them when they couldn't get the frontend modules working in sync with the backend.
Me: git checkout -b herewegoagain
git diff-tree --no-commit-id --name-only -r 666w3wl4d
*copy output list of files to sublime text 3; select all lines; add to each:
gitk --follow [filename] > src/.notes/herewegoagain/[filename].diff
*examines....
Me: It's -10% done. you'll know I'm almost done when I enter the fugue state. You'll find me at this address. Give me this USB stick and a 4 pack of redbull and I'll do the merge.6 -
So I'm on vacation right now to visit family. I received an email from the head of department that, due to our department getting 7 new hires in one day, the seating arrangement has been changed.
My new seat is next to this one developer who's old enough to be my dad. He's a very nice guy and all, but the problem is he burps ALL. THE. TIME. I've never met anybody more gassy. His burps don't stink, thank God, but they're loud enough that it's seriously jarring.
You know how us devs can be completely in the zone until some marketing dickbag taps you on the shoulder and asks you to check your email or help with something that is absolutely not your job and you completely lose all focus and have to start over? Its exactly like that, except it happens every 10 minutes.
Another thing is, my back is now facing away from the wall, towards the rest of the office. The nearest section to mine is management. That means that anybody, including the CEO, can walk up right behind me and see what I'm doing at all times.
I really hate that. Id much rather be next to the wall to have some sort of privacy. Somehow sitting next to burpy guy is still the thing I'm most annoyed about though.
I tried to ask for a different seat, but my manager effectively said that I have no choice but to sit there because that guy is part of my team, and teammates should sit together. He forgot about the fact that, while the work him and I do is indeed related, I've been working on a solo project for the past few months and I don't need to be next to anybody in particular because I'm the only one working on this thing. Theoretically, I could sit in the toilet with my laptop and get my work done just fine. Maybe when I talk to him face to face in the office I can convince him to have some mercy on me.
The bright side is I'm very excited about meeting those 7 new hires I mentioned. They seem to be smart, capable people so I look forward to working with them and learning from them. Every cloud has a silver lining. 😊7 -
Current task:
Somehow, one of my predecessors made some sort of custom hook tied to woocommerce check out that pipes some data into a nightmarish spaghetti fuck pile of undocumented wild west visual basic bullshit. It does this, presumably, via a set of parameters passed as plaintext in a url. I know this because I found the singleton that declares this. Helpfully, Mr. Fuckass named the class "Default", so I only have around 30k instances being kicked back by my IDE when I search for it. The only reason I "need" to find this, is so that I can just change the button to an href pointing at my own MS for shipping, and I need to change the fifteen params being passed to just one - a customer ID, which should be stored in the session, and referenced by a cookie. Once that is done, I should be able to freely delete a couple of gigs worth of bullshit. Been stuck on this for three days now. God forbid we have a test environment or something.
I'm tired. Can't even get angry anymore really. Can't even think of anything funny to say about it either, I just can't wait until this is done and I can go back to sleep.4 -
Fuck chromium devs and their hate for linux. Piece of shit
https://bugs.chromium.org/p/...
TL;DR
Screen share with audio is broken under chromium, because some user didn't want the desktop audio appear when asking for input devices, when there's no microphone available.
The thread doesn't mention a specific cause for this besides "for some reason pulseaudio does this"
So what did the gigabrains working on chromium decide to do? Not list monitors (basically recording devices for on desktop audio) at all.
Why?
* UI is hard
* Because we say so
* Fuck standards
And they only do that on linux. Windows, which uses a similar concept works just fine. Mac? Yeah, just hacked it in. Linux? GL won't fix
Meanwhile they decide to add all shits of non standard, bug causing events for shits and giggles, but when you actually want to resolve issues you're met with silence and arrogance.
Once again, what a piece of shit. Chromium devs must love making things worse with every passing version7 -
I don't know if I'm being pranked or not, but I work with my boss and he has the strangest way of doing things.
- Only use PHP
- Keep error_reporting off (for development), Site cannot function if they are on.
- 20,000 lines of functions in a single file, 50% of which was unused, mostly repeated code that could have been reduced massively.
- Zero Code Comments
- Inconsistent variable names, function names, file names -- I was literally project searching for months to find things.
- There is nothing close to a normalized SQL Database, column ID names can't even stay consistent.
- Every query is done with a mysqli wrapper to use legacy mysql functions.
- Most used function is to escape stirngs
- Type-hinting is too strict for the code.
- Most files packed with Inline CSS, JavaScript and PHP - we don't want to use an external file otherwise we'd have to open two of them.
- Do not use a package manger composer because he doesn't have it installed.. Though I told him it's easy on any platform and I'll explain it.
- He downloads a few composer packages he likes and drag/drop them into random folder.
- Uses $_GET to set values and pass them around like a message contianer.
- One file is 6000 lines which is a giant if statement with somewhere close to 7 levels deep of recursion.
- Never removes his old code that bloats things.
- Has functions from a decade ago he would like to save to use some day. Just regular, plain old, PHP functions.
- Always wants to build things from scratch, and re-using a lot of his code that is honestly a weird way of doing almost everything.
- Using CodeIntel, Mess Detectors, Error Detectors is not good or useful.
- Would not deploy to production through any tool I setup, though I was told to. Instead he wrote bash scripts that still make me nervous.
- Often tells me to make something modern/great (reinventing a wheel) and then ends up saying, "I think I'd do it this way... Referes to his code 5 years ago".
- Using isset() breaks things.
- Tens of thousands of undefined variables exist because arrays are creates like $this[][][] = 5;
- Understanding the naming of functions required me to write several documents.
- I had to use #region tags to find places in the code quicker since a router was about 2000 lines of if else statements.
- I used Todo Bookmark extensions in VSCode to mark and flag everything that's a bug.
- Gets upset if I add anything to .gitignore; I tried to tell him it ignores files we don't want, he is though it deleted them for a while.
- He would rather explain every line of code in a mammoth project that follows no human known patterns, includes files that overwrite global scope variables and wants has me do the documentation.
- Open to ideas but when I bring them up such as - This is what most standards suggest, here's a literal example of exactly what you want but easier - He will passively decide against it and end up working on tedious things not very necessary for project release dates.
- On another project I try to write code but he wants to go over every single nook and cranny and stay on the phone the entire day as I watch his screen and Im trying to code.
I would like us all to do well but I do not consider him a programmer but a script-whippersnapper. I find myself trying to to debate the most basic of things (you shouldnt 777 every file), and I need all kinds of evidence before he will do something about it. We need "security" and all kinds of buzz words but I'm scared to death of this code. After several months its a nice place to work but I am convinced I'm being pranked or my boss has very little idea what he's doing. I've worked in a lot of disasters but nothing like this.
We are building an API, I could use something open source to help with anything from validations, routing, ACL but he ends up reinventing the wheel. I have never worked so slow, hindered and baffled at how I am supposed to build anything - nothing is stable, tested, and rarely logical. I suggested many things but he would rather have small talk and reason his way into using things he made.
I could fhave this project 50% done i a Node API i two weeks, pretty fast in a PHP or Python one, but we for reasons I have no idea would rather go slow and literally "build a framework". Two knuckleheads are going to build a PHP REST framework and compete with tested, tried and true open source tools by tens of millions?
I just wanted to rant because this drives me crazy. I have so much stress my neck and shoulder seems like a nerve is pinched. I don't understand what any of this means. I've never met someone who was wrong about so many things but believed they were right. I just don't know what to say so often on call I just say, 'uhh..'. It's like nothing anyone or any authority says matters, I don't know why he asks anything he's going to do things one way, a hard way, only that he can decipher. He's an owner, he's not worried about job security.13 -
Not the worst, but probably the only one I can sort of explain & not get into trouble for NDA breach..
Umm.. here it goes.. wrong id returned from db procedure, tried to do something on db with that id and got exception that the id doesn't exist. Instead of checking why the procedure returns nonexistent id, he just wrapped everything in try catch without any logs.. & of course, didn't tell anyone about this.. o.0
I know, I know, code review could have prevented this, but holy fuck..
Guy's cv had more experience than I have now, so at the time, I didn't think I'd have to check every line of code he wrote, especially not for shit like this.3 -
Oi mates!
Little #ad (Not annoying don't worry - it's a cool project)
Just wanted to let y'all know about the awesome project from the Stanford University named Folding@Home!
Basically you donate CPU/GPU power and they use it for researching cancer/alzheimer's/etc.
All you need to do is install some software on your server/computer.
Then the software downloads so called "Work Units" (no big bandwidth required - really small packets) and simulates/calculates some stuff. Afterwards the client send the results back to their server.
This way they are able to create a "supercomputer" that is spread all over the world.
You don't need to pay anything except maybe some increased electricity bills (but you change some settings to use only a little part of the CPU/GPU and therefore create less heat).
Of course the program only uses the CPU/GPU power that's not required by any other software on the computer. I can literally play games while the client is running. No performance decrease.
That's a short intro by me. I can suggest you to visit their website and maybe even start folding by yourself!
> https://foldingathome.com
Also @cr78, @kescherRant and me are in a team together. If you want to join our team as well just use our Team ID:
235222
Teams?
Yup, there's this little stats site (https://stats.foldingathome.com) where all teams can compete against each other. Nothing big.
I hope I convinced atleast some of you!
Feel free to ask questions in the comments!
See ya.11 -
For about 3x years now, we have had 3x generic work email addresses that are used as microsoft accounts for office 2016 licenses.
(The company is dragging its heels on getting office 365 so MS like to make our lives hell.)
Suddenly we can’t get office updates... and when we sign in to see why, it says that because we are apparently only 3 years old we need our parents permission to use the account or we’ll lose access by September.
Never were we forced to enter a DOB when setting the accounts up!!! So it used the account setup date instead.
It turns out that we can’t change our DOB ourselves, as we are a ‘child’ and need a parents permission.
Fine.
I access my personal account and follow the instructions to add the 3x email addresses as my children so i can change the DOB.
‘Ha ha’ i hear microsoft saying, ‘it doesn’t work that way!!’
No, In order for the parent to verify their child’s identity, they are charged 0.50c per child!
Wtf!!
Doesn’t cost a lot but come on Microsoft!!
It’s that, or submit ID, which obviously wont work for a generic support@ email address like we have.
So annoying and we don’t know what to do.
Wonder how much MS are making out of this...2 -
TL:DR
Why do so shitty "API"s exist that are even harder to write than proper ones? D:
Trying to hack my venilation at home.
This API is so horrible D:
The API is only based on POST requests no matter if you want to write values or get values and the response only contains XML with cryptic values like:
<?xml version="1.0" encoding="UTF-8"?>
<PARAMETER>
<LANG>de</LANG>
<ID>v01306</ID>
<VA>00011100000000000000000010000001</VA>
<ID>v00024</ID>
<VA>0</VA>
<ID>v00033</ID>
<VA>2</VA>
<ID>v00037</ID>
<VA>0</VA>
Also there are multiple API routes like
POST /data/werte1.xml
POST /data/werte2.xml
POST /data/werte3.xml
POST /data/werte4.xml
And actually the real API route is only given in the request body and not in the path.
Why is this so shitty? D:<
Btw in terms of security this is also top notch. It just globally saves if one computer sends the login password.
I mean why even ask for a password then? D:
That made me end up with a cronjob to send a login request so I don't have to login on any device.
PS:
You see, great piece of German engineering.3 -
My arguments about Apple:
- "iPhone 12 camera can be better than anything else because it's more advanced, it has LiDAR and 10-bit codecs"
- "I can copy on my iPhone and paste on my MacBook and vice versa out of the box"
- "My Beats can seamlessly switch from playing from my MacBook to my iPhone to my Apple Watch. I can be exercising with only my Apple Watch and my Beats, no need for iPhone"
- "2K screen with nice colors in a 900g laptop is rare if you consider the price. Apple one is the cheapest one with that characteristics"
- "Apple Pay is convenient"
- "Fingerprint scanners fail with wet fingers no matter if it's ultrasonic or optical, LiDAR Face ID is objectively more secure than any camera-based unlock mechanism"
- "Stainless steel frame feels better than aluminum one"
I'm not saying Apple is the best. I'm not saying that Google Pay doesn't exist or that Apple Pay is better. I'm not saying that Apple has no downsides.
However, these are responses I get:
"But Apple IS crapple, immutably"
"Why are you even looking at apple crap if you want something good"
If you want to bash Apple, bash it for something real like that butterfly keyboard fails, unconventional AirPods shape that makes most people's ears hurt, screen coating fails on MacBooks, App Store commissions.47 -
Running a wild UPDATE statement against an inventory database, it was chaotic and didn't have backups.... yea I know 😅 the backup service died god knows when and no one noticed. I was only new at the time so #notMyFault
UPDATE stock_on_hand = 0; WHERE id IN(1,2,3,4,5,88,972,7388);
# rows affected 1,234,567,890
> I think I almost died inside.
Oh the fun that mess was to clean up.
The positive outcome of this was, we had backups working again not long after and the inventory counts where accurate after that stock take.3 -
I hate lying customers.
Today a customer opened a support ticket related to his website account. Apparently he is losing his session right after the login success.
I've debugged everything, checked all logs and couldn't reproduce it.
I know every bit of business logic on the website by heart.
The only explanation could be that his browser either doesn't allow cookies or expires them after page change.
So I asked him to check.
"Yes, cookies are allowed in my browser" he wrote.
Well... fuck me... I will change the code to put the session ID in the URL as well. If it works - and I'm 100% sure of that - I will personally mail him a collection of the finest turds.4 -
So recently I completed side gig from random freelancing site where I had to shadow troubleshoot performance problems over teams call with random Indian guy on his client's AWS account. Long story short you can autoscale new instances all you want but it's not gonna help if your FIFO sqs has only one message group ID. This architecture is running an online game, which is basically limited to processing ONE event at the same time for ALL players xD
What's even better, basing on naming convention I realized it's a company that I interviewed for like 4 months ago and they told me "we need someone with more experience". Well good luck, thanks for quick cash -
Most painful code error you've made?
More than I probably care to count.
One in particular where I was asked to integrate our code and converted the wrong value..ex
The correct code was supposed to be ...
var serviceBusMessage = new Message() {ID = dto.InvoiceId ...}
but I wrote ..
var serviceBusMessage = new Message() {ID = dto.OrderId ...}
At the time of the message bus event, the dto.OrderId is zero (it's set after a successful credit card transaction in another process)
Because of a 'true up' job that occurs at EOD, the issue went unnoticed for weeks. One day the credit card system went down and thousands of invoices needed to be re-processed, but seemed to be 'stuck', and 'John' was tasked to investigate, found the issue, and traced back to the code changes.
John: "There is a bug in the event bus, looks like you used the wrong key and all the keys are zero."
Me: "Oh crap, I made that change weeks ago. No one noticed?"
John: "Nah, its not a big deal. The true-up job cleans up anything we missed and in the rare event the credit card system goes down, like now. No worries, I can fix the data and the code."
<about an hour later I'm called into a meeting>
Mgr1: "We're following up on the credit card outage earlier. You made the code changes that prevented the cards from reprocessing?"
Me: "Yes, it was my screw up."
Mgr1: "Why wasn't there a code review? It should have caught this mistake."
Mgr2: "All code that is deployed is reviewed. 'Tom' performed the review."
Mgr1: "Tom, why didn't you catch that mistake."
Tom: "I don't know, that code is over 5 years old written by someone else. I assumed it was correct."
Mgr1: "Aren't there unit tests? Integration tests?"
Tom: "Oh yea, and passed them all. In the scenario, the original developers probably never thought the wrong ID would be passed."
Mgr1: "What are you going to do so this never happens again?"
Tom: "Its an easy addition to the tests. Should only take 5 minutes."
Mgr1: "No, what are *you* going to do so this never happens again?"
Me: "It was my mistake, I need to do a better job in paying attention. I knew what value was supposed to passed, but I screwed up."
Mgr2: "No harm no foul. We didn't lose any money and no customer was negativity affected. Credit card system may go down once, or twice a year? Nothing to lose sleep over. Thanks guys."
A week later Mgr1 fires Tom.
I feel/felt like a total d-bag.
Talking to 'John' later about it, turns out Tom's attention to detail and 'passion' was lacking in other areas. Understandable since he has 2 kids + one with special-needs, and in the middle of a divorce, taking most/all of his vacation+sick time (which 'Mgr1' dislikes people taking more than a few days off, that's another story) and 'Mgr1' didn't like Tom's lack of work ethic (felt he needed to leave his problems at home). The outage and the 'lack of due diligence' was the last straw.1 -
this just happened a few seconds ago and I am just laughing at the pathetic site that is Facebook. xD
4 years ago:
So I was quite a noobie gamer/hacker(sort of) back then and i had a habit of having multiple gmail/fb accounts, just for gaming, like accounts through which i can log in all at once in the same poker room, so 4/5 players in the game are me, or just some multiple accounts for clash of clans for donations.
I had 7-8 accounts back then. one had a name that translated to "may the dead remain in peace "@yahoomail.com . it was linked to fb using same initials. after sometime only this and 2 of my main accs were all i cared about.even today when i feel like playing, i sometimes use those accs.
2 years ago.
My dad is a simple man and was quite naive to modern techs and used to hang around with physical button nokia phones.But we had a business change, my father was now in a partnership in a restaurant where his daily work included a lot of sitting job and and casual working. So he bought a smartphone for some time pass.
He now wanted to download apps and me to teach him.I tried a lot to get him his own acc, but he couldn't remember his login credentials.
so at the end i added one of my own fake ID's(maythedead...) so he could install from playstore, watch vids on youtube and whatever.
The Actual Adventure starts now
Today, 1 hour ago:
I had completely forgot about this incident, since my parents are now quite modern in terms of tech.
But today out of nowhere i recieved an email that someone has JUST CHAINGED MY FB PASSWORD FOR ONE OF MY FAKE ACCS!?!??
what the hell, i know it was just a useless acc and i never even check my fb from any acc these days, but if someone could login into that acc, its not very difficult to track my main accs, id's, etc so i immediately opened this fb security portal and that's where the stupidity starts:
1)To recover your account they FUCKIN ASKS FOR A PHYSICAL ID. yeah, no email, no security question you have to scan your driving license or passport to get back to your account.And where would I get a license for some person named "may the dead remain in peace"? i simply went back.
2) tried another hack that i thought that will work.Closed fb help page, opened fb again , tried to login with my old credentials, it says" old password has been changed,please enter new password", i click forget password and they send an otp. i thought yes i won, because the number and recover mail id was mine only so i received it.
when i added the otp, i was first sent to a password change page (woohoo, i really won! :)) but then it sends me again to the same fuckin physical id verification page.FFFFFFFFFuck
3)I was sad and terrified that i got hacked.But 10 mins later a mail comes ,"Your Facebook password was reset using the email address on Tuesday, April 10, 2018 at 8:24pm (UTC+05:30)."
I tried clicking the links attached, hoping that the password i changed(point<2>) has actually done something to account.NADA, the account still needs a physical license to open:/
4) lost, i just login to my main account and lookup for my lost fake account. the fun part:my account has the display pic of my father?!!?!
So apparently, my father wanted to try facebook, he used the fake account i gave him to create one, fb showed him that this id already has an fb account attached to it and he accidently changed my password.MY FATHER WAS THE HACKER THE WHOLE TIME xD.
but response from fb?" well sir, if you want your virtually shitty account back , you first will have to provide us with all details of your bank transactions or your voter id card, maybe trump will like it" -
Everyone and their dog is making a game, so why can't I?
1. open world (check)
2. taking inspiration from metro and fallout (check)
3. on a map roughly the size of the u.s. (check)
So I thought what I'd do is pretend to be one of those deaf mutes. While also pretending to be a programmer. Sometimes you make believe
so hard that it comes true apparently.
For the main map I thought I'd automate laying down the base map before hand tweaking it. It's been a bit of a slog. Roughly 1 pixel per mile. (okay, 1973 by 1067). The u.s. is 3.1 million miles, this would work out to 2.1 million miles instead. Eh.
Wrote the script to filter out all the ocean pixels, based on the elevation map, and output the difference. Still had to edit around the shoreline but it sped things up a lot. Just attached the elevation map, because the actual one is an ugly cluster of death magenta to represent the ocean.
Consequence of filtering is, the shoreline is messy and not entirely representative of the u.s.
The preprocessing step also added a lot of in-land 'lakes' that don't exist in some areas, like death valley. Already expected that.
But the plus side is I now have map layers for both elevation and ecology biomes. Aligning them close enough so that the heightmap wasn't displaced, and didn't cut off the shoreline in the ecology layer (at export), was a royal pain, and as super finicky. But thankfully thats done.
Next step is to go through the ecology map, copy each key color, and write down the biome id, courtesy of the 2017 ecoregions project.
From there, I write down the primary landscape features (water, plants, trees, terrain roughness, etc), anything easy to convey.
Main thing I'm interested in is tree types, because those, as tiles, convey a lot more information about the hex terrain than anything else.
Once the biomes are marked, and the tree types are written, the next step is to assign a tile to each tree type, and each density level of mountains (flat, hills, mountains, snowcapped peaks, etc).
The reference ids, colors, and numbers on the map will simplify the process.
After that, I'll write an exporter with python, and dump to csv or another format.
Next steps are laying out the instances in the level editor, that'll act as the tiles in question.
Theres a few naive approaches:
Spawn all the relevant instances at startup, and load the corresponding tiles.
Or setup chunks of instances, enough to cover the camera, and a buffer surrounding the camera. As the camera moves, reconfigure the instances to match the streamed in tile data.
Instances here make sense, because if theres any simulation going on (and I'd like there to be), they can detect in event code, when they are in the invisible buffer around the camera but not yet visible, and be activated by the camera, or deactive themselves after leaving the camera and buffer's area.
The alternative is to let a global controller stream the data in, as a series of tile IDs, corresponding to the various tile sprites, and code global interaction like tile picking into a single event, which seems unwieldy and not at all manageable. I can see it turning into a giant switch case already.
So instances it is.
Actually, if I do 16^2 pixel chunks, it only works out to 124x68 chunks in all. A few thousand, mostly inactive chunks is pretty trivial, and simplifies spawning and serializing/deserializing.
All of this doesn't account for
* putting lakes back in that aren't present
* lots of islands and parts of shores that would typically have bays and parts that jut out, need reworked.
* great lakes need refinement and corrections
* elevation key map too blocky. Need a higher resolution one while reducing color count
This can be solved by introducing some noise into the elevations, varying say, within one standard div.
* mountains will still require refinement to individual state geography. Thats for later on
* shoreline is too smooth, and needs to be less straight-line and less blocky. less corners.
* rivers need added, not just large ones but smaller ones too
* available tree assets need to be matched, as best and fully as possible, to types of trees represented in biome data, so that even if I don't have an exact match, I can still place *something* thats native or looks close enough to what you would expect in a given biome.
Ponderosa pines vs white pines for example.
This also doesn't account for 1. major and minor roads, 2. artificial and natural attractions, 3. other major features people in any given state are familiar with. 4. named places, 5. infrastructure, 6. cities and buildings and towns.
Also I'm pretty sure I cut off part of florida.
Woops, sorry everglades.
Guess I'll just make it a death-zone from nuclear fallout.
Take that gators!5 -
Sign in with Apple...
* Nobody tells you that a app group can consist of a maximum of 6 apps.
* Nobody tells you that suddenly a key id is needed for constructing the signing key for signing the client_secret when other keys are added in the dev portal.
* Apple gives you email and name only (and i mean only) the first time a customer uses Sign In With Apple.
* You have no chance to reset your user during development in a way to try a fresh auth. So either create separate app ids or separate apple ids.
Sounds like fun, right?8 -
Fuck you Twitter for making your widgets createTweet-method only work with the tweet-id as string. Fuck you especially for don't returning nor throwing any error for giving an integer value to it.
This took some time... -
To the front end dev that 'finished' his part of a web form with a Hundred pluss fields. You left every id, name, and label-for as 'first-name'.
I know it saves you time to copy paste and only change what's visible on the page, but FUUUUUUCK YOU! -
Oh boy I got a few. I could tell you stories about very stupid xss vectors like tracking IDs that get properly sanitized when they come through the url but as soon as you go to the next page and the backend returns them they are trusted and put into the Dom unsanitized or an error page for a wrong token / transaction id combo that accidentally set the same auth cookie as the valid combination but I guess the title "dumbest" would go to another one, if only for the management response to it.
Without being to precise let's just say our website contained a service to send a formally correct email or fax to your provider to cancel your mobile contract, nice thing really. You put in all your personal information and then you could hit a button to send your cancelation and get redirected to a page that also allows you to download a pdf with the sent cancelation (including all your personal data). That page was secured by a cancelation id and a (totally save) 16 characters long security token.
Now, a few months ago I tested a small change on the cancelation service and noticed a rather interesting detail : The same email always results in the same (totally save) security token...
So I tried again and sure, the token seemed to be generated from the email, well so much about "totally save". Of course this was a minor problem since our cancelation ids were strong uuids that would be incredibly hard to brute force, right? Well of course they weren't, they counted up. So at that point you could take an email, send a cancelation, get the token and just count down from your id until you hit a 200 and download the pdf with all that juicy user data, nice.
Well, of course now I raised a critical ticket and the issue was fixed as soon as possible, right?
Of course not. Well I raised the ticket, I made it critical and personally went to the ceo to make sure its prioritized. The next day I get an email from jira that the issue now was minor because "its in the code since 2017 and wasn't exploited".
Well, long story short, I argued a lot and in the end it came to the point where I, as QA, wrote a fix to create a proper token because management just "didn't see the need" to secure such a "hard to find problem". Well, before that I sent them a zip file containing 84 pdfs I scrapped in a night and the message that they can be happy I signed an NDA.2 -
So i recently started a new Instagram account with new email ID apart from the personal Instagram account which has my friends from Facebook and even from highschool.
The new account was supposed to be a secret, part of an experiment I'm doing with my life choices. And there i only follow people that i look up to. I'm not expecting anyone from real life to follow me their and i prefer if they don't.
Nobody was supposed to know about this new account other than me. But guess what, it seems this account is being advertised to my friends from other account and some of them are following this new account. I'm 99.9% sure they are following just to get a follow back.
I'm feeling shitty about this, but i ain't gonna follow them back. If i need to see their story and photos, I'd get back on my personal account.
Guess I'll have to suck it up and be okay with fact that those "friends" will be seeing my vulnerable side.6 -
i hate linux like a lot , how do you guys use it
like you guys dont want an advertising ID, how the fuck will advertisers know who you are and what you like?
open source , give me a break, you mean your os devs are soo untrustworthy that you just have to see what they wrote in the code, who does that?
free come on, how poor are you linux people, i mean, quality stuff gets paid for, free stuff just means it's trash
and the linux devs , the aint like real coders they are just hobbysts, making your os in their free time
and who wants to install their own software anyway, on other platforms the company curates restricted software that you can use, and i know you'll say its oppressive but its just customer protection.
and i do want my platform to track everything i do, it only helps them build better stuff for me.
and whenever they decide to outdate my hardware and kill support for it, it only means they care and want me to get the latest tech, how considerate.
wait , i hear you say, there are no bugs in linux, my vendor makes sure my os comes with the latest antivirus software, nothing can break my system.
and just because linux runs on servers and most super computers only shows that common users like you and me are ignored, at least my vendor is not a sellout, and still makes stuff for the masses.
you say freedom i say safety i can sleep safe and sound for am protected nutured under one echosystem of software that i can not leave.20 -
Saw this sent into a Discord chat today:
"Warning, look out for a Discord user by the name of "shaian" with the tag #2974. He is going around sending friend requests to random Discord users, and those who accept his friend requests will have their accounts DDoSed and their groups exposed with the members inside it becoming a victim as well. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Discord is currently working on it. SEND THIS TO ALL THE SERVERS YOU ARE IN. This is IMPORTANT: Do not accept a friend request from shaian#2974. He is a hacker.
Tell everyone on your friends list because if somebody on your list adds one of them, they'll be on your list too. They will figure out your personal computer's IP and address, so copy & paste this message where ever you can. He is going around sending friend requests to random discord users, and those who accept his requests will have their accounts and their IP Addresses revealed to him. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Saw this somewhere"
I was so angry I typed up an entire feature-length rant about it (just wanted to share my anger):
"1. Unless they have access to Discord data centres or third-party data centres storing Discord user information I doubt they can obtain the IP just by sending friend requests.
2. Judging by the wording, for example, 'copy & paste this message where ever you can' and 'Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him.' this is most likely BS, prob just someone pissed off at that user and is trying to ruin their reputation etc.. Sentences equivalent to 'spread the word' are literally everywhere in this wall of text.
3. So what if you block the user? You don't even have their user ID, they can change their username and discrim if they want. Also, are you assuming they won't create any alts?
4. Accounts DDoSed? Does the creator of this wall of text even understand what that means? Wouldn't it be more likely that 'shaian' will be DDoSing your computer rather than your Discord account? How would the account even be DDoSed? Does that mean DDoSing Discord's servers themselves?
5. If 'shaian' really had access to Discord's information, they wouldn't need to send friend requests in order to 'DDoS accounts'. Why whould they need to friend you? It doesn't make sense. If they already had access to Discord user IP addresses, they won't even have to interact with the users themselves. Although you could argue that they are trolling and want to get to know the victim first or smth, that would just be inefficient and pointless. If they were DDoSing lots of users it would be a waste of time and resources.
6. The phrase 'Saw this somewhere' at the end just makes it worse. There is absolutely no proof/evidence of any kind provided, let along witnesses.
How do you expect me to believe this copypasta BS scam? This is like that 'Discord will be shutting down' scam a while back.
Why do people even believe this? Do you just blindly follow what others are doing and without thinking, copy and paste random walls of text?
Spreading this false information is pointless and harmful. It only provides benefits to whoever started this whole thing, trying to bring down whoever 'shaian' is.
I don't think people who copy & paste this sort of stuff are ready to use the internet yet.
Would you really believe everything people on the internet tell you?
You would probably say 'no'.
Then why copy & paste this? Do you have a reason?
Or is it 'just because of 'spread the word''?
I'm just sick of seeing people reposting this sort of stuff
People who send this are probably like the people who click 'Yes' to allow an app to make changes in the User Account Control window without reading the information about the publisher's certificate, or the people who click 'Agree' without actually reading the terms and conditions."8 -
Went through changing Apple ID email. I have 💻,📱and⌚️.
Felt like that horror movie moment when protagonist tries to be stealthy but makes a noise and a huge mob of zombies turn heads all at once. For what I love apple, the simplicity, in the email changing process there is none of that.
They forced me to enter my 60 arbitrary obscure characters password on Apple Watch screen.
On the other hand I felt nostalgic. When I was using Linux this all was my day to day experience no matter the distro, and I got a Linux Foundation certificate, I contributed to Elementary. Can’t imagine the experience of a user who just switched to Linux.
Windows? I don’t want to think about that, let alone talking. You only need to know that I successfully configured a SoE setup AND active directory in ad-hoc unstable network of literally rusty old computers. And I still switched to Linux back then.4 -
Strange : Am I the only person who never got Weekly Top Rant email? Did I configured something wrong?
CLICK the picture to see it... I am sure something is messed up....
Bug1: hey dfox... Please see this...
Leave a comment in a long rant. (like here)
Delete your comment.
How do i reply to the last person's comment?
Feature request: rant id search ability in search8 -
Let's talk about the cargo cult of N-factor authentication. It's not some magic security dust you can just sprinkle onto your app "for security purposes".
I once had a client who had a client who I did server maintenance for. Every month I was scheduled to go to the site, stick my fingerprint in their scanner, which would then display my recorded face prominently on their screens, have my name and purpose verified by the contact person, and only then would the guards let me in.
HAHA no of course not. On top of all of that, they ask for a company ID and will not let me in without one.
Because after all, I can easily forge my face, fingerprints, on-site client contact, appointment, and approval. But printing out and laminating a company ID is impossible.
---
With apologies to my "first best friend" in High School, I've forgotten which of the dozens of canonicalisations of which of your nicknames I've put in as my answer to your security question. I've also forgotten if I actually listed you as my first best friend, or my dog - which would actually be more accurate - and actually which dog, as there are times in my High School life that there were more tails than humans in the house.
I have not forgotten these out of spite, but simply because I have also forgotten which of the dozen services of this prominent bullshit computer company I actually signed up for way back in college, which itself has been more than a decade ago. That I actually apparently already signed up for the service before actually eludes me, because in fact, I have no love for their myriad products.
What I have NOT forgotten is my "end of the universe"-grade password, or email, or full legal name and the ability to demonstrate a clear line of continuity of my identity from wherever that was to now.
Because of previous security screwups in the past, this prominent bullshit company has forced its users to activate its second, third, and Nth factors. A possibly decade-old security question; a phone number long lost; whatever - before you can use your account.
Note: not "view sensitive data" about the account, like full name, billing address, and contact info. Not "change settings" of the account, such as changing account info, email, etc. Apparently all those are the lowest tier of security meant to be protected by mere "end of the universe"-grade passwords and a second factor such as email, which itself is likely to be sold by a company that also cargo cults N-factor auth. For REAL hard info, let's ask the guy who we just showed the address to "What street he lived in" and a couple others.
Explaining this to the company's support hotline is an exercise in...
"It's for your security."
"It's not. You're just locking me out of my account. I can show you a government ID corroborating all the other account info."
"But we can't, for security."
"It's not security. Get me your boss."
...
"It's for security."8 -
In a meeting yesterday working through our WebAPI coding standards, starting from File -> New project..etc..etc.. and ironing out some of the left-or-right decisions so we can have a consistent coding style, working in a meeting room with an overhead projector and sharing keyboard around with one another.
Then we hit the routing 'rules' in the WebApiConfig, "api/{controller}/{id}"…
DevMgr: "Do we need the 'api' prefix? It seems redundant."
Ralph: "Yes it's needed. Prefixing the controllers with 'api' is industry best practice. Otherwise, how is anyone to know it's a web api"
Prancer: "Yea, it's part of the REST standard."
Me: "I don't think so. That is only part of the Asp.Net routing rule. We can put anything we want or take anything out."
DevMgr: "Yea, it looks silly. All the new services are going to be business process specific."
Ralph: "That's how everyone does it. It's kind of the point of why REST services are called WebApi"
Prancer: "What's the point of doing any of this work if we're not going to follow industry standards."
Me: "I understand if the service is part of larger web site, but we're developing standalone services. Prefixing routes with 'api' is redundant. I mean who are these 'everyone' you're talking about?"
<ralph rolls his eyes>
Ralph: "Lets see …uhhh… Netflix?. They're kinda a big deal."
Me: "Like I said, it's an integral part of their site and the services they provide. That's fine. I'm talking about the 12 other 3rd party services we integrate with. None of them have 'api' on any of their routes."
Prancer: "We're talking about serious web services."
Me: "Last time I checked, UPS is a big and serious service."
Ralph: "Their services are a fracking joke" – he didn't say fracking.
Me: "Our payroll system, our billing system, billion dollar companies, didn't have '/api' prefix anywhere. Heck, even that free faxing service we used for a while was a dead-simple routing path."
<I take the keyboard away from Ralph, remove the 'api' from the route.>
Me: "There. Done. Now, lets talk about error handling.."
Rest of the meeting Ralph and Prancer don't say much of anything, arms crossed…I swear Ralph looked like he was going to cry.
This morning I catch my boss…
Me: "What did you think of the meeting? I thought Ralph was going to take a swing at me when I took the keyboard away from him."
DevMgr: "Oh yes…I almost laughed out loud….blows my freaking mind how worked up people get about crap that doesn't matter. Api..or not…who the frack cares. Just make it consistent"
Me: "Exactly…I didn't care either way, but I enjoyed calling out that nonsense."
DevMgr: "Yes..waaay too much."
If I didn't call them on their BS and the 'standard' allowed to continue, I can bet my paycheck when the subject comes up in a few months (another mgr asks 'isn't this api prefix redundant?') Ralph and Prancer will be the first to say "Yea, its stupid. We fought really hard to remove it from the standard...its not our fault...its <insert scapegoat> fault." -
Worked on an Android app that synchronized contacts. Didn't consider the contact id may change, leading to (rare) cases of properties being synchronized to the wrong contacts. Only found out later in production when one of my frequent contacts called - and my phone showed a wrong profile picture for him.
-
Is it ok if i create a trello board and create cards quickly without following any type of agile methodology because the project is only for me? I cant spend hours of my time writing exact and precise cards following some standard
Id have cards like Todo Doing and Done
Thats it just so i can keep track quickly and focus most of my time on code
Is this ok8 -
macOS facts:
- Darwin core is open-source (https://github.com/apple/darwin-xnu). Not the case with Windows.
- You can use macOS without using any Apple online service like Apple ID, FaceTime or iCloud. Terminal will still work without restrictions, and any app can be installed manually. It's totally different from Google services on Android, without which most of the apps won't work at all.
- macOS updates are trivially to disable. It's a matter of unchecking "Update this mac automatically" checkbox in software update settings. Not the case with Windows, Windows updates are universally hated among developers for intentionally complex UI and update services being very hard to disable.
- Almost every feature or default behavior you dislike can be trivially disabled with one console command. Features won't re-enable automatically like I heard update service does in Windows. The only feature I dislike that I wasn't able to disable was a notification about unsafely unplugging a USB flash drive.
- Out of the box, you get a sophisticated disk manager that allows all kinds of manipulation on drives, just like what you get in Ubuntu.
- Just like on smartphones, you can trivially restrict or provide access to certain features like camera, microphone, etc. on app to app basis. I don't know how to easily do it in Linux, let alone in Windows.
- Apart from mastodons like GIMP, I find open source apps for macOS to have better UI than their Linux alternatives.
- Objective-See offers useful FOSS apps for macOS, they help with privacy and malware detection: https://objective-see.com/products....
I don't want to start a fight. Please, abstain from commenting on one OS being better / worse than the other. Please, don't comment on Mac computers being better / worse than computers of some other vendor. I'm very confused now because of my Dunning-Krueger thing (read my previous rants), so I just want to present the facts about macOS that I think deserve more exposure.27 -
Visual studio intellisense is going to make me commit bridge jump
In HTML, it's changing "id" to "itemid" ???
In JavaScript, it's changing document.getElementById and document.querySelectorAll to documentgetElementById and documentquerySelectorAll ????
What the fuck is this horse shit. It's only getting worse and worse. It's like Mt. Saint Helen blew up 5 minutes ago, they updated the system, and accidentally set off the Yellowstone Giga-volcano. Fuck you, william gates.5 -
i love chromebooks, but i wish they built them with more storage. i know that everything by google is based on the cloud and shit so most chromebooks only have like 4gb of storage but if there was a chromebook with 256gb id be in heaven. does anyone else think chromebooks look really nice compared to other laptops?4
-
I fix antique code for a living and regularly come across code like this, and this is actually the good stuff!
Worst usecase for a goto statement? What do you think?
int sDDIO::recvCount(int bitNumber){
if (bitNumber < 0 || bitNumber > 15) return 0; //ValidatebitNumber which has to be 0-15
//Send count request
if (!(send(String::Format(L"#{0:X2}{1}\r", id, bitNumber)) && flushTx())){
bad: //Return 0 if something went wrong
return 0;
}
String^ s = recv(L"\r"); //Receive request data
if (s->Length != 9) goto bad; //Validate lenght
s = s->Substring(3, 5); //Take only relevant bits
int value; //Try to parse value and send to bad if fails
bool result = Int32::TryParse(s, value);
if (!result) goto bad;
int count = value - _lastCount[bitNumber]; //Maximumpossible count on Moxa is 65535.
if (count < 0) count += 65536; //If the limit reached, the counter resets to 0
_lastCount[bitNumber] = value; //This avoids loosing count if the 1st request was
//made at 65530 and the 2nd request was made at 5
return count;
}4 -
If you were to teach others a last thing before you die, what would you say?
Id tell my surroundings to use time efficiently. We only have like 800.000h, assuming that we become 100 yo. thats nothing.
Please dont make jokes, id really like this to be an informative thread18 -
Integer range is 2,147,483,647. Facebook has 2.96B users. Facebook is the only company that graduated from int to unsigned int, which is 4,294,967,295.
And you're using bigint as an id for the “users” table. I just laugh.10 -
One of our projects migrated their file-repository to another one during a major release.
Instead of giving this task to an experienced programmer, they gave it to the head of the respective dev department due to the usual release panic.
Soo.... He wrote the migration tool. It was executed during the release. Everything seemed fine so far.
A few days later. Someone from the above project came to my team due to some "strange behaviour on the production database".
They reported that they couldn't download some of the user's documents due to unknown reasons.
After quickly analyzing the current state of the new file-repository, we concluded that the affected documents did not exist in the new repository.
Then we took a look at the so called migration tool...
Well.. After nearly 30 min. we knew the root cause for that.
They only migrated the first 4 levels of the folder structure. Due to the assumption that "we don't use deeper nesting". (Facepalm)
As the head of their department wrote it, no one seems to questioned it either. Nor did they made a code review and ended up with a tool with hard coded urls to the production db, no version control, no build tool, no ci, nothing. Breaking nearly every possible company standard.
However.. That's not it. When analyzing their migration tool we noticed another even more dangerous thing.
They mixed up the id generation of the migrated documents resulting in a random assignment between customers and documents. Which is quite bad as this contains sensitive information. E.g. passports
They offered us quite a nice amount of money to fix this until EOB. We declinded as it was simply not possible in that time, but agreed to support them with the new tool.
After some time I heard that they migrated production again. And they fucked it up again. They never talked to us after we offered them support...
The third and final migration was written by us. Not only migrated it correctly. It was also way faster. By factor 20.
In the end we haven't gained anything from this rushed project as the penalties were piling up due to this fucked up migration.
After all this time I'm not sure who is to blame. In my opinion, partly all of them.
Head of department who can't and shouldn't code.
Seniors who didn't review the code and didn't ask for help.
Release mgmt who put way too much pressure on the devs. -
The global joke of Information Security
So I broke my iPhone because the nuclear adhesive turned my display into a shopping bag.
This started the ride for my character arc in this boring dystopia novel:
Amazon is preventing me from accessing my account because they want my password, email AND mobile phone number in their TWO.STEP Verifivation.
Just because one too many scammers managed to woo one too many 90+y/o's into bailing their long lost WW2 comrades from a nigerian jail with Amazon gift cards and Amazon doesn't know what to do about anymore,
DHL is keeping my new phone in a "highly secure" vault 200m away from my place, waiting for a letter to register some device with a camera because you need to verify your identity with an app,
all the while my former car insurance is making regress claims of about 7k€ against me for a minor car accident (no-one hurt fortunately, but was my fault).
Every rep from each of the above had the same stupid bitchass scapegoat to create high-tech supra chargers to the account deletion request:
- Amazon: We need to verify your password, whether the email was yours and whether the phone number is yours.
They call it 2-step-verification.
Guess what Amazon requests to verify you before contacting customer support since you dont have access to your number? Your passwoooooord. While youre at it, click on that button we sent you will ya? ...
I call this design pattern the "dement Tupi-Guarani"
- DHL: We need an ID to verify your identity for the request for changing the delivery address you just made. Oh you wanted to give us ANOTHER address than the one written on your ID? Too bad bro, we can't help, GDPR
- Car Insurance: We are making regress claims against you, which might throw you back to mom's basement, oh and also we compensated the injured party for something else, it doesn't matter what it is but it's definitely something, so our claims against you just raised by 1.2k. Wait you want proof we compensated something to the injured at all? Nah mate we cant do that , GDPR. But trust me, those numbers are legit, my quant forecasted the cost of childrens' christmas wishes. You have 14 days or we'll see you in court haha
I am also their customer in a pension scheme. Something special to Germany, where you save some taxes but have to pay them back once you get the fund paid out. I have sent them a letter to terminate the contract.
Funniest thing is, the whole rant is my second take. Because when I hit the post button, devrant made me verify my e-mail. The text was gone afterwards. If someone from devRant reads this, you are free to quote this in the ticket description.
Fuck losing your virginity, or filing your first tax return, or by God get your first car, living through this sad Truman dystopia without going batshit insane is what becoming a true adult is.
I am grateful for all this though:
Amazon's safety measures prevented me from spending the money I can use to conclude the insurance odyssey, and DHLs "giving a fuck about customers" prevention policies made me support local businesses. And having ranted all this here does feel healthy too. So there's that.
Oh, cherry on top. I cant check my balance, because I can only verify my login requests to my banking account wiiiiiiith...?2 -
¡rant|rant
Nice to do some refactoring of the whole data access layer of our core logistics software, let me tell an story.
The project is around 80k lines of code, with a lot of integrations with an ERP system and an sql database.
The ERP system is old, shitty api for it also, only static methods through an wrapper to an c++ library
imagine an order table.
To access an order, you would first need to open the database by calling Api.Open(...file paths) (yes, it's an fucking flat file type database)
Now the database is open, now you would open the orders table with method Api.Table(int tableId) and in return you would get an integer value, the pointer.
Now for the actual order. first you need to search for it by setting the search parameter to the column ID of the order number while checking all calls for some BS error code
Api.SetInt(int pointer, int column, int query Value)
Then call the find method.
Api.Find(int pointer)
Then to top this shitcake of an api of: if it doesn't find your shit it will use the "close enough" method of search.
And now to read a singe string 😑
First you will look in the outdated and incorrect documentation given to you from the devil himself and look for the column ID to find the length of the column.
Then you create a string variable with ALL FUCKING SPACES.
Now you call the Api.GetStr(int pointer, int column, ref string emptyString, int length)
Now you have passed your poor string to the api's demon orgy by reference.
Then some more BS error code checking.
Now you have read an string value 😀
Now keep in mind to repeat these steps for all 300+ columns in the order table.
News from the creators: SQL server? yes, sql is good so everything will be better?
Now imagine the poor developers that got tasked to convert this shitcake to use a MS SQL server, that they did.
Now I can honestly say that I found the best SQL server benchmark tool. This sucker creams out just above ~105K sql statements per second on peak and ~15K per second for 1.5 second to read an order. 1.5 second to read less than 4 fucking kilobytes!
Right at that moment I released that our software would grind to an fucking halt before even thinking about starting it. And that me & myself and I would be tasked to fix it.
4 months later and two weeks until functional beta, here I am. We created our own api with the SQL server 😀
And the outcome of all this...
Fixes bugs older than a year, Forces rewriting part of code base. Forces removal of dirty fixes. allows proper unit and integration testing and even database testing with snapshot feature.
The whole ERP system could be replaced with ~10 lines of code (provided same relational structure) on the application while adding it to our own API library.
Best part is probably the performance improvements 😀. Up to 4500 times faster and 60 times less memory usage also with only managed memory.3 -
Wow just realized Simpsons had an episode on crypto... all the way back in February.
If only the the MVC would actually mail me my new drivers license that I renewed almost 6 months ago... I could actually buy some... (exchanges require ID verification, so much for anonymity ¯\_(ツ)_/¯)6 -
Found in kernel/sched.c in Linux 1.2:
The "confuse_gcc" goto is used only to get better assembly code..
Dijkstra probably hates me.
https://git.kernel.org/pub/scm/...3 -
case "addprem" : {
if (isGroup) return reply('This command can only be used in private chat!')
if (args.length < 2) return reply(`Kirim perintah : ${command} number|total`)
if (!q.includes('|')) return reply(`Incorrect usage, use the | . symbol`)
var numb = q.split('|')[0]
var total = q.split('|')[1]
var number = numb.replace(/[+| |(|)|.|-]/gi, "")
if (isNaN(parseInt(number))) return reply('Thats not your number😥')
reply('Success')
let addprems = [];
var object_buy = {
ID: pushname,
number: number,
session: total
}
fs.writeFile(addprems, JSON.stringify(object_buy, null, 3))
break
}5 -
Privacy nightmare!
So i had bought a second hand iPhone and it seemed the phone was reset as it had only the default apps.
But as soon as I downloaded Google Chrome on to it, things started to get weird. When i opened the newly downloaded Google Chrome app, it showed someone else's Google account already logged in Chrome. I went to the Chrome settings and the account section gave me full control over this person's Google account.
Not wanting any trouble, i didn't go further and removed that account from the browser.
I then logged in to Google Chrome via one of my "project specific" google account i had created months ago and it added fine. But guess what I found when checking out safari browser.
Safari has somehow synced bookmarks from my main & personal Google account!!
I'm just stunned. I didn't even provide gmail id of my personal Google account and safari somehow was able to get bookmarks from it.
I'm kind of scared now. 😵3 -
After waiting weeks and weeks for my account to be deleted (they asked for email to support for that, altough egistration takes 5s) I finally asked last time, this time using magical word "GDPR"
Got my account and data deleted under an hour and now their account settings page have delete account button. Even if it's this fake one which only changes email/id to prefixed one, still it was worth it.8 -
We had a issue with a webstore that was only affecting users on Windows: one button didn't do anything.
The colleague that was working on the ticket was running Arch, and for him it was working as expected. He reported that the bug couldn't be replicated on Chromium, Firefox or qutebrowser. But our designer, who was running Windows 10, commented that it wasn't working for her in either Chrome or Firefox.
Some more conflicting reports later a colleague using Windows managed to fix it. It was caused by querying the button elements by id selector instead or a class selector. There was multple buttons, one for each product row.
I guess there just are platform differences that aren't specific to browser but instead the OS, that could have caused it7 -
SAP Ariba.
Imagine you can test newly created catalogs, but on error you only receive an error ID, which you have to send to a support email to get the acual error message, but support only responds after maybe 2 weeks if you're lucky.
How hard can it be to implement a log viewer next to your catalog testing forms. -
That time when I requested someone from a different department to include the ID row in their database excerpt. Me, having the lowest possible status in the company, did not know the who I wrote to was the boss over at the other department. So I ask straight forward: "Could you please include the ID row?"
Then a damn long email comes back stating that there was absolutely no time for stupid shit as mine. There existed no ID row and I would only waste his time. All further requests should be route via my boss.
So, fuck, he's pissed. So what he deserve? A shit load of honey right into his mouth, like he wants to.
That company had a huge ass hierarchy in job positions and I was at the bottom. So I write my oh-im-so-sorry-mail.
~I never knew what position he had and that I would of course fuck off with my stupid request.~
What was his response?
Oh, yeah, thanks. Have a look into the attachment, is that the ID row you requested?
Yeah, as one can guess, it was.
Stupid honeyfucker. Of course an ID row exists, duh. -
What makes free ssl "Unsuitable for e-commerce websites", Please read to end to see my view point.
From Namecheap:
Free Certificates are domain validation only which means they don't certify the identity of the website owner, they simply ensure a secure connection. Customers can't be sure of the integrity and trustworthiness of the website owner. If you need to secure credit card and personal information on e-commerce websites, free certificates aren't the answer. It's important your customers trust your business is safe enough to hand over these details. To gain this trust, you need a certification of your authenticity, which you can only get with a (paid) Business Validation or Extended Validation SSL Certificates.
https://namecheap.com/security/...
* "To gain this trust, you need a certification of your authenticity"
~ But isn't that just Domain Verification and other Extras, What justifies somebody or business's authenticity? Tax Id, Valid Address, Nobody is going to study the ssl cert to make sure that amazon.com is a valid business and has a tax Id.
* "domain validation only which means they don't certify the identity of the website owner,"
~ Wouldn't this just be the domain validation test that is required when using services like LetsEncrypt using Certbot etc, or are we referencing back to this idea that they look for a Valid Tax Id sort of thing?
* "If you need to secure credit card and personal information on e-commerce websites, free certificates aren't the answer"
~ Why is the paid version going to do double encryption, is the CA going to run a monitoring tool to scan for intrusions like a IDS or IPS? (disregard the use of DNS Validation being in the picture)
Am I missing something, this just seems like well crafted text to get people to buy a cert, I could understand if the encryption was handled differently, Maybe if they checked the site for HSTS or HTTPs Redirect or even, They blocked wildcard SSL before and now with the paid its included, but overall it doesn't sound like anything special. Now I'm not just picking on namecheap because domain.com does the same.14 -
Having gone to a bank to reset a password again today (Yes, I forgot it for like... 3rd time, don't judge me, its my backup bank account I need to access like... once a year), I was once again made to think - I come in, give them my state ID by which they authorize that I can even make a password reset request.
Then they give me a tablet to... sign a contract addendum?
Its not the contract part that always makes me stop and think though - its the "sign" part.
I'd wager that I am not the only one who only ever uses a computer to write text these days. So... My handwriting got a lot jerkier, less dependable. Soooo... My signature can be wildly different each time.......
And if my signature varies a lot... then... what is the point of having it on a piece of paper?
I know its just a legal measure of some sort... And that, if it came down to someone impersonating me and I'd go to court with the bank, there would be specialists who can tell if a signature was forged or not... But...
Come on, the computer world has so much more reliable, uncrackable, unforgable solutions already... Why... Don't all folks of the modern world already have some sort of... state-assigned private/public keypairs that could be used to sign official documents instead?
It costs money, takes time to develop etc... But... Then, there would not only be no need to sign papers anymore... And it would be incredibly hard to forge.
The key could even be encrypted, so the person wishing to sign something would have to know a PIN code or a password or something...
tl;dr: I hate physical signatures as a method of authentication / authorization. I wish the modern world would use PKI cryptography instead...11 -
How much zucchini is too much zucchini?
I know I have WAY too much...
I knew at least when 1st considering D20 zucchini breads.
then when i began to wonder if the remaining batter would work with my death star waffle iron...ill know tomorrow!
....ran out of typical pans, incl foil ones(normal and mini for easy gifting)
- gave 1 away (similar sized as in pic)
- approx. 2 lg zucchini bread loaves in fridge (gave away 2, ate a ½)
- cut up\froze enough onions\peppers\pak choi to a min. acceptable zucchini : everything else stir fry ratio... x20 servings
- similarly, green onions, pak choi, marinated sesame fried tofu bits, zucchini and miso (quick miso soup) x16
- thinly sliced enough to layer it into ~20 lg servings of lasagna.
... zucchini in pic is slightly larger than the one that made the many aforementioned and pictured loaves of zucchini bread
apparently, in a week tops, I'm gonna have at least another 3 more THAT size needing to be picked
anyone in the continental US want some zucchini bread? or, if in michigan, zucchinis?
i didnt even plant much... actually only about ½ of other years.
i am also having some serious overflows coming of (at least) grapes and watermelons.
grapes...
when i bought this place, this odd, square, surrounded by cement walkways, area, with an increasingly problematic tree (risking cable\electric lines, foundation, etc) and so dense with weeds that I learned, dandelions have a giant, bush-like form, with heights beyond 8ft tall.
i grew up hanging out in the nearby woods, noticing that weeds lost the fight vs raspberry\blackberry plants. being handicapped\lazy\experimental, w\ev, i figured id just kill it all then fill it with random berries... knew nothing about grapes so just got 4+ random types... apparently they are all fancy\expensive grapes... and reeeeeaally produce. i already had to pick ~10lbs.
watermelons-
idr if i planted normal ones and little ones or just little ones... idk how to tell without cutting them open or maybe just watching a long time to see if they stopped growing?
anyone with advice (or seeking watermelons) is welcome.
assuming (hoping) they are mini ones there's at least 2dz that are at least ping pong ball size.... and around 100 little yellow flowers still.
i totally get that my frustrating problem with produce here would be beyond welcomed by most people... but seriously... wtf do i do with a few dozen to over a hundred (hopefully mini) watermelons, so many zucchini that, despite personal daily consumption and at least a half dozen friends that love zucchini bread and\or my secretly healthy lasagna(my friends tend to be guys), but have their limits capping out, plus mine, at less than ½ whats rapidly being produced and, apparently, thousands of dollars worth of hundreds of pounds of fancy grapes???
there's an interesting old lady across the street who'll take at least what her and husband can possibly consume,.. even makes grape jam, but thats still only a few dz lbs tops.
it seems wrong to kill the plants (or even to remove a large amount of blossoms and feed them all to JSON (lil tortoise)... pretty sure he's already getting tired of them just from the few that fell off in the wind or something.
i wish i knew some farmers that do farmers market things... but that kinda seems super suspicious... 'hey mr farmer... want a large supply of expensive grapes, watermelon and zucchini, for free? you can sell them to random people, or just give them away. i dont want money or anything...' idk... seems like the beginning of one of those movies that either has evil alien plants assimilating all land mammals, or where there's some crazed medical researcher convinced that there's a massive, underrated threat without enough attention for vaccination production funds-- so they are gonna release some deadly virus supposedly to save the world.
ive been cooking too long.
ideas pl0x?86 -
Just found the most embarrassing security hole. Basically a skelleton key to millions of user data. Names, email addresses, zip codes, orders. If the email indicates a birthdate, even more shit if you chain another vector. Basically an order id / hash pair that should allow users to enter data AND SHOULD ONLY AUTHORIZE THEM TO THE SITE FOR ENTRING DATA. Well, what happend was that a non mathing hash/id pair will not provide an aith token bit it will create a session linked to that order.
Long story short, call url 1 enter the foreign ID, get an error, access order overview site, profit. Obviously a big fucking problem and I still had to run directly to our CEO to get it prioritized because product management thought a style update would be more important.
Oh, and of course the IDs are counted upwards. Making them random would be too unfair towards the poor black hats out there.1 -
Final step in application process!! 😆😆
Got a video call with manager and 2 others from department on Friday.
Also hilarious finding yesterday
I got an email from my cousin who's getting married, with the address and all that. Which I immediately looked up and weirdly recognized the area.
Turns out her wedding is a 23 minute walk from the building id be working at if I get this job.
Hilarious coincidence since the wedding has be 'in planning' or whatever it reffered to as for months
And I've been trying to get this position for like only 2 weeks3 -
So this is my first experience of shitty code written by colleague
God, for REST API she used ?id=<int>
Not only that,
if the route was /cms
she used GET method for /cms/get/?id= to get single record and
/cms/getAll again in GET method to get all records
Damn15 -
I'm such a fucking idiot
I'm setting up an api and to prevent unwanted fields or circular dependencies from showing up I define what fields should appear in a few serialization yaml files.
These files define what fields should appear in a given context. The default context for every field is to always show the id, and only a call to /posts will give you all the fields of the posts for example. This means that if you retrieve a comment with a linked post, the post will only show up as an id, but the comment will have all its fields.
I've been struggling with a stupid problem for 2 hours, I could verify that the yaml files were loaded in, all entities had such a file and the configuration was exactly according to the docs.
Guess why my api calls still caused circular errors?
Because I forgot to do the $view->setContext$this->defaultContext); call that determines what context should be used for the response.
FUCK ME WHY DID IT TAKE SO FUCKING LONG TO FIGURE THAT OUT OMG
Google you say? Ofcourse I hunted google results! But I was unknowingly part of an XY problem and was looking for what the problem wasn't >:(
At least it works now, ugh1 -
So when we started this project like 4 years ago... new to the framework, kickstarting lot's of forms with file uploads. Everything seemed to work fine, uploads and downloads worked..
First version of the project got deployed to prod and for weeks or so users have been registering and submitting stuff...
Only problem was: most files were overridden by consecutive uploads as our central upload lib stored files with the same name on disk (normally the ID of the db row was injected but most files were saved before the db row was - resulting in 0 IDs...)
Yeah so... that hurt :(1 -
Fk you Google!
My Samsung note 10 screen went dead near a week ago... it's a secondary line so waiting for parts wasn't the end of the world.
Ofc the screen (curved and incl a fingerprint reader thatd be a major pain to not replace) was integrated to the whole front half... back panel glued, battery, glued immensely and with all other parts out, about 6mm space only at the bottom to get a tool in to pry it out.
New screen (off brand) ~200... all genuine parts amazon refurb ~230... figured id have some extra hardware for idk what... i like hardware and can write drivers so why not.
Figured id save a bit of time and avoid other potentially damaged (water) components to just swap out the mobo unit that had my storage.
Put it back together, first checked that my sim was recognised since this carrier required extraneous info when registering the dev... worked fine... fingerprint worked fine, brave browser too...
Then i open chrome. It tells me im offline... weird cuz i was literally in a discord call. My wifi says connected to the internet (not that i wouldn't have known the second there was a network issue... i have all our servers here and a /28 block... ofc i have everything scripted and connected to alert any dev i have, anywhere i am, the moment something strange happens).
Apparently google doesnt like the new daughter board(i dislike the naming scheme... its weird to me)... so anything that is controlled by google aside from the google account that is linked to non-google reliant apps like this... just hangs as if loading and/or says im offline.
I know... itll only take me about the 5-10m it took to type this rant but ffs google... why dont you even have an error message as to what your issue is... or the simple ability to let me log in and be like 'yup it's me, here's your dumb 2fa and a 3rd via text cuz you're extra paranoid yet dont actually lock the account or dev in any way!'
I think it's a toss up if google actually knows that it's doing this or they just have some giant glitch that showed up a couple times in testing and was resolved via the methods of my great grama- "just smack it or kick it a few times while swearing at it in polish. Like reaaaally yelling. Always worked for me! If not, find a fall guy."7 -
Me: You decided some records in system A should be obsolete, but the records are tied to active user accounts on the website. Now, I have users emailing and asking why their profile’s last name field says “shell record - do not use.”
Stakeholder: Oh…can’t you stop those profiles from loading? Or redirect the users to the right record in system A? In system A, we set up a relationship between the shell record and the active one.
Me: 😵 Um, no and no. If I stop a user’s profile from on the website, that’s just going to cause more confusion. And the only way to identify those shell record is to look at the last name field, a text field, for that shell record wording. Also, the website uses an API to query data from system A by user id. Whatever record relationship you established isn’t reflected in the vendor’s API. The website can’t get the right record from system A if it doesn’t have the right user id.7 -
So working for a company and the dev team I’m apart of works on a legacy rails app. Technical debt is high, no automated tests, no proper routing and also running unsupported versions of the language.
I joined seven months ago and got the current team doing automated testing so that’s a plus, they bought this app four years ago and there’s been no language updates, testing, cleanup, security updates, nothing, just adding to bad code.
Now we’re looking to actually upgrade language versions, the language and the framework now this will cause a lot of stuff to break naturally due to how outdated it is.
So I started putting proper routes into place how things should of been when things were being built as we have some spare time I decided to go out of my way to clear up some of the technical debt to get ahead of the curb. Re-done an entire section of the app, massive speed improvements, better views, controller, model, comment clean up and everything exactly how it should be.
I push the PR,
*other dev* - “why are we doing all of these other changes”
*me* - “well to implement routes properly, we have to use the new routes I just did some extra cleanup along the way”
*today, me* - “can you lend me a hand with one of the routes the ID isn’t getting passed”
*today, other dev* - “this wouldn’t of happened if you didn’t redo all these files, let’s just scrap the changes”
…
Sooo, I’ve spend three weeks improving one section in the app, because I’m having issues with one route according to this dev I should scrap it? Wait come again, am I the only one in this team who cares about making this app better all round?
Frustrating…4 -
Let's pick a datepicker for the project. Me: jquery-ui ? Supervisor: No something better.
Jquery-ui: any css selector, standard date format masks (dd/mm/yyyy or mm-dd-yyyy....), Opens if the field is access using Tab key
Something better: only Id selector, custom date format mask ( %d/%m/%Y ...), Tab does not work -
#justAthought
I was reading about public and private keys yesterday, and i had a thought: don't you think the concept of "username" is being so badly misused?
It can act as a great firewall, but we are just misusing it as an alternative to "login via email", because we are now so dumb to remember our email.
You might think of my rant as being going back in time, but think about this: my profile shows the name titanlannister. if someone got access to my password, he/she can immediately take over my complete identity because devrant allows us to login via username/password combo.
Now think of this: my username shows titanlannister. Anyone of you can write a post and mention me via @titanlannister, and this system will notify me. However even if you get my password, you are unable to hack into my profile, because my profile is only accessible via my email id/password combo, which you still don't know.
This, I would call as Platform Public Key which adds a kind of semi firewall over default public/private key combination .
What do you think?5 -
So a while back I had found a hole in a website's security, one that I has used pretty frequently. I was able to change my cookies and become any user I wanted. The only caveat was that I had to log in as a user in order to get things started. But once I was in I could basically be anyone I wanted to be just by changing a few numbers in the user ID of the cookie. They also did all of their user processing on the client side. Even password checks.
A couple weeks back I decided to go back in to see if anything had changed since then. It did! But not in the way I had thought.
So these guys decided that instead of fixing their security hole, they would have users just contact their people directly in order to get a new account.
Wow that's so much fucking overhead for basically being a lazy shit and not fixing the security holes. I mean how bad is your architecture if you can't go in and fix this?
Not only that I found that they actually stripped all of the users of their original subscriptions. So now if you want to get back on your subscription you'll have to fork over another $399. So that means going to their shitty form filling out your name, your number, email, and just hope that someone contacts you via phone call.
I'm glad I dropped this service. They clearly can't get their shit together.rant hackerman what the fuck are you doing bold and brash it's all shit more like belongs in the trash front end is shit back end is shit -
Don't people learn the basics of how things work anymore ?!
I am cleaning this project, where some juniors have implemente a lot of the code.
Apparently, the way of deleting an entity from the database is:
1) SELECT the entire row and cast it to a model class
2) CONVERT that model class to a DTO class
3) READ the Id property from the DTO class
4) SELECT the entire row, again, and this time cast it to a DTO class
5) CONVERT that DTO class to a model class
6) Use you pancy-pants ORM delete method using the entire model class as input argument..
FUCK YOU !
inb4 what about reference checks ?
- Nope. That is done separately using only the Id
inb4 what about checking if someone else has altered it before deleting
- Nope, the entire entity is not used for that either.3 -
What does my current job hate descriptive names? Like to the point of active antagonism? We're a subscription based service. Why is SubscriptionExpiration the date you log in? Why does SubscriptionStatus only contain the name and id of product you're subscribed to and nothing to do with an actual status? All I need is the date a user subscribed. Why is this so hard!?!?7
-
So the De-Cix Frankfurt operater sued the german secret service (BND) for taping into the traffic.
They are apparently trying to exclude Traffic from german citizens by filtering for .de domains... Because id never browse any fucking other websites! And not every german website uses .de domains.
The Government justifies this by saying ""If the calculated reference value (Amount of data collected) is increased only strongly enough, the BND (...) can monitor 100 percent of the traffic it really wants (" full take ")."
("Wenn die rechnerische Bezugsgröße nur stark genug erhöht wird, kann der BND (...) den von ihm wirklich gewünschten Verkehr zu 100 Prozent überwachen ("Full Take").")
When will they fucking learn, that mass surveillance is a fucking bad idea?
Article (German): http://sueddeutsche.de/digital/...2 -
So we develop several apps for Android.
And since the whole company is full of .Net developers we´re using Xamarin.
That piece of software alone is worth more than one rant.
But today someone called and said he updated to the latest version he got from our server.
But now one of the menu points in the settings menu is opening the wrong mask.
I´m like ... what? Who fucked that one up now. Ok...
I look at the code and, I didn´t expect it to be honest, but it looks alright.
The menu point has the correct id. The function "OnOptionsItemSelected" looks for the correct id and opens the correct activity.
Just to be sure I also check the activity.
Everything good.
So I start up an emulator. Deploy the app in debug. Works correctly.
Create a self signed apk and install it on the emulator. Works.
Repeat the same with a tablet and my personal phone. It works.
Then I install the apk from the server and would you look at that.
It opens the wrong mask.
So it seems only if the app is compiled on the release server it shows that strange behaviour.
And for the love of my 1080ti I can´t figure out what causes it...
Thank you Xamarin! -
So after waiting 3 days for an ID to get into a computer, I'm now told it's going to take 12-14 hours before I can do online security training just so I can actually start working. I'm only at this job for a month and I'm not going to even touch any real work at this rate...
Oh well, at least I'm paid by the hour, not by the amount of work -
German public service digitization. Websites celebrating the new "digital functionality" of the federal ID card, but if you need to prolong the actual card, you have to visit a public administration center in person, no way to prove your existing valid ID in a zoom meeting although that's de-facto standard accepted even when opening a bank account, plus they have all of my data so they should know I have a valid ID and they could just send the new one to my postal address.
So I have to appear in person at their offices, so I need an appointment, but in times of covid pandemic, appointments are rare and only offered on a day-to-day basis in my hometown, that's why I have to visit their online appointment web app at 7 a.m. in the morning to grab one of the few appointments when they are released.
Don't tempt me to write a script that squats all the other appointment slots to resell at the highest prices...
Situation reminds of the times when it was even harder to get a vaccination against covid, and the media kept reporting about the minority that refused to get vaxxed, so they didn't have to admit there wasn't enough vaccine anyway.
This rant is not about politics, it's about the failure of bureaucracy, but if it was about politics, I would just quote Rezo that it shows who had governed this state for sixteen years.
When I rant about German internet connectivity, people usually reply that the web is much better in Taipeh, Bangalore or Guadalajara, so I can still have some hope that it's not all of the world that's totally lost.
So give me some hope, folks.6 -
This, thankfully, I didn't create myself. A shop I recently ordered something from had the worst username / password default combo.
After registration they gave you a default Password, your zip code. And your unchangeable username is your customer id, a five digit number which just increments for each new user. And because it is a shop which is only used by people of the same region there are maybe 10 different zip codes. -
i never knew id reach that point when i need to take a break from programming and everything that has been causing me so much stress for the past few days. and to be honest, it actually feels great to be focused on only one thing instead of stressing out on different projects and debugging them all at once.
in a few days, ill prolly go back to programming some side projects. its not like i can keep myself away from them...
programming is like a magnet for. that magnetic force is growing stronger day by day and im being pulled closer to it. im happy about it except for some occasions when i get too stressed.4 -
When everyone on YouTube has interfaces that definitely do NOT appear to you :/
I was supposed to create my pixel, give it a cute lil name and then test events ( Facebook ).
But NOOO ofc I would get a ton of issues in the process, everyone is able to connect their pixels safely but it took Facebook more than what, 4 days now ? To kindly inform me that:
Server external ID not matching to pixel external ID
You're sending the external_ID parameter for your PageView event from your server, but you're not sending the external_ID parameter for this event from your pixel. If you send external_ID for an event from your server, you must send it from your pixel as well in order for that event to be valid.
How am I even supposed to know how to fix that ! I just started learning programming, the only thing I know how to do is use Linux and write a ciao mundo C program. Now my store was supposed to be launched a week ago and I am still looking for solutions to this. Ugh.7 -
!rant
Hey guys i relased a new app called: SaleMonkey. Im currently working on the next update an would like to get some serious feedback from people who look at the app with a developer mindset to spot some Problems.
I hope its not Bad if i poste a linkt to my app. You can get it here:
https://play.google.com/store/apps/...
Currently only on Android. Ios Version is planed for next year.
Thanks20 -
Ok... so I have a unique question/opportunity. I can't give all the details but here's the jist:
3yrs ago I was hired to consult a now prominent(still decently well known then) web-based company with many thousands of users, dealing with a lot of money and leveraging a social environment. They had several issues but initially they really needed me to find/train chat mods.
I did not take the offer for monetary reasons, like all consulting I've done, I had additional reason and/or fondness to fix the issues. In this case it was an interesting challenge and I knew several customers and some support staff so it'd be worthwhile.
They (without request) reduced their typical 2mo probationary period to 2wk for me. With less than a day left of that period, I was 'hacked' via a pushed telegram update, on the account they made me create for work purposes (they had control of the phone number not me).
During this 'hack' one of the 2, currently active, culprits sent a message to his tg account from the 'hacked' one and quickly deleted the entire convo. The other pretended (poorly) to be me in the chat with the mods in training (at least a few directly witnessed this and provided commentary).
Suddenly, I was fired without any rationale or even a direct, non-culprit, saying anything to me.
The 'hack' also included some very legit, and very ignorantly used, Ukrainian malware.
This 'hack' was only to a 2nd gen lenovo yoga I got due to being a certified refurbisher... just used for small bs like this chat mod/etc job. I even opened up my network, made honey pots, etc., waiting for something more interesting... nope not even an attempt at the static ip.
I started a screen recording program shortly after this crap started (unfortunately after the message sent be 'me' to the dude who actually sent it happened... so i still dont know the contents).
I figured I'd wait it out until i was bored enough or the lead culprit was at a pinnacle to fall from...
The evidence is overwhelming. This moron had no clue what he was doing (rich af by birth type)... as this malware literally created an unhidden log file, including his info down to the MAC id of his MacBook... on my desktop in real time (no, not joking... that stupid)
Here's my quandary... Due to the somewhat adjacent nature of part of our soon to be public start-up... as i dont want it to turn into some coat tail for our tech to ride on for popularity... it's now or never.
Currently im thinking, aside from any revenge-esq scheme, it'd be somewhat socially irresponsible to not out him to his fellow investors and/or the organisation that is growing with him as one of few at the forefront... ironically all about trust/safety/verification of admins in the industry.
I tried to reach out to him and request a call... he's still just as immature. Spent hours essentially spamming me while claiming it wasnt him but hed help me find whoever it was... and several other failed attempts to know what i had. When i confirmed he wasnt going to attempt a call, i informed him id likey mute him because i don't have time for back and forth bs. True to form he deleted the chat (i recorded it but its of no value).
So... any thoughts?7 -
Allright, so now I have to extend a brand new application, released to LIVE just weeks ago by devs at out client's company. This application is advertised as very well structured, easy to work on, µservices-based masterpiece.
Well either I lack a loooot of xp to understand the "µservices", "easy to work on" and "well structured" parts in this app or I'm really underpaid to deal with all of this...
- part of business logic is implemented in controllers. Good luck reusing it w/o bringing up all the mappings...
- magic numbers every-fucking-where... I tried adding some constants to make it at least a tiny bit more configurable... I was yelled at by the lead dev of the app for this later.
- crud-only subservices (wrapped by facade-like services, but still.. CRUD (sub)services? Then what's a repository for...?). As a result devs didn't have a place where they could write business logic. So business logic is now in: controllers (also responsible for mapping), helpers (also application layer; used by controllers; using services).
- no transactions wrapping several actions, like removing item from CURRENT table first and then recreating it in HISTORY table. No rollback/recovery mechanism in service layers if things go South.
- no clean-code. One can easily find lines (streams) 400+ cols long.
- no encapsulation. Object fields are accessed directly
- Controllers, once get result from Services (i.e. Facade), must have a tree of: if (result instanceof SomeService.SomeSubservice1.Item1) {...} else if (result instanceof SomeService.SomeSubservice2.Item4) {...} etc. to build a proper DTO. IMO this is not a way to make abstraction - application should NOT know services' internals.
- µservices use different tables (hats off for this one!) but their records must have the same IDs. E.g. if I order a burger and coke - there are 2 order items in my order #442. When I make a payment I create an invoice which must have an id #442. And I'm talking about data layer, not service or application (dto)! Shouldn't µservices be loosely coupled and be able to serve independently...? What happens if I reuse InvoiceµService in some other app?
What are your thoughts?1 -
I just want things to do on my phone that are intellectually going to be stimulating
and not brainwashing
is that so hard to ask for
I can't keep playing sudokus all the time. the other day I wanted to go read a coding answer I asked an AI in my browser on my laptop but I was in bed on a voice chat with a sleeping person and didn't wanna get up out of bed to go fetch the laptop. my browser lets me see tabs I have open on other machines and this AI website makes a url with a unique id so you can browse to the chat you had, but it seems to not always work
earlier in the day I had asked the AI a theoretical coding question and it answered, but I got distracted and needed to go do something before I finished reading it (it was long). but when I was in bed on my phone playing sudokus for intellectual stimulation, annoyed and bored it was the only thing I could do, I had the bright idea of opening the tab on my laptop through my phone. Vivaldi is great and this always works. unfortunately the AI website's unique id thing doesn't. it loaded the website by URL correctly but the AI website just took me to the home page and I had no chat history to read =[
phones are literally computers but you can't do anything on them. can't watch videos without ads or bugs, if you load a lot of websites the tab management system sucks and performance is shit, controls for games suck even if you could find something not ad infested
hell you can't even do a pedometer that's not trying to get you to "log in". bruh
you can't even browse GitHub code! at least last I checked. it's just awkward, their app
I feel like I'm in a straitjacket in terms of technology and I wanna scream. I don't even know how to adequately describe my frustration or what I keep wishing for. it's been prominent in my head a couple years now. it's like we're regressing in terms of compatibility. went from card games provided by Microsoft like solitaire and spider, paint... to Jesus fuck you can't even get paint in a browser now without someone trying to fleece you
remember when things were inventive, nice, and not shit?
I don't even like playing mindustry on a phone to be fair. fighting the controls is most of the experience. so maybe phones are only good for reading things
I just noticed my brain over time doing sudokus learns so I wanted to practice engaging in something and learning as exercise, cuz I think it would be good for the brain damage. bah4 -
holy shit I swear taxes are like the government trying to tell you you're a peasant to them
my medicare card is about to expire and FOR SOME REASON now the process to renew is a fucking interrogation about various documentation the government has given you. before it was just your damned name, date of birth, and a new photo for the card.
evidently they were supposed to send you snail mail 3 months before expiration. evidently also the only way to renew is get this said snail mail.
and evidently I have to go through this "catchall" change your address with everything in the government process
which is a little ironic
because
to use this service you need to give them something called a notice of assessment, which is when the government accepts your taxes they send you back one of those
well I haven't had access to my tax portal for years. I keep filing them and getting excess money back but I can't actually see any of my returns.
so I tried this time
12 pages of verification and more verification... you do one step, it says wrong info because if you have to write in 2,474 well turns out the , fucks it up and your info doesn't match what's on file and if you fail more than 3 times you'll be locked out. repeat. page after page. how many fucking pages are there? what format are they expecting? nobody fucking knows. you'll get to find out if you pass just this one more!
after about 4 hours of this shit
and they have 2 factor authorization now?! wtf.
then this next step is id verification or we snail mail you a code (WHICH AGAIN IS IRONIC)
I chose id. health card doesn't count, it notifies me later. thankfully I have a passport. bad news, passport expires this September so guess who is gonna be having more fun later
the app of course can't use my camera in the browser I have, so I start downloading fucking other browsers and finally hit one that works
also they lied. they also want a selfie. then it tells me I failed to look like myself. if you fail to look like yourself 3 times you are denied.
ok. so I try snail mail. the page says if I revoke consent to id I can go do the snail mailed code. they lied. if you revoke consent it exits the whole wizard. you enter all the verification steps again.
I try to get them to snail mail me the code. they want some basic info they asked me like 16 times now, and a postal code. ironic. well this is the tax people, so by this point I found all my previous sent in tax returns (though I can't access the government's replies). checked. yep. address all the same. put in the postal code. nope. somehow it's wrong. 3 times I put all this random info in in different ways. 5 times and I'm locked out.
now fucking what.
THE FUCKING IRONY OF
I NEED TO CHANGE WHERE I LIVE SO YOU CAN SNAIL MAIL ME SOMETHING
AND TO CHANGE WHERE I LIVE I HAVE TO CONFIRM WHERE I LIVE SO YOU CAN SNAIL MAIL ME SOMETHING FUCKING ELSE
the government just fucking dunks on you
guess we're all not having fucking medical cards anymore. all we do is pay taxes, and can't even see the paperwork to those taxes we pay.16 -
Still remember the first time I started writing style sheets, the biggest confusion was why do they use an id where we can always use a class.
Now I know why. Only you are your identity, but there may be many people of the same class. :)2 -
Sometimes in our personal projects we write crazy commit messages. I'll post mine because its a weekend and I hope someone has a well deserved start. Feel free to post yours, regex out your username, time and hash and paste chronologically. ISSA THREAD MY DUDES AND DUDETTES
--
Initialization of NDM in Kotlin
Small changes, wiping drive
Small changes, wiping drive
Lottie, Backdrop contrast and logging in implementation
Added Lotties, added Link variable to Database Manifest
Fixed menu engine, added Smart adapter, indexing, Extra menus on home and Calendar
b4 work
Added branch and few changes
really before work
Merge remote-tracking branch 'origin/master'
really before work 4 sho
Refined Search response
Added Swipe to menus and nested tabs
Added custom tab library
tabs and shh
MORE TIME WASTED ON just 3 files
api and rx
New models new handlers, new static leaky objects xd, a few icons
minor changes
minor changesqwqaweqweweqwe
db db dbbb
Added Reading display and delete function
tryin to add web socket...fail
tryin to add web socket...success
New robust content handler, linked to a web socket. :) happy data-ring lol
A lot of changes, no time to explain
minor fixes ehehhe
Added args and content builder to content id
Converted some fragments into NDMListFragments
dsa
MAjor BiG ChANgEs added Listable interface added refresh and online cache added many stuff
MAjor mAjOr BiG ChANgEs added multiClick block added in-fragment Menu (and handling) added in-fragment list irem click handling
Unformatted some code, added midi handler, new menus, added manifest
Update and Insert (upsert) extension to Listable ArrayList
Test for hymnbook offline changing
Changed menuId from int to key string :) added refresh ...global... :(
Added Scale Gesture Listener
Changed Font and size of titlebar, text selection arg. NEW NEW Readings layout.
minor fix on duplicate readings
added isUserDatabase attribute to hymn database file added markwon to stanza views
Home changes :)
Modular hymn Editing
Home changes :) part 2
Home changes :) part 3
Unified Stanza view
Perfected stanza sharing
Added Summernote!!
minor changes
Another change but from source tree :)))
Added Span Saving
Added Working Quick Access
Added a caption system, well text captions only
Added Stanza view modes...quite stable though
From work changes
JUST a [ush
Touch horizontal needs fix
Return api heruko
Added bible index
Added new settings file
Added settings and new icons
Minor changes to settings
Restored ping
Toggles and Pickers in settings
Added Section Title
Added Publishing Access Panel
Added Some new color changes on restart. When am I going to be tired of adding files :)
Before the confession
Theme Adaptation to views
Before Realm DB
Theme Activity :)
Changes to theme Activity
Changes to theme Activity part 2 mini
Some laptop changes, so you wont know what changed :)
Images...
Rush ourd
Added palette from images
Added lastModified filter
Problem with cache response
works work
Some Improvements, changed calendar recycle view
Tonic Sol-fa Screen Added
Merge Pull
Yes colors
Before leasing out to testers
Working but unformated table
Added Seperators but we have a glithchchchc
Tonic sol-fa nice, dots left, and some extras :)))
Just a nice commit on a good friday.
Just a quickie
I dont know what im committing...3 -
Data wrangling is messy
I'm doing the vegetation maps for the game today, maybe rivers if it all goes smoothly.
I could probably do it by hand, but theres something like 60-70 ecoregions to chart,
each with their own species, both fauna and flora. And each has an elevation range its
found at in real life, so I want to use the heightmap to dictate that. Who has time for that? It's a lot of manual work.
And the night prior I'm thinking "oh this will be easy."
yeah, no.
(Also why does Devrant have to mangle my line breaks? -_-)
Laid out the requirements, how I could go about it, and the more I look the more involved
it gets.
So what I think I'll do is automate it. I already automated some of the map extraction, so
I don't see why I shouldn't just go the distance.
Also it means, later on, when I have access to better, higher resolution geographic data, updating it will be a smoother process. And even though I'm only interested in flora at the moment, theres no reason I can't reuse the same system to extract fauna information.
Of course in-game design there are some things you'll want to fudge. When the players are exploring outside the rockies in a mountainous area, maybe I still want to spawn the occasional mountain lion as a mid-tier enemy, even though our survivor might be outside the cats natural habitat. This could even be the prelude to a task you have to do, go take care of a dangerous
creature outside its normal hunting range. And who knows why it is there? Wild fire? Hunted by something *more* dangerous? Poaching? Maybe a nuke plant exploded and drove all the wildlife from an adjoining region?
who knows.
Having the extraction mostly automated goes a long way to updating those lists down the road.
But for now, flora.
For deciding plants and other features of the terrain what I can do is:
* rewrite pixeltile to take file names as input,
* along with a series of colors as a key (which are put into a SET to check each pixel against)
* input each region, one at a time, as the key, and the heightmap as the source image
* output only the region in the heightmap that corresponds to the ecoregion in the key.
* write a function to extract the palette from the outputted heightmap. (is this really needed?)
* arrange colors on the bottom or side of the image by hand, along with (in text) the elevation in feet for reference.
For automating this entire process I can go one step further:
* Do this entire process with the key colors I already snagged by hand, outputting region IDs as the file names.
* setup selenium
* selenium opens a link related to each elevation-map of a specific biome, and saves the text links
(so I dont have to hand-open them)
* I'll save the species and text by hand (assuming elevation data isn't listed)
* once I have a list of species and other details, to save them to csv, or json, or another format
* I save the list of species as csv or json or another format.
* then selenium opens this list, opens wikipedia for each, one at a time, and searches the text for elevation
* selenium saves out the species name (or an "unknown") for the species, and elevation, to a text file, along with the biome ID, and maybe the elevation code (from the heightmap) as a number or a color (probably a number, simplifies changing the heightmap later on)
Having done all this, I can start to assign species types, specific world tiles. The outputs for each region act as reference.
The only problem with the existing biome map (you can see it below, its ugly) is that it has a lot of "inbetween" colors. Theres a few things I can do here. I can treat those as a "mixing" between regions, dictating the chance of one biome's plants or the other's spawning. This seems a little complicated and dependent on a scraped together standard rather than actual data. So I'm thinking instead what I'll do is I'll implement biome transitions in code, which makes more sense, and decouples it from relying on the underlaying data. also prevents species and terrain from generating in say, towns on the borders of region, where certain plants or terrain features would be unnatural. Part of what makes an ecoregion unique is that geography has lead to relative isolation and evolutionary development of each region (usually thanks to mountains, rivers, and large impassible expanses like deserts).
Maybe I'll stuff it all into a giant bson file or maybe sqlite. Don't know yet.
As an entry level programmer I may not know what I'm doing, and I may be supposed to be looking for a job, but that won't stop me from procrastinating.
Data wrangling is fun.1 -
So first rant, here goes weirdness, and also lengthy rant
So in my company we have the hr and accounting managed by the same person which also deals with all things employee related and she had a need for a way to extract a birthday from, what is in our country the personal identification number, things go great i get a formula that performs parts of the magic up to the point where the first digit of the number dictates the gender and century to be used when forming the full year, mind you only the last two digits of the year are in plain within the id number so i thy a number of ideas. After bashing around google sheets for a while ( i've got open office installed and formulas don't export well to the excel that person uses but google sheets does so i built it there).
First idea : make a few conditionals to check for the value so we have 1 and 2 for 19th century, 3 and 4 for 18th century , 5 and 6 for 20th so i go ahead and write my conditions and they fail, all evaluates to false, it cascades through the else variants up to the last one so i'm wondering if the "if" itself doesn't support the or operator, seems it does, next i think it's the bloody condition written wrong so i reevaluate my logic in php in a test script, it works as intended, then i think ok not the right function called, let's see the docs, docs confirm i'm doing it right but what was wrong was the way i was getting that first number, using left seems to produce a string although the base thing is a number, now i start searching how i can cast it, like you would normaly do when the data type is fried, value function appears to be the solution but it isn't working....now i'm thinking "ok so i have a value and different things to print out so let's look for a switch, maybe it can understand that" switch function found under the form of choice, i get it sorted but am stuck wondering why the heck was the if and value combination not working.
Simple answer to that : value doesn't work well with function results, a known bug listed by someone in a comment, a comment i have failed to read for about 45 minutes of trying to understand.
All in all it worked well for the person asking for it so it's nice. -
1/2 dev and a fair warning: do not go into the comments.
You're going anyway? Good.
I began trying to figure out how to use stable diffusion out of boredom. Couldn't do shit at first, but after messing around for a few days I'm starting to get the hang of it.
Writing long prompts gets tiresome, though. Think I can build myself a tool to help with this. Nothing fancy. A local database to hold trees of tokens, associate each tree to an ID, like say <class 'path'> or some such. Essentially, you use this to save a description of any size.
The rest is textual substitution, which is trivial in devil-speak. Off the top of my head:
my $RE=qr{\< (?<class> [^\s]+) \s+ ' (?<path>) [^'] '\>}x;
And then? match |> fetch(validate) |> replace, recurse. Say:
while ($in =~ $RE) {
my $tree=db->fetch $+{class},$+{path};
$in=~ s[$RE][$tree];
};
Is that it? As far the substitution goes, then yeah, more or less. We have to check that a tree's definition does not recurse for this to work though, but I would do that __before__ dumping the tree to disk, not after.
There is most likely an upper limit to how much abstraction can be achieved this way, one can only get so specific before the algorithm starts tripping balls I reckon, the point here is just reaching that limit sooner.
So pasting lists of tokens, in a nutshell. Not a novel idea. I'd just be making it easier for myself. I'd rather reference things by name, and I'd rather not define what a name means more than once. So if I've already detailed what a Nazgul is, for instance, then I'd like to reuse it. Copy, paste, good times.
Do promise to slay me in combat should you ever catch me using the term "prompt engineering" unironically, what a stupid fucking joke.
Anyway, the other half, so !dev and I repeat the warning, just out of courtesy. I don't think it needs to be here, as this is all fairly mild imagery, but just in case.
I felt disappointed that a cursed image would scare me when I've seen far worse shit. So I began experimenting, seeing if I could replicate the result. No luck yet, but I think we're getting somewhere.
Our mission is clearly the bronwning of pants, that much is clear. But how do we come to understand fear? I don't know. "Scaring" seems fairly subjective.
But I fear what I know to be real,
And I believe my own two eyes.11 -
Control your searches like an ADULT damn it!!!
So we have records that can have any of a bazillion different reference numbers associated with them. No big deal. Everyone does right?
Our customer's love to run reports and so we have this one option for "just look at a hell of a lot of reference numbers". I call it the 'fuck all' search.
Really it is just there to find something that you don't know where a rando string or number might be in the record and just want to do a "fuck all" search across a number of likely fields to find it... and then presumably you'd be an adult and refine your search from there. LOL yeah right...
Customers get lazy and include that stupid option in their reports and we get a lot of.
Customer: "I always run this report (that includes the fuck all search) and now it isn't working. I want records that have ID 2222."
Me: "Yeah well that was only working because you were rando typing '2222' in like several fields and it would find those .... but now you quit doing that so it won't find them. If you want ID 2222, click the drop down and search by 'ID'. That will find it right away."
Customer: "But I want to just search by 'fuck all search' to find it..."
Me: "But then you get all these other records too right?"
Customer: "Yeah but I just delete them out of the spreadsheet ... "
Me: "Look watch this <screen share> there, look all records with an ID of 2222 and no more extra records you need to delete!!! How great is that?"
Customer: "But why do I have to do it this way now, I want to do it the old way..."
ಠ_ಠ
(granted I could add their ID to the fuck all search but we try to avoid adding too much because it gets out of hand / stops being useful the more fuck all it gets)3 -
We had made an api which had endpoints for each different domain model, so /user, /company, the usual. Beyond being restful they all had basic filtering and pagination.
We also had an endpoint to return an entity from any set based on guid for when you needed to attach the related entity to notifications and logging and such.
We received a bug report on how you couldn't use filtering or pagination on this endpoint, and after weeks of asking what they need it for we just had to implement it.
You can imagine how non-trivial it is to "just" filter across different datasets, but we eventually got it working so now you can get a user via /user/123 or /entity?type=user&id=123. They only use it for one type and id at the time.2 -
My latest "joke-app" has been published yesterday.
I highly doubt that anyone will buy it, but still, I hope someone will!
The whole point, of course, is that you can show off how rich you are by buying this stuff. nothing else.
If anyone is about to tell "rich people will have iPhones" the answer is "the app is only on playstore because I'm not rich at all and don't want to pay Apple, plus if you're really rich, just buy a phone and then buy the app"
https://play.google.com/store/apps/...9 -
Hello, Hi! Friendly neighbourhood noob here!
What’s he stuck on today you ask? React and Firebase!
Did he try? Yes he did! Only a little hitch this time.
Really? Little?
...It’s all relative... like the truth!
Anyway PLEASE someone look at my StackOverflow question!!
https://stackoverflow.com/questions...
Firebase and react are awesome tbh. But I cant figure this out!
Thank you!! -
Fuck MS, why couldn't you update the NuGet API URL when NuGet updated? The warning on nuget.org states,
"This package will only be available to download with SemVer 2.0.0 compatible NuGet clients, such as Visual Studio 2017 (version 15.3) and above or NuGet client 4.3.0 and above"
It says nothing about using the V3 endpoint, so if you''re like me and updated NuGet to 4.5 and still got nothing but
"NU1101: Unable to find package Foo.Bar. No packages exist with this id in source(s): https://www.nuget.org/api/v2/"
...then you'll be very confused until it strikes you that there might be a new API version. Even if MS doesn't want to deprecate the V2 API just yet, it would be awfully nice to just state on the frickin' site that not only do you need NuGet >= 4.3.x, but also the correct feed URL.
$_DEITY knows how many dev-hours have been lost to this shit. -
Fucking hell. So, I had an interview with market research company and in said interview I got told to bring my passport to my first shift training and it was ok if it was 5 years out of date. Additional info, they were supposed to call us on Thursday to book said shift and send us an email with a information pack. They never did.
Ok, day of shift comes along. After I booked it because no one fucking bothered to call any of us. Email never arrived but whatever. I go to the place and bring my 3 years out of date polish passport... Big fucking mistake. They don't seem to like polish passport seeing as how it's only the British ones that get the out of date is okay thing. So I'm sitting there still calm because sure, company policy, they have to do it. The training guy was nice and all, offered to get me to their office to speak to them about it. I accept and off we go.
At the office, I basically get the information that it's only British passports that get it and I basically can't use anything else as proof of ID, which is funny seeing as I have a polish identity card that I can leave and enter the country on within the EU. I suppose I'm going to try looking for a job that doesn't require passports for now and if I find a good one then they can go get fucked by a bull for all I care.
In conclusion, I get to wait till I'm 18 (thankfully only a month) to apply for a new passport in the local polish consulate. Brilliant. All thanks to some cunt that decided they require fucking passports with such beautiful (note the sarcasm) rules. The fucktards.
Hoping the apocalypse comes early for these cocksuckers,
BadFox -
rant
Damn Google, Damn Google Play, Damn Adsense, Damn Admob...
So finaly uploaded my first app to the Playstore. took 5 minutes to make, 25 to ad an Admob module, and a day to get the ad to show...
Now I have to wait 6 hours for my new id (cause I chose the wrong kind of ad) to show and know If it will show on the App...
Luckly The App only has one download so far... mine lol4 -
Been working on trying to get JMdict (relatively comprehensive Japanese dictionary file) into a database so I can do some analysis on the data therein, and it's been a bit of a pain. The KANJIDIC XML file had me thinking it'd be fairly straightforward, but this thing uses just about every trick possible to complicate what one would think would be a straightforward dictionary file:
* Readings and Spellings/Kanji usage are done in a many-to-many manner, with the only thing tying them together being an arbitrary ID. Not everything is related, however, as there can be certain readings that only apply to specific spellings within the group and vice versa. In short, there's no way to really meaningfully establish a headword fora given entry.
* Definitions are buried within broader Sense groups, which clumsily attach metadata and have the same many-to-many (except when not) structure as the readings/spellings.
Suffice to say, this has made coming up with a logical database schema for it a bit more interesting than usual.
It's at least an improvement over the original format, however, which had a couple different ways of setting up the headword section and could splatter tagging information across any part of a given entry. Fine if you're going to grep the flat file, but annoying if you're looking for something more nuanced.
Was looking online last night to see if anyone had a PHP class written to handle entries and didn't turn anything up, but *did* find this amusing exchange from a while back where the creator basically said, "I like my idiosyncratic format and it works for me. Deal with it!": https://sci.lang.japan.narkive.com/...
Grateful to the creator for producing the dictionary I've used most in my studies over the years, but still...3 -
Fuck Kibana and their latest update. Want to change timeframes? 5 fucking clicks to get there. Changed the query and the timerange? 'update' will only have you looking at the new timerange for the old query which is confusing as fuck if you don't realise it. So you need to click 'update' a second time.
So many times i've been staring at the wrong logs after changing correlation ID and time range just pulling out grey hairs trying to understand what the fuck is going on. -
Long standing PhotoShop bug in Wine FIXED! It's stated that it was for CS5, but I've heard one report that it's also fixed a CC version, but not sure if it was the latest CC or not. I don't miss much from Windows, but the Adobe workflow is one thing I do miss. Possibly the ONLY thing I miss at this point. https://bugs.winehq.org/show_bug.cg...
Has anyone got around to trying this yet? Maybe I can test tomorrow and report back!14 -
So i got this service i made for fun and learning. Theres many providers in it for money, not me, only a little (lets not lie to ourselves).
Id just like to have a handful of happy clients to make it pay for itself so i dont lose money.
I have no idea how to advertise or gain clients. Those potential clients i cling with are from US and the server is in EU, and i wont convince anyone to buy something i wouldnt buy myself.
I suck at marketing.2 -
I just completed this heartfelt and sincere little cry for help on another ste but it wasn't verified because I'm not special enough to format it like a PAD, whatever that means. I cannot seem to simply burn music files anymore. I'm using a Samsung laptop Device name DESKTOP-AII2T2S
Processor Intel(R) Core(TM) i7-2675QM CPU @ 2.20GHz 2.20 GHz
Installed RAM 8.00 GB
Device ID D766A89B-5671-4D9F-B6F9-2D884E9EA309
Product ID 00326-10000-00000-AA880
System type 64-bit operating system, x64-based processor
Pen and touch No pen or touch input is available for this display
Edition Windows 10 Home
Version 20H2
Installed on 09/08/2020
OS build 19042.928
Experience Windows Feature Experience Pack 120.2212.551.0
The music is a combination of commercially relased material as well as bootleg recorded material.
I am not looking for a "This is Why We Can No Longer Burn Our Music Files" Intro. All you need to tell me is the corporations that eat the world are protecting their copywrighted music and I must be up earlier and eat bettter breakkie than those individuals. That I can handle. Although I'm not a dev, I'm sure you can understand the feelling after you have worked for hours on attempting something, only to discover your effort has been in vain (much like my former relationships). Again, if you can give me any direction aside from hanging it up and attempting to find happeniness elsewhere, sock it to me. I deserve it. Thanks.
11 years ago when I used a Macbook putting together a playlist, inserting a blank CDR, and burning the file onto the CDR was very easy. I\'m am now faced with hurdles I sometimes scale, only to fall on my face.
I\'m not stupid, or uneducatated about flac, blah blah. I learnt it all myself. I\'m now using a windows operating system. Afew weeks ago I was able to burn what ever I pleased and it was OK.
Then one day, it just wouldn\'t do it. I was following no altered procedures. Since then it\'s been misery. I remember that ocenaudio once burned music files for me.
I don\'t know how to go about retrieving an instruction manual that will take me step by step as to how to do this.
You help would be appreciated.
Cheers,
Jonno
I've been lurking here since 2017 when my Macbook died. I've always enjoy the level of sanity and have attempted to add my jaded, distant and nihilistic spin on a few threads. It won't destroy me if I can't burn files anymore, I'll just go back on heavy tranques and change my name to Ben Zo. Dia Za P.een3 -
Fantasizing about stabbing SharePoint in the throat, I'm being forced to contact Microsoft tech support, so I need to obtain our software assurance account info.
Our company's rep sends me our SA account numbers (assuming that was all I needed) and the link to create an incident.
Step through Microsoft support ticket 'wizard' which ends with requiring a login with a Microsoft account.
Me: "What login account should I be using?"
Rep: "You shouldn't need one. Just use the SA account number and access ID I sent you."
Me: "There is no entry for those values. I step through a support 'wizard' and the final page redirects me to the Microsoft login page."
Rep: "Use your work email address."
Me: "I can, but I shouldn't have to use my personal outlook email address. Can I just send you the issue and you submit the ticket? After the ticket is created, all the correspondence will be through email anyway."
<30 min. later>
Rep: "I just linked your work email address to your company's account. You should be able to login now."
Me: "Same error. I think you're messing with me."
<30 min. later>
Rep: "Select the option to create an account with your own email."
Me: "Now I know you're messing with me. Already tried that and received the error 'You cant sign up here with a work or school email address'."
Rep: "Weird...I guess Microsoft changed their policy."
Me: "So now what?"
<1 hour later>
Rep: "You might have to send me your SharePoint issue and I'll get a ticket created. After the ticket is created, I'll change the contact email address to you."
WHY DIDN'T YOU DO THAT TWO HOURS AGO!
Whew! Thanks devRant...that's better. I put the knife down and now only want to punch SharePoint in the face.3 -
Making a hard switch to ubuntu on my desktop at home. Getting just a teeny tiny, tad, bit: absolutely fucking livid....
Trying to learn ansible, vagrant, and docker more in depth for both work and my personal projects. All that I’ve been doing is just spinning my wheels trying to figure out the stupid fuck-mothering quirks with running this shit on Windows. Yes you absolutely can use all of these tools on a Windows box. There’s plenty of ports, patches, and workarounds. But I have spent all day trying to build a few vagrant boxes and use ansible to set them up. Simple LAMP stack boxes on CentOS7. Nothing major... unfortunately I spent like 90-110 minutes trying to figure out why virtualbox wouldn’t run properly. Dumbass me forgot that I installed Hyper-V ages ago.
O...K.... whelp... hyperv provider it is...
Luckily it only took about 15 minutes to determine that Hyperv’s networking can’t be setup from vagrant because vagrant doesn’t know how to interact with the hyperv - vswitch. So networking config is ignored and all VMs run on default switch (NAT) which is annoying but workable.
Ran into other issues trying to stay SSH’ed into the VM. PowerShell core (6) ssh’es into the box perfectly fine, but every time I opened vi to edit configs my terminal color scheme and fonts got fucked harder than a 2 dollar hooker on nickel night.
I’m a bright-green text on black background kinda guy. However the terminal kept changing to bright-red text on white background! It was like getting skull-fucked by a minotaur.
After a while I said fuck it, let’s try putty. Vagrant was using it’s own ssh keypair for the boxes, at work on my mac. Works like a dream. Putty failed me hard and shit the bed, kept getting all kinds of keypair errors. At this point I was finished spent too long trying to make shit work correctly on this jankbox. With enough time and patience I probably could’ve figured all of these problems out. I’m certain that at least 70% of them were caused by user error. I’m known by many as the walking ID-10t.
But alas, I have no time left in the day to fuck around with shit that doesn’t work immediately for morons like myself. My only hang up for the longest time with a complete switch to Linux was gaming. But with Proton and WINE I’m comfortable with giving it the ol’ college try. (Shhhh, don’t remind me I dropped out of college...
...Thrice.)
The gamble here is that I’ll give more than 2 halves of a fuck about trying to get my games working. A Study environment and materials for certs and general training won’t be getting anywhere near my full attention.
So, at long last, I hope this attempt at a full *nix switch finally sticks!!!
👾2 -
Tonight I learned that none of our automatically installed systemd-based servers had the /etc/machine-id created, and that that file used to be pretty central in the systemd world.
So that was the warning at the beginning of the boot log about a missing /etc/machine-id! Though until today, everything still worked fine. Only today, the machinectl utility was unable to find the local machine with the machine id missing.
Oops? At least I'll have stuff to fix tomorrow lol.6 -
When you are trying to write event handlers in JavaScript and nothing is working so you spend hours and hours trying to figure out what the fuck is wrong with your js code only for it to be a duplicate id. Fuck sake. I really wish JavaScript warned you about duplicate ids, but then again that's what you get for using such a weakly typed language.
-
When asked if i will code for stock options or profit shares, i might remind the prospect that in most countries, i would own the entire codebase if working for no pay. Most work for hire agreements put ownership of the system and code into the paying clients name, as i understand it. so if youre not collecting pay, you would own (possibly the only copy of) the code. If that doesnt scare the client away, maybe i should remind them id be legally allowed to sell the code to their competitors. Then do so if i see a bettrr paying client (i.e. any paying client) If anyone knows if im making legal sense id appreciate it.
-
something id like to yell at my company:
if u only cant afford to take a certain team to team lunches because its getting too big, stop recruiting for fucks sake. it was literally the coolest perk🤷♂️ -
So i'm a laravel dev and i love it. However one thing that only seems to happen late at night is when working with Eloquent i always end up putting () when working with relationships.
Last night i spent about 2 hours messing with
public function members(){
return $this->hasManyThrough(
'App\Member', 'App\ConversationMember',
'conversation_id', 'id', 'id'
);
}
only to find out i was calling it via
$conversation->members() instead of $conversation->members
This morning when i opened up the IDE i immediately figured out what i was doing wrong.... sometimes burning the late night oil is counter productive i guess you could say -
So, I just (few hours ago)made a new variable that's either brilliant or innately flawed... not sure yet. It's an oddly unique var...
__bs__
So far I only made it in python and windows env (i script like the methodology of css).
I bet you're wondering how I've defined __bs__ and the practicality of it.
__bs__ is derived from a calculated level of bullshit that annoys me to tolerate, maintain, etc. as well as things that tend to throw nonsensical errors, py crap like changing my strings to ints at seemingly random times/events/cosmic alignments/etc or other things that have a history of pulling some bs, for known or unknown reasons.
How/why did this come about now?
Well I was updating some symlinks and scripts(ps1 and bat) cuz my hdd is so close to death I'm wondering if hdd ghosts exist as it's somehow still working (even ostream could tell it should be dead, by the sound alone).
A nonsense bug with powershell allowing itself to start/run custom ps1scripts with the originating command coming from a specific batch script, which worked fine before and nothing directly connected to it has changed.
I got annoyed so took an ironic break from it to work on python crap. Python has an innately high level of bs so i did need to add some extra calculations when defining if a py script or function is actually __bs__ or just py.
The current flavour of py bs was the datetime* module... making all of my scripts using datetime have matching import statements to avoid more bs.
I've kept a log of general bs per project/use case. It's more like a warning list... like when ive spent hours debugging something by it's traceback, meticulous... to eventually find out it had absolutely nothing to do with the exception listed. Also logged aliases i created, things that break or go boom if used in certain ways, packages that ive edited, etc.
The issue with my previous logging is that it's a log... id need to read it before doing anything, no matter how quick/simple it should be, or im bound to get annoyed with... bs.
So far i have it set to alert if __bs__ is above a certain int when i open something to edit. I can also check __bs__ fot what's causing the bs. I plan to turn it into a warning and recording system for how much bs i deal with and have historical data of personal performance vs bs tolerance. There's a few other applications i think ill want to use it for, assume it's not bs itself.
*in case you prefer sanity and haven't dealt with py and datetime enough, here's the jist:
If you were to search any major forum like StackOverflow for datetime use in py, youd find things like datetime.datetime.now() and datetime.now() both used, to get the same returned value. You'll also find tons of posts for help and trying to report 'bugs', way more than average. This is because the datetime package has a name conflict... with itself. It may have been a bug several years ago, but it beeb explicitly defined as intentional since.2 -
Ok. I GIVE UP! ...for at least a couple hours...
I'm not a big believer in... well anything suitable to the literal definition of believe. But there's only so much 'wtf? How is this even possible?' and any answer u can come up with is nearly statistically impossible...
I am a neuro-atypical (and just extremely atypical even if i somehkw was neurotypical) being, based on logic, finely calculated statistical probability and the most raw data and as unbiased as realistically possible, algorithms and interpretation (usually recursive pattern recognition with several highly detailed historical sources.
...but at some point statistical improbability and a collation of separate, yet relatively closely occuring events/circumstances makes logic, itself a primary suspect of corruption.
What was the breaking point that caused me to (temporarily) give up and tell logic to f off for a bit cuz maybe the illogical and mythical is the real logic, leaving me in a losing battle with 'the' fates?
Trying to get all my sourcing/purchase orders in/paid for/on the literal boats b4 end of the workday/week in china...
1st, had to drop a supplier cuz they have limited reps. When the one ive had 7+ years left, i got the aloof blonde girl societal trope of a rep... who for the 2nd time (despite the several very blunt complaints above her, incl me) she sent out a promotional update to the entire client list (ie, inherently competitors) as CC not BCC... over 200 business email accounts with tailored info of their sourcing.
2- totally diff company/ industry a former rep i was glad be rid of apparently just sfarted back for "awhile" as i needrf to restock/scale...apparently she forgot everything we discussed at length... lke if you want a chance on my business im not gonna be wasting time looking through your gui "mini store to then inquire about everything individually insead of a simple spreadsheet(which i print and put in a 3-ring binder rotating current catalogues in the same format i require everywhere)
3.dog was an ahole, my packed schedule got delayed and morphed.. a bunch of little bs thatd normally have no extra thought impact, hyperfocused forgetting one of my alarms til i realised my idiopathic fever was back and i didnt take/apply meds (pain/muscle relaxers mainly so despite this odd free time and needing to shower. I gotta sit on my rear, leg elevated/non-productive far 40min b4 i can shower (as functional legs and lack of syncope is almost a req to shower)
4. A new-ish rep of a company/factory i like/respect enough to not mention in relation... he makes invoice 1.. slight error thst was easily resolved...#2 was flawless... he goes to officially generate the contract(alibaba... verrrry simple with lots of extra explanation buttons). Price and all items match, its near workweek end so i was waiting for it so i could quickly pay/have it on the boat b4 it left and few fdav days are behind...
I put in card info, get to the 2 cbeck boxes (imo should be only 1 but whatever) asking if billing address is same ss delivery(its always default yes)... then i see a few lines in chinese (i can read enough for business negotiations... typical words/sentences innately look different than things like individual letters/address and postal indicators.) After a few loops of double checking, mentally trying to dismiss my i Intial judgement cuz it'd be too ridiculous... even resorted to google .... nope... initial wtf was spot on... recipient name/address was indeed the company(multi factory producer)i was purchasing a wholesale, via sea freight, bulk of products from.
Im pretty sure the system would've flagged it as an invalid contract within an hr... but seriously... ive been handling alibaba (and other) international sourcing since before high school(mainly small businesses i made sites/little tools for that found anything with a light up screen intimidating) and a purchase then shipment to the originating company/factory actually entered into a contract(the form is sooo simple)... im faced with ridiculously improbable obstacles actually existing and changing in such nonsensical statistically improbable ways so often that 1. I wouldn't trust a dr (or most humans) that didnt 1st assume i was crazy of some form...unfortunately im not, despite hkw much simpler and probable itd be 2. Id be super suspicious/converned if statistic norms were my norm for over a day.
But seriously wtf???
Someone give me some wisps of a frame of ref here... where's a typical 'fuck this, im out!' Breaking point?1 -
WHAT. THE.
https://youtube.com/watch/...
1. watch video
2. comment your thoughts on it
3. read the following copypaste of my thoughts
4. comment your thoughts on whether I'm stupid or he's stupid
5. thanks
----
I am a programmer and I totally prefer windows.
1. I'm (besides other things) a game programmer, so I use the platform I develop for.
2. Linux is the best OS for developing... Linux. But I'm not developing linux. I want to use my OS and have it get in the way as little as possible, not test and debug and fix and develop the OS while i'm using it, while trying to do my actual work.
The less the OS gets in my way, the less stuff it requires me to do for any reason, the less manual management it needs me to do, the better.
OS is there to be a crossroads towards the actual utility. I want to not even notice having any OS at all. That would be the best OS, the one that I keep forgetting that I'm actually using. File access, run programs, ...DONE.
p.s.
if i can't trust you, a programmer, to be able to distinguish and click the correct, non-ad "download" button, or find a source that's not shady in this way, I don't want you to be my programmer. Everything you're expected to do is magnitude more complicated than finding a good site and/or finding the correct "Download" button and/or being able to verify that yes, what you downloaded is what you were after.
Sorry, but if "i can't find the right download button" is anywhere in your list of reasons why "linux is better", that's... Ridiculous.
6:15 "no rebooting" get outta here with this 2000 crap. because that's about the last year I actually had to reboot after installing for the thing to run.
Nowadays not even drivers. I'm watching a youtube video in 3d accelerated browser window while installing newest 3d drivers, I get a half-second flicker at the end and I'm done, no reboot.
the only thing I know still requires reboot within the last 15 years is Daemon Tools when you create a virtual drive, but that one still makes sense, since it's spiking the bios to think it has a hardware which is in fact just a software simulation....
10:00 "oops... something went wrong"
oh c'mon dude! you know that a) programs do their own error messages, don't put that on the OS
b) the "oops... something went wrong" when it's a system error, is just the message title, instead of "Error". there's always an "error id" or something which when you google it, you know precisely what is going on and you can easily find out how to fix it...18 -
Another part of messy network gone.
Caching fucked me hard....
Isn't it just lovely that nowadays you need to nearly wipe a machine to get it from claiming stale data....
And thanks to DNS, HAProxy -/ service names / ... I think I know now why the curse of babel is so powerful.
When you have to think for 2 mins to make sure you've set the zone's right, cause otherwise you need to ProxyJump with SSH through more tunnels than imaginable (VPN/HO) to fix possible caching on several DNS servers.... You'll realize that it's russian roulette with too much bullets. :(
And If a monitoring service asks another monitoring service for status information which asks the first monitoring service which then asks the second monitoring cause you were too late...
You'll get very funky monitoring statistics.
Too slow, had to nuke it (mismatched a DNS name, the second monitoring service should have been a service node).
I think I've had more near death scenarios in the last 2 weeks than I like.
Hopefully I'll never have to do that again.
(Splitting and reordering a few dozen VLANs, assigning proper DNS names, loadbalancer migration....) -
So I've been using Duet on my iPad Pro for a couple years now (lets me use it as an external monitor via Lightning cable) and without issue. Shit, I've been quite happy with it. Then the other day, whilst hooked up to my work laptop, there was a power fluctuation that caused my laptop to stop sending power to connected devices. Which is fine - I have it plugged into a surge protector so these fluctuations shouldn't matter. After a few seconds the laptop resumed normal operation and my connected devices were up and running again.
But the iPad Pro, for some reason, went into an infinite boot loop sequence. It reboots, gets to the white Apple logo, then reboots again.
In the end, after putting the iPad into recovery mode and running Apple's update in iTunes (as they recommend), it proceeds to wipe all my data. Without warning. I lost more than a couple of years of notes, illustrations and photos. All in one fucking swoop.
To be clear, you get 2 options in iTunes when performing a device update:
1. UPDATE - will not mess with your data, will just update the OS (in this case iPadOS)
2. RESTORE - will delete everything, basically a factory reset
I clicked UPDATE. After the first attempt, it still kept bootlooping. So I did it again, I made sure I clicked UPDATE because I had not yet backed up my data. It then proceeds to do a RESTORE even though I clicked UPDATE.
Why, Apple? WHY.
After a solemn weekend lamenting my lost data, I've come a conclusion: fuck you Apple for designing very shitty software. I mean, why can't I access my device data over a cabled connection in the event I can't boot into the OS? If you need some form of authentication to keep out thieves, surely the mutltiple times you ask me to log in with my Apple ID on iTunes upon connecting the damn thing is more than sufficient?! You keep spouting that you have a secure boot chain and shit, surely it can verify a legitimate user using authenticated hardware without having to boot into the device OS?
And on the subject of backing up my data, you really only have 2 manual options here. Either (a) open iTunes, select your device, select the installed app, then selectively download the files onto my system; or (b) do a full device backup. Neither of those procedures is time-efficient nor straightforward. And if you want to do option b wirelessly, it can only be on iCloud. Which is bullshit. And you can't even access the files in the device backup - you can only get to them by restoring to your device. Even MORE bullshit.
Conversely, on my Android phone I can automate backups of individual apps, directories or files to my cloud provider of choice, or even to an external microSD card. I can schedule when the backups happen. I can access my files ANYTIME.
I got the iPad Pro because I wanted the best drawing experience, and Apple Pencil at the time was really the best you could get. But I see now it's not worth compromise of having shitty software. I mean, It's already 2021 but these dated piles of excrement that are iOS and iPadOS still act like it's 2011; they need to be seriously reviewed and re-engineered, because eventually they're going to end up as nothing but all UI fluff to hide these extremely glaring problems.2 -
Me vs my job at mnc laggards
part 7/n
height of fucking bureaucracy. i feel like being in a government office.
i started my first day with these assclappers on 29th. after somehow managing the 3 crappy days of mental torture, i enjoyed a decent weekend and today i am back to the hellhole office, only to find my laptop BECOMING A KITCHEN TABLE! am unable to access any software, read any mail, attend any meetings!!!
What could be the cause? oh the good old incompetence!
So they have this shitty SAP portal that needs to be logged in everyday from the office VPN to mark an atendence. if an attendence is not marked for 3 days, it disables access the id to access all the fuckin systems, even the ones you are supposed to use to fuckin communicate with!
And guess who was not able to access the shitty SAP portal and had written 4 emails on friday to different HR bitches? UMM, MEEE!!!
I guess I need to take up this new shitty habit of keeping every email/phone number/id/fucking blood sample of every person i meet, because the fucking system can log out anyone at any fucking time!!!
The above crap combined with the fact that they work from a we-fuckin-work where you can't get a decent isloated phone booth for more than 30 mins, i am soon going to burst, and burst bad
--------------------------------------------------------
previous crap :
https://devrant.com/rants/6553736/... -
In the modern world, a human is not a human. The human is only human if they have ID, passport, insurance, bank account, credit card, facebook, covid certificate. Otherwise you’re nothing2
-
So... there is a bank. And the website for example is using "https". Alright. But the Login consists your login ID (in the most cases your account number) and a Pin number ( only 5 chars) If i remember pentesting, crunch etc a pin or password with 5 chars (included special characters) is fast hackable or not? Or is it super secure cuz of the "https"?4
-
Ok so I tried apple
And I hate it. The only Apple product I loved was iPod Shuffle that small little dumb box... That was love
And now, for the iPhone, I will now continue hating it. How do you guys manage to like it? I'm fucking stuck on making an Apple ID since morning. It is fucking showing a hell lot of errors one by one as I go on trying
BTW good news coming up after 2hrs8 -
Can someone tell me what I am doing wrong?
I published a pretty small app about a year ago that was just a small financial widget for your home screen. Recently I added more in app functionality and graphs but left the widget part unchanged.
For some reason I am now getting even less installs and my active user count has dropped. Any idea why people who used it in the widget only days would suddenly leave?
The link is: https://play.google.com/store/apps/...2 -
So as part of my news years resolution, I thought id build an app and I thought I would build it in vue.js and native script with a shared codebase, I've started with a fresh project and already I have an error, one that I've not caused, this is in router.js. see if you can spot it.
module.exports = (api, options) => {
require('@vue/cli-plugin-router/generator')(api, {
historyMode: options.routerHistoryMode
};
export default new Router(options);
}
When I've fixed the syntax error, I then get, the error:
/src/router.js: 'import' and 'export' may only appear at the top level (5:0)
This is when I run "npm run serve:ios"
if anyone has encountered this, please let me know how you fixed this.2 -
So I'm sitting here trying to bodge my way through a member system. These fucknuts really made a bad system..
The task: Export a list of users and their info.
Is there an API available? No, who the fuck would need that shit, even tho the system is built upon Odoo, which has an API!
But it has an export function, you just have to log in and press the right sequence of buttons, because you need the running ID...
Here I discovered the first of many security flaws... "What happens if I post the wrong ID?"... Well, I get access to a file that has nothing to do with me or my users.... What?
Well after some fiddling It works, but holy fuck I found a lot of bugs. And this is a system that is launching in 7 days for us.. Some users have been on it for a year....
How can they ship this bad a product? There's absolute no documentation only a 15-page manual. Guess they don't want developers to develop shit that works in junction with theirs.1 -
Work! Terribile doubt about our project 😭i will leave this company if we do not come up with an adult solution 😔
We are working for another Company, they asked to add a web app to their project.
We made frontend and backend, we make user auth to their api, then call their api (place order, get orders etc), passing their auth token to their services.
Which Means that our endpoints are not really protected (i think) and if we add an endpoint that does not use their api, the only way to secure them Is to take the token, validate It by calling for example get /order of the api and if It fails just discard the request....too slow?
my colleagues do not want to put a serious auth they Just want to use the company api and leave the rest open...
And the customer Just asked to use some other api functionality, but that api has another auth... How do we pur them togheter? The last api want the id of the user to do machine ti machine auth
It Is my 6th month here no one thaught me anything, i think i'll Just leave ..or am i Just experiencing the developer Daily work?😔7 -
spent a few days trying to track down the cause of a thermal shutdown in my workstation. intel 4790k with no overclock would spike to 95C on one core (core1) whenever maxing out all 8 threads, be it real work, mprime, anything with 100% cpu being used. I quadrupled my RAM from 8gb to 32, because its cheap and id like to have all data in memory sometimes, not because I thought that was the problem. I reseated my watercooling block. I checked out the PSU. I unplugged all unnecessary peripherals, drives, etc. It turned out to be a bug in Gigabyte MOBO BIOS (causing temps to be read incorrectly i think, still not exactly sure...) updated from version 5 to 10 and poof now temps are back in the high 50's at full load. it only took 2 days to figure out and i think i learned something
-
Guys I need to deploy a very simple authentication API service.
You register with a username (actually an ID with a determined format), a password and uuid. You login with your username and password and if credentials are correct you get back the uuid as a response (JSON or whatever the fuck).
If you forget your password, you can use your uuid (which is confidential, very long string) in some POST request to set a new password. If you forget your username, you use the uuid again in a GET request to get back your username.
I've been looking at a bunch of solutions online and I don't think they suit my purpose exactly and all require emails (Like Firebase, AUth0, etc.) So, let me get this straight: NO FUCKING EMAILS INVOLVED PLEASE.
The above are the EXACT requirements I need for my work (for a good cause too). I fucking hate 0-requirement exploratory research tasks and I'm plagued with those. Those requirements are the only way it should work. So again, NO EMAILS INVOLVED PLEASE.
Also, please note that I have never developed an API in my life. I feel like StackOverflow will be assholes about this so I am asking this here.
I know it is very easy to do and there are probably dozens of ways to do this. I just do not know how, documentations are vague and overwhelming (or I'm just a little stupid lately). Another thing is that I am not sure of how can I do this in the most secure way. Bonus if this can be dockerized.
I know I sound a little rude,so I am sorry. It is just my frustration and depressing times I am going through that's preventing from thinking straight.6 -
Random learnings/realisations/hypothesis:
i have found a sense of happiness in weird symbiotic environment : being rich in a poor environment and live with a poor-but-secretely-rich lifestyle.
i call it the "sheep-hoodie" lifestyle: being a wolf in a herd of sheeps but not with a sheep's skin glued to your body. rather a hoodie so you can be a friendly wolf , ferocious wolf and a friendly sheep whenever you want to.
my 1 group of friends are in a sheep phase : struggling in their life , crunched on money, not saving a lot or focused on savings and stuff. At least that's what shows up from their discussions. however when we are together, i see that we are always supporting each other, and sharing resources/helping each other while having fun
my another group of friends have a wolf lifestyle:
they are insanely rich, if you want to party/do something with them at 'their' level, you gotta have a lot of cash to burn . they are wolves because they know how to sell their stuff, whom to sell and how to retain the info for success. i don't enjoy much with them as their solutions to life problems end up with something that involves a lot of money than effort.
So my lifestyle is to earn like them, but live like my broke friends. they think that am earning 20% of what i earn now, and am also in lots of debts and family crisis. someday my lie is gonna burst when i buy expensive stuff lol
--------
#2
i have realised that i have an OCD for silence and psychotic reaction to noise . for me ,
Silent Environment >> sex >> any relationship.
I might react so aggressively to noise while trying to focus that i may end up breaking the closest of relations with anyone
--------------
#3
thinking of having 3 twitter accounts just to fix the problem of devrant not saving content of dormant accounts :
- professional : an id where i will share my professionally stupid questions, achievements, debates etc
- personal/partial-anon : an id where i will share my personal thoughts and stuff. it might also include devrant screenshots / embarrising content that i make here
- true-anon : a full anonymous account for my(some) extreme thoughts, trigger content and explicit researches
my current twitter feed is a mix of first 2, but making 2 seperate accounts might give me more freedom(the level of devrant) to express myself than what i do now (as my followers are also interesting people but mostly related to tech)
guess i should move my tech content there than my personal content.
------------------------------
#4
making an early opinion about something should only be done to research for truth/content/conversion/hype . final opinion should always be made after you trust something with a research. for eg, initial opinion of Elon Musk was he being a bad guy, but now after seeing his crazy ideas and approach towards twitter, he looks like someone who can truly make it a money minting machine.
------------------------------
#5
A simple perception towards making money as not being a bad thing does wonders at a management level and life .
liberal opinion of twitter layoff and later changes were emotional and blaming, but thinking from a business approach, his company partners(and whoever he likes) now have special golden badges to feel like VVIP and have an orgasm, while he gave a dummy melon to every person on earth to pay for feeling like a VIP and have an orgasm.
a brilliant tactic to make money without anyone calling the minting of money as BAD. genius
------------------------------
#6
was randomly checkin Insta, saw an ex-collegue share a random deep thought quote, and i realised that i might have known her for just a week or 2 in college, but she had a very nice nature.
However, she was the daughter of a very rich ass dad and had almost everything in life. she gave a bit spoilt(for me) look, like someone who did ciggs or drink, but her talks then and our chats later just on chat gave me a very nice hustler vibe (the type of people i like: hustling and professional)
I indirectly asked her on a date and she agreed. so, this is something very interesting for me, as i am hopelessly single and full of judgemental opinions/ strict rules. share your tips and notes on how to have a successful date, and stuff that one must NOT do . much grateful if you do not come under rule 29 of internet and share your POV -
waste a few hours trying to debug shit im working on a feature branch, only to check main branch and it turns out somebody else broke main but the dev environment i'm piggy backing on using is cutting edge
i now miss having a separate individual dev environment to use, but i suppose id lose on some perks probably -
Working with nightly builds and concept tech is such a fucking hassle...
I'm currently working on a WebAssembly proof of concept where I need to generate a unique id, but since threading is currently not supported (rust and webassembly) I cant use half of the libraries currently out.
And the ones that does work... guess what... are not compatible with the nightly build of the compiler I'm using for Rust. Just fucking end me.
The legit only workaround I can find is to make a server request and get the unique id from there... piece of cunt software...I need a break 😑 -
I said that already, but still: ACM Queue is THE only dev content source you’ll ever need.
I know everyone is sick of AI topics already, so, here’s the brilliant article called “Cargo Cult AI”: https://queue.acm.org/detail.cfm/.... Sharing it because I’m even more sick of AGI doomers. -
Not coding rant
I forgot my student ID today and was trying to enter a building.
Called my friend to swipe me in
Security: nah you can't do that
Me: why, I'm a student here
Security: Weill that student id only shows that he is a student
Me: I can provide you my student ID number and state ID
Security: no, either you go get a new student ID now, or you can't enter the building
Wtf? I've asked other people to swipe me in before and the security didn't day shit
I went home and filed a report against that guy
Straight up abusing his power7 -
So I recently released a new android application on the play store and for some flipping reason it cannot be opened on any device it installs on. The application was approved by google and published and everything. You can find it here: https://play.google.com/store/apps/...
Issue is, when you install this, the play store only shows the option to uninstall it and not open it. Weirder yet, it can’t be found in any application drawer either. I don’t get if this is a valid feature or what but idk what to change in my code to fix this. Sadly so, there’s no online article on this exact issue. I don’t get how to fix it, so any help is appreciated12 -
(tldr: are foriegn keys good/bad? Can you give a simple example of a situation where foriegn keys were the only and/or best solution?)
i have been recently trying to make some apps and their databases , so i decided to give a deeper look to sql and its queries.
I am a little confused and wanted to know more about foreign keys , joins and this particular db designing technique i use.
Can anyone explain me about them in a simpler way?
Firstly i wanted to show you this not much unheard tecnique of making relations that i find very useful( i guess its called toxi technique) :
In this , we use an extra table for joining 2 tables . For eg, if we have a table of questions and we have a table of tags then we should also have a table of relation called relation which will be mapping the the tags with questions through their primary IDs this way we can search all the questions by using tag name and we can also show multiple tags for a question just like stackoverflow does.
Now am not sure which could be a possibile situation when i need a foriegn key. In this particular example, both questions and tags are joined via what i say as "soft link" and this makes it very scalable and both easy to add both questions and new tags.
From what i learned about foriegn keys, it marks a mandatory one directional relation between 2 tables (or as i say "hard a to b" link)
Firstly i don't understand how i could use foriegn key to map multiple tags with a question. Does that mean it will always going to make a 1to1 relationship between 2 tables( i have yet to understand what 11 1mant or many many relations arr, not sure if my terminology is correct)
Secondly it poses super difficulty and differences in logics for adding either a tag or question, don't you think?
Like one table (say question) is having a foreign key of tags ID then the the questions table is completely independent of tag entries.
Its insertion/updation/deletion/creation of entries doesn't affect the tags table. but for tag table we cannot modify a particular tag or delete a tag without making without causing harm to its associated question entries.
if we have to delete a particular tag then we have to delete all its associated questions with that this means this is rather a bad thing to use for making tables isn't it?
I m just so confused regarding foriegn keys , joins and this toxi approach. Maybe my example of stack overflow tag/questions is wrong wrt to foreign key. But then i would like to know an example where it is useful5 -
Calling QA/ Test managers for help !
Im a junior dev at a company where im slowly transitioning into also being our test lead. I just got my ISTQB foundation and im starting to write out the test strategy for our company.
Currently we’r doing alot of reactice testing, and to implement more proactive testing i wanted to implement a risk strategy as well.
Problem is that i feel this strategy takes too much time for our organization (doing risk analysis for each story we’r implementing just isnt possivle) , and we don’t have time for me actinh as a full time Test manager while also doing software dev tasks.
Question is: what good proactive strategies can we implement that doesnt require too much time investment - or could we use risk strategy only for specific stories implemented / custom orders / etc and stick with a reactive strategy solely ?
Later this yesr ill be sent on ISTQB test manager course to better qualify my position but until then id really want to get a test strategy somewhat implemented
Any help is MUCH appriciated!10 -
currently I'm feeling like a overheated gatling gun....
We'll finish at the weekend a year plus of work.
Should I be happy? Maybe.
But currently it's just frustration cause the whole week was satanic prep work.
Lots of fsicking boring shit, planning, migraine, connecting the dots.
I wish you'd get a nice dose of "fuck everything" medicine at the work for weeks like that.
Remember the chewing gum dispenser from your childhood?
Like that. ID card in. Fun pills out.
(If drugs were only without side effects and addiction.... ) -
Update on my "remote internship" (see my post history):
Asked my co-workers (overseas) for help yesterday evening. They completely ignored my slack messages in our teams channel, not even an acknowledgement of my message. It was only after i followed up this morning that they said "sorry don't really know" (this is right before they all go home).
Then, when i get into the office, two teams push broken code to master so I'm left dealing with that until almost lunch. After lunch, I try to work on my other task, but realise i dont remember anything since it's been two weeks since i worked on it. (I got pulled off for "high priority" stuff that apparently my team can't take 5 min to help me with.)
Finally get back in the zone on my old task, remembered id been stuck on that and needed to talk to the rest of team (Who are sleeping at this point).
Not sure what to do for the rest of the day. -
Function in my Dao file is:
@Query("SELECT * from appData WHERE type = :type ORDER BY id DESC")
fun getData(type: String): Flow<List<AppData>>
The database contains a column of automatically generated int primary key 'id', a column of string named 'type', and another string column named 'content'.
A Part of code from my composable function is:
val currentRetrievedDate: Date = Date()
val currentDate: String = SimpleDateFormat("dd-MM-yyyy").format(currentRetrievedDate)
var lastDateObjectList by remember { mutableStateOf(emptyList<AppData>()) }
LaunchedEffect(streakCounterViewModel) {
coroutineScope {
streakCounterViewModel.appDataRepository.getDataStream("lastDate")
.collect { newDataList ->
lastDateObjectList = newDataList as List<AppData>
}
}
}
if (lastDateObjectList.size>1){/*TODO*/
for (i in 1 until lastDateObjectList.size){
LaunchedEffect (Unit){
streakCounterViewModel.deleteData(id = lastDateObjectList[i]!!.id,
type = lastDateObjectList[i]!!.type,
content = lastDateObjectList[i]!!.content)
}
}
}
val lastDateObject: AppData?/* = lastDateObjectList[0] ?: null*/
lastDateObject = if (lastDateObjectList.isNotEmpty())
lastDateObjectList[0]
else null
var lastDate = lastDateObject?.content ?: "00-00-0000"
var currentStreakObjectList by remember { mutableStateOf(emptyList<AppData>()) }
LaunchedEffect(streakCounterViewModel) {
coroutineScope {
streakCounterViewModel.appDataRepository.getDataStream("currentStreak")
.collect { newDataList ->
currentStreakObjectList = newDataList as List<AppData>
}
}
}
if (currentStreakObjectList.size>1){
for (i in 1 until currentStreakObjectList.size){
LaunchedEffect (Unit){
streakCounterViewModel.deleteData(id = currentStreakObjectList[i]!!.id,
type = currentStreakObjectList[i]!!.type,
content = currentStreakObjectList[i]!!.content)
}
}
}
val currentStreakObject: AppData?/* = currentStreakObjectList[0] ?: null*/
currentStreakObject = if (currentStreakObjectList.isNotEmpty())
currentStreakObjectList[0]
else null
var currentStreak = currentStreakObject?.content ?: "0"
In this code, the last login time and last streak of user is already saved, we just have to fetch the data from the local database, make sure that there are not more than 1 occurrences of same data type in the database, and then use that data. But this, instead of using the database values, uses 00-00-0000 as the lastDate, and uses "0" as the currentStreak (which should only be used for the first not, and in some rare situations only), and is not able to retrieve data from the database properly.
The data saving and updating logic is working fine, but only the retrieval part is causing some issue.
The complete project is also uploaded on github: at HealthEase repo of tauqirnizami4 -
oh dear the stocktaking i did (maybe am still doing? don't know whether it's done yet🤷) with my dad for his little shop😩
his pc/office skills had begun with microsoft excel (he taught me how to use a pc all together) ... and have stopped there. Excel for almost everything. To be fair, he uses PCs like a normal user and isn't of that metier, ok fine🤷.
but when i saw the table he uses, which he copied over the years from the previous versions (still ok), i quickly found out that his table entries were written by him FOR HIM. it was very hard for me to help him (he tells me the article he sees in his storage, i have to include, so i look it up in the table and do stuff) as he had nicknames for his articles that only he associated with😐.
next he prints out a list a company has given to him where he buys some products from, which is ordered by id number ... my dad works with the correspnding names instead so of course all product names are random😑, so every time i need a price for an article he has to scan every list item. you've guessed it, n² search😪😒.
i tell him multiple times to call the company and send him a list in alphabetical order but he refuses as "we've almost finished" ... 🙄 (i'm not allowed to ask for him, as the company will only talk with the responsible one😑)
so I'm tied to a pc, talking to my dad over phone, who has to walk around and has to help me very often to find the article he's meaning to, at the end, do a n² search to add all the prices....😩
I absolutely want to help him automate things for sanity's sake🤔😅
install databases, connect via internet, connect to companies databases for up-to-date prices etc., make some desktop/web app/i don't know for fast access and boom...
and i don't even know where to start and where to find the time for it and whether it's even all possible😅🤔😐🤷