TLDR : I left a company which doesn't understand the concept of email id and passwords.

Me (trying to login to the alumni website) *no register user option*

Customer support - you've to click on forgot password to create an account.
Me - Wonderful

*clicks on reset password*
*enters employee id, name, email, father's name, DOB, date of joining , date of leaving, current city because apparently if I just enter my employee id it is as if they never knew me. Sigh*
*your password will be sent to your email id*

Me - okay. *waits for two weeks because I assumed someone will manually go and create my account and email me, considering the state of system. *

After two weeks,

Me - I still haven't received my password on email after I created my account. Can you please check?

After one week,

Customer support - you need to click on forget password if you forgot your password.

Me - *inventing new curse words* I have not forgot my password, I never received it in the first place!

After one week,
Customer support - yes you'll receive your password on your email id.

Me - *runs out of curse words* seriously dude?
* proceeds to reset password*
System - your password has been reset. Your new password will be sent to your email id. *apparently anyone can reset passwords if you have the employee id, which is an integer*

After a week

Me - Am I going to ever receive the password? I've tried generating passwords, resetting my password. I never get my passwords. What should I do!!

Customer support - yes you need to click on Forgot password.

Me - are you fucking kidding me!!!
You fuckers need to be fired and replaced by a FAQ page which has no question and just a single answer, because a peanut has higher IQ than you. For any questions you may have, just reset password. Goddammit idiots!
Also, which email id are you sending my passwords to?

Customer support - myname@oldcompany.com

Me - you do realize that this is the alumni website for the company. Alumni means ex members.
Being ex members, you can assume we don't have access to our company email ids obviously?

Customer support - yes.

Me - how am I supposed to get the password using my old email id then?

Customer support - you need to click on forgot password option.

I think I should probably move to the Himalayas for my anger management issues. Plus it'll be probably easier to throw idiots off a mountain.

Fuck today was weird.

Today I received almost half a million on my bank account. 😯

Someone changed the ancient cryptic billing system. My user account at work has id 32 in the database, and the dev referenced the size of the creditor id instead of the of the value of the ids itself, and they're u32 ints... So ALL the money moving through our platform was accidentally transferred to my associated bank account.

For all the unit tests we have, this bug tumbled right through.

And no one at finances thought a transfer that big, to a backend dev they know by name, was suspicious — with almost no money going to other creditors...

That worries me a bit. The fact that this shit can happen, even at high test coverage, just because someone mindlessly did a wrong autocomplete or something.

Of course I will send it back... after two weeks and a few hundred € of interest.

I’m a senior dev at a small company that does some consulting. This past October, some really heavy personal situation came up and my job suffered for it. I raised the flag and was very open with my boss about it and both him and my team of 3 understood and were pretty cool with me taking on a smaller load of work while I moved on with some stuff in my life. For a week.

    Right after that, I got sent to a client. “One month only, we just want some presence there since it’s such a big client” alright, I guess I can do that. “You’ll be in charge of a team of a few people and help them technically.” Sounds good, I like leading!

    So I get here. Let’s talk technical first: from being in a small but interesting project using Xamarin, I’m now looking at Visual Basic code, using Visual Studio 2010. Windows fucking Forms.

    The project was made by a single dev for this huge company. She did what she could but as the requirements grew this thing became a behemoth of spaghetti code and User Controls. The other two guys working on the project have been here for a few months and they have very basic experience at the job anyways. The woman that worked on the project for 5 years is now leaving because she can’t take it anymore.

    And that’s not the worse of it. It took from October to December for me to get a machine. I literally spent two months reading on my cellphone and just going over my shitty personal situation for 8 hours a day. I complained to everyone I could and nothing really worked.

    Then I got a PC! But wait… no domain user. Queue an extra month in which I could see the Windows 7 (yep) log in screen and nothing else. Then, finally! A domain user! I can log in! Just wait 2 extra weeks for us to give your user access to the subversion rep and you’re good to go!

    While all of this went on, I didn’t get an access card until a week ago. Every day I had to walk to the reception desk, show my ID and request they call my boss so he could grant me access. 5 months of this, both at the start of the day and after lunch. There was one day in particular, between two holidays, in which no one that could grant me access was at the office. I literally stood there until 11am in which I called my company and told them I was going home.

    Now I’ve been actually working for a while, mostly fixing stuff that works like crap and trying to implement functions that should have been finished but aren’t even started. Did I mention this App is in production and being used by the people here? Because it is. Imagine if you will the amount of problems that an application that’s connecting to the production DB can create when it doesn’t even validate if the field should receive numeric values only. Did I mention the DB itself is also a complete mess? Because it is. There’s an “INDEXES” tables in which, I shit you not, the IDs of every other table is stored. There are no Identity fields anywhere, and instead every insert has to go to this INDEXES table, check the last ID of the table we’re working on, then create a new registry in order to give you your new ID. It’s insane.

   

    And, to boot, the new order from above is: We want to split this app in two. You guys will stick with the maintenance of half of it, some other dudes with the other. Still both targeting the same DB and using the same starting point, but each only working on the module that we want them to work in. PostmodernJerk, it’s your job now to prepare the app so that this can work. How? We dunno. Why? Fuck if we care. Kill you? You don’t deserve the swift release of death.

    Also I’m starting to get a bit tired of comments that go  ‘THIS DOESN’T WORK and ‘I DON’T KNOW WHY WE DO THIS BUT IT HELPS and my personal favorite  ‘??????????????????????

Ever wanted cheat codes to devRant? Well, that's weird. But here you go, I guess.

Since the avatars do not use any external assets (Such as images), all avatars are generated. To be friendly to people who want to make third-party devRant clients (such as devRantron), avatars are generated server-side, so that the assets don't need to be distributed, and third-party programmers don't need to work out rendering avatars.

But this allows you to cheat a little.

The devRant avatars API works like this: you request a really long URL from the API, specifying the IDs of each cosmetic item the user has active, and it returns a PNG file. But you don't need an auth token to generate an avatar (which makes sense), so the avatar API is essentially a sandbox you can play around with if you have the time and patience.

You can write a really good avatar previewer with this knowledge, and see your avatar with a white tiger, even if you don't have the ++s

My biggest dev blunder. I haven't told a single soul about this, until now.

👻👻👻👻👻👻

So, I was working as a full stack dev at a small consulting company. By this time I had about 3 years of experience and started to get pretty comfortable with my tools and the systems I worked with.

I was the person in charge of a system dealing with interactions between people in different roles. Some of this data could be sensitive in nature and users had a legal right to have data permanently removed from our system. In this case it meant remoting into the production database server and manually issuing DELETE statements against the db. Ugh.

As soon as my brain finishes processing the request to venture into that binary minefield and perform rocket surgery on that cursed database my sympathetic nervous system goes into high alert, palms sweaty. Mom's spaghetti.

Alright. Let's do this the safe way. I write the statements needed and do a test run on my machine. Works like a charm 😎

Time to get this over with. I remote into the server. I paste the code into Microsoft SQL Server Management Studio. I read through the code again and again and again. It's solid. I hit run.

....

Wait. I ran it?

....

With the IDs from my local run?

...

I stare at the confirmation message: "Nice job dude, you just deleted some stuff. Cool. See ya. - Your old pal SQL Server".

What did I just delete? What ramifications will this have? Am I sweating? My life is over. Fuck! Think, think, think.

You're a professional. Handle it like one, goddammit.

I think about doing a rollback but the server dudes are even more incompetent than me and we'd lose all the transactions that occurred after my little slip. No, that won't fly.

I do the only sensible thing: I run the statements again with the correct IDs, disconnect my remote session, and BOTTLE THAT SHIT UP FOREVER.

I tell no one. The next few days I await some kind of bug report or maybe a SWAT team. Days pass. Nothing. My anxiety slowly dissipates. That fateful day fades into oblivion and I feel confident my secret will die with me. Cool ¯\_(ツ)_/¯

Example #1 of ??? Explaining why I dislike my coworkers.

[Legend]
VP: VP of Engineering; my boss’s boss. Founded the company, picked the CEO, etc.
LD: Lead dev; literally wrote the first line of code at the company, and has been here ever since.
CISO: Chief Information Security Officer — my boss when I’m doing security work.

Three weeks ago (private zoom call):
> VP to me: I want you to know that anything you say, while wearing your security hat, goes. You can even override me. If you need to hold a release for whatever reason, you have that power. If I happen to disagree with a security issue you bring up, that’s okay. You are in charge of release security. I won’t be mad or hold it against you. I just want you to do your job well.

Last week (engineering-wide meeting):
> CISO: From now on we should only use external IDs in urls to prevent a malicious actor from scraping data or automating attacks.
> LD: That’s great, and we should only use normal IDs in logging so they differ. Sounds more secure, right?
> CISO: Absolutely. That way they’re orthogonal.
> VP: Good idea, I think we should do this going forward.

Last weekend (in the security channel):
> LD: We should ONLY use external IDs in urls, and ONLY normal IDs in logging — in other words, orthogonal.
> VP: I agree. It’s better in every way.

Today (in the same security channel):
> Me: I found an instance of using a plain ID in a url that cancels a payment. A malicious user with or who gained access to <user_role> could very easily abuse this to cause substantial damage. Please change this instance and others to using external IDs.
> LD: Whoa, that goes way beyond <user_role>
> VP: You can’t make that decision, that’s engineering-wide!

Not only is this sane security practice, you literally. just. agreed. with this on three separate occasions in the past week, and your own head of security also posed this before I brought it up! And need I remind you that it is still standard security practice!?

But nooo, I’m overstepping my boundaries by doing my job.

Fucking hell I hate dealing with these people.

- Take a course called "Mobile Application Development"
- Teacher is new and is thus lost on how things work because there is no formal training for them
- Teacher only knows Objective-C so that's all we're allowed to use
- Nobody owns a Mac and I think one or two people had an iPhone/iPad
- Only 4 public Mac computers are available to the school
- One to two people are on them frequently, limiting our time on them as well
- Not a part of the schools normal imaging and updating system, so we get to do it ourselves, which takes up like a week or two of classes (4 classes)
- This includes installing XCode and getting Apple IDs
- No real instructions are given besides "implement the APIs for Facebook, Twitter, and Google Maps into an app"
- Being an ass, for the final day instead of showing off the app we made I made a PowerPoint of my dislike of Objective-C and various struggles I ran into and how I decided not to make the app at all.
- shrug emoji

Root encounters HR at her new job.

So, I left my job a few weeks ago. I was pretty sad about it, so I didn't want to write anything about it. It was a great place to work, with great managers, decent coworkers, and interesting work. I also had free reign over how I built things, what to improve, etc. Within about four months, I authored over half of the total commits on their backend repo, added a testing suite with 90% coverage, significantly improved the security (more accurately: added security), etc. but I got a job offer that allowed me to work remotely, and make well over six figures (usd). I couldn't turn it down, even though I wanted to. So, I left. I'm still genuinely sad about that. I had emotions and everything. 🙁 I stayed on long enough to finish the last of the features for their new product launch, and make sure everything was stable. I'm welcome back whenever, though they don't want to have remote employees, and I want to move, so. that's probably not going to happen. sigh.

Anyway, I started my new job this week. Rented an office (read: professional closet) and everything! It's been veritable mountains of HR paperwork so far. That's all I've done besides some accounts setup. I've seriously only worked on and completed one ticket so far in two and a half days, and I still have six documents/contracts to sign! (and benefits; that'll probably take my weekend.)

But getting an I9 thing notarized? Apparently I only have three days before I'm legally unemployable by them or something, idk. HR made it sound ridiculously dire and important, and reminded me like five or more times. I figured it was just some notary service; that takes like 10 minutes, right? So I put it off until my second day so I didn't have to disappear in the middle of my first day. Anyway, I called a bunch of notary services on day 2, and apparently only like 5% of them both do notary services this time of year and aren't booked full. And of those, probably another 5% will notarize I9 documents.. No idea why it's rare, but whatever, I'm not a notary.

The HR lady assured me that I didn't need any special documents; I should just go there, present my IDs, and the notary will provide or draft documents for everything else. Totally doesn't sound right, but fine; I'm not a notary nor will I ever work in HR, so I'm not very knowledgeable about this. So, against my better judgement I decided to just go anyway. I called around and finally found a place that wasn't closed, busy, or refusing, and drove over there. Waited. Waited. Waited. Notary lady was super slow in every single action. (I should mention that it's now 10am, and I have a meeting with the Senior VP of Engineering [a stern, stubborn old goat who enjoys making people feel inadequate] at 12:30pm.) The notary lady looks like she's an npc updating in slow motion (maybe at 0.25x speed?) and can't seem to understand what I need. Eventually, she tells me exactly what I had assumed: if there's no document, she can't notarize said document, and she doesn't have an I9 for the company I'm trying to work for. (like, duh.) So I thank her for proving the flow of time is variable, which she ignores in slow motion, and drive back home. It's now about 11.

I message the same HR lady, and the useless wench gawks in surprise and says she's never heard of that ridiculous request before. It took prodding to get her to respond every time, but after some (very slow) back and forth, she says she wants to call the notary personally and ask what they need. I waited around for another response that never came, and eventually just drove to the notary place again to have them notarize the required ID documents. That plus my chat history with HR should be enough to show that I bloody well tried, and HR just shit the bed instead. I finally got them notarized at like 12:10, and totally broke the speed limit the entire way to the office, found the last remaining parking spot, and made it to my office just in time for the meeting. seriously, less than two minutes to spare. Meeting was interesting (mostly about security), but totally made me facepalm, shout "Seriously!? What the hell are you thinking!?" and make slapping motions at some of the people talking. I will probably rant about that next.

But anyway, I'm willing to bet that the useless wench won't get back to me before the notary closes, if at all, and will somehow try to blame it completely on me if I bring it up again. Passive aggressive bitch. She's probably thinking: "If I don't help her with these mandatory legal processes, it'll be her fault she didn't get them done in time. I mean, they're so easy! She's just doing it wrong." I fucking hate HR.

I still miss my college days. Our crappy IT Dept restricted internet usage on campus. Each student used to get 10 GB of internet data and they used Cyberoam for login (without HTTPS). 10 GB was so less (at least for me).

Now, thanks to CS50, I learned that HTTP was not secure and somehow you can access login credentials. I spent a night figuring things out and then bam!! Wireshark!!!!

I went to the Central Library and connected using Wireshark. Within a matter of minutes, I got more than 30 user ids and passwords. One of them belonged to a Professor. And guess what, it had unlimited data usage with multiple logins. I felt like I was a millionaire. On my farewell, I calculated how much data I used. It was in TBs.

Lesson: Always secure your URLs.

!!privacy
!!political

I had a discussion with a coworker earlier.

I owed him for lunch the other day, and he suggested I pay him back either with cash (which I didn't have), Venmo, or just by him lunch the next time (which I ended up doing).

I asked about Venmo, and he said it was like paypal, but always free. that sounded a bit off -- because how are they in business if it's always free? -- so I looked it up, and paid special attention to their privacy policy.

The short of it: they make money by selling your information. That's worth far more than charging users a small fee when sending $5 every few weeks. Sort of what I expected when I heard "always free," but what surprised me is just how much they collect. (In retrospect, I really shouldn't have been surprised at all...)

Here's an incomplete list:
* full name, physical address, email, DoB, SSN (or other government IDs, depending on country)
* Complete contact list (phone numbers, names, photos)
* Browser/device fingerprint
* (optional) Your entire Facebook feed and history
* (optional) all of your Facebook friends' contact info
* Your Twitter feed
* Your FourSquare activity
(The above four ostensibly for "fraud prevention")
* GPS data
* Usage info about the actual service
* Other users' usage info (e.g. mentioning you)
* Financial info (the only thing not shared with third parties)

Like, scary?

And, of course, they share all of this with their parent company, PayPal. (The privacy policy does not specify what PayPal does with it, nor does it provide any links that might describe it, e.g. PayPal's "info-shared-by-third-parties" privacy policy)

So I won't be using Venmo. ever.

I mentioned all of this to my coworker, and he just doesn't understand. at all. He even asks "So what are they going do with that, send me ads? like they already do?"

I told him why I think it's scary. Everything from them freely selling all of your info, to someone being able to look through your entire online life's history, to being able to masquerade around as you, to even reproducing your voice (e.g. voice clips collected by google assistant), to grouping people by political affiliations.

He didn't have much to say about any of them, and actually thought the voice thing was really cool. (All I could think of was would happen if the "news" had that ability....) All of his other responses were "that doesn't bother me at all" and/or "using all of these services is so convenient."

but what really got me was his reaction to the last one.

I said, "If you're part of the NRA, for example, you'd be grouped with Republicans. If they sell all of this information, which they do, and they don't really care who buys it or what they do with it... someone could look through the data and very very easily target those political groups."

His response? "I don't have to worry about that. I'm a Democrat, and have always voted Democrat. I'll tell anyone that."

Like.
That's basically saying every non-democrat is someone you should be wary of and keep an eye on. That's saying Democrats are the norm and everyone else is deviant and/or wrong.

and I couldn't say anything after this because... no matter what I said, it would start a political conflict, and would likely end with me being fired (since the owner is also a democrat, and they're very buddy-buddy). "What if they target democrats?" -> "They already do!" or "What if democrats use it against others?" -> "They deserve it for being violent and racist, but we never would" (except, you know, that IRS/tea-party incident for example...)

But like, this is coming from someone who firmly believes conservatives are responsible for all of the violence and looting and rioting and mass shootings in the country. ... even when every single instance has been by committed by democrats. every. single. one.

Just...
jfl;askjfasflkj.

He doesn't understand the need for privacy, and his world view is just... he actually thinks everyone with different beliefs is wrong and dangerous.

I don't even know how to deal with people like this. and with how prevalent this mindset is... coupled with the aforementioned privacy concerns... it's honestly *terrifying.*

You know what I realized we should always say no for demo driven application development.

We should always ask for enough time do a proper development and if its not enough, shouldn’t write a single line.

Because once we deliver a working demo. Its release ready for them because its FUCKING WORKING..

And trying to explain why this is just a demo and cant be put to production is even bigger pain in the ass than saying no in the beginning.

LESSON LEARNED .

Gotta love clients which ask you for a quote to expand the system you did for them, then a week or two later "accidentally" found some cheap absolutely garbage dev that made it for 1/5th of your price and during all that destroyed half your work, by e.g. replacing uuids with just ids, making the system now leak how many users there is, all their user saved content, allowing to just increment through them all, also then acting surprised when I decline any further work with them.

Then theres also clients that even after explaining all physical or software limitations, act like you should be a core developer and just fix that, for fucks sake you were using freaking excel sheets before, be happy with any possible change.

Walked into the office in the afternoon, everyone was kinda panicking
Asked what was going on, well, the ticket system is not working anymore, can't put in any new tickets.
So I started to look for the issue as well, checked the system and... The last tickets' IDs were at ~32k. Ha. Looked into the source code and, sure enough, they used a data type with an upper limit of... 32k. So when trying to get a new ticket ID it just crashed and burned.
Quickly changed the data type and stopped the office panic in around half an hour.
Memorable not because of how tough the bug was, but because of the impact and the simplicity of the fix

So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)

Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.

Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.

Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.

It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.

I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.

So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.

I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.

Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.

An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:

"please reenter card number to validate."

Bupkiss. Dead end.

OR SO YOU WOULD THINK.

One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:

"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"

One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:

With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.

So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.

Long story short, I'm unofficially the hacker at our office... Story time!

So I was hired three months ago to work for my current company, and after the three weeks of training I got assigned a project with an architect (who only works on the project very occasionally). I was tasked with revamping and implementing new features for an existing API, some of the code dated back to 2013. (important, keep this in mind)

So at one point I was testing the existing endpoints, because part of the project was automating tests using postman, and I saw something sketchy. So very sketchy. The method I was looking at took a POJO as an argument, extracted the ID of the user from it, looked the user up, and then updated the info of the looked up user with the POJO. So I tried sending a JSON with the info of my user, but the ID of another user. And voila, I overwrote his data.

Once I reported this (which took a while to be taken seriously because I was so new) I found out that this might be useful for sysadmins to have, so it wasn't completely horrible. However, the endpoint required no Auth to use. An anonymous curl request could overwrite any users data.

As this mess unfolded and we notified the higher ups, another architect jumped in to fix the mess and we found that you could also fetch the data of any user by knowing his ID, and overwrite his credit/debit cards. And well, the ID of the users were alphanumerical strings, which I thought would make it harder to abuse, but then realized all the IDs were sequentially generated... Again, these endpoints required no authentication.

So anyways. Panic ensued, systems people at HQ had to work that weekend, two hot fixes had to be delivered, and now they think I'm a hacker... I did go on to discover some other vulnerabilities, but nothing major.

It still amsues me they think I'm a hacker 😂😂 when I know about as much about hacking as the next guy at the office, but anyways, makes for a good story and I laugh every time I hear them call me a hacker. The whole thing was pretty amusing, they supposedly have security audits and QA, but for five years, these massive security holes went undetected... And our client is a massive company in my country... So, let's hope no one found it before I did.

One step through the door my wife whips around, a look so disgusted she barely seems human. "What's that smell?" she cries. "It's you! You smell like...like bad code!"

Indeed, I am covered with the scent of the forbidden love child of a man who read half a chapter on if-then statements and then pushed out into the world, earthworm-like, a mangled misshapened gelatinous mass that my employer gave the title of line-of-business application purely out of pity.

For more days than I'd like to count I have been porting a ColdFusion 5 application to .NET. Initially written in 2000 and last touched in 2006, it has a data architecture comparable to Dresden after the second world war. It features a table solely comprised of seven columns of IDs so that joins can be made between other tables lacking a common key. Columns that should be contained within a single table spread out among multiple tables. Single columns containing data that should be multiple columns (with handy flags to separate the subsets). A view with 14 joins that playfully displays unintended results. And so much more spread out over almost 200 stored procedures, views, triggers, and tables on the SQL server, and dozens of additional ADO-like SQL statements within the ColdFusion itself. Fortunately, the application overcomes these issues by having absolutely no data validation while allowing nulls pretty much everywhere.

When I am done this will be a very nice ASP.NET MVC app with at least 150 less stored procs, views, and tables. Auto-generated duplicate entries will be a thing of the past. Pop-up windows that inexplicably refresh the underlying screen to display a different part of the program than the one the user wants will be eliminated. And a UI based on the colors of a Rubik's Cube with usability that Mr. Rubik would find challenging will disappear with only the trauma of using it left behind.

Sadly, this is not my worse legacy code experience. Just the most recent. Just the most recent stench added to a lifetime of bathing in code rot.

Recently my company worked in project with a big international company which uses a crazy framework to build a part of there webpage. This framework only used random IDs and class names and not even different html elements. And to completely freak out all elements are positioned absolute and on every change the whole page go rendered.

Why the fuck would people use non English html classes and IDs, or just randomly mix languages. Please don't fucking do this

Looking into a helper class written by someone who was clearly not a master of their craft. The class deals with some string IDs...

public getIDPosition1(String id){
return id.substring(0,1);
}

So far so useless. But it gets better. What is declared immediately below the above method?

public getIDPosition2(String id){
return id.substring(1,2);
}

And below that? You guessed it:

public getIDPosition3(String id){
return id.substring(2,3);
}

This continues to position 10.... -.-

Working on a database priorly designed and maintained by some private agency.

The fuck I'm dealing with!

Boolean values stored as 'TRUE'/'FALSE'. It's varchar, my dudes.

There are no FK relations. Just the values of IDs in a column.

There are no indexes, all on just the PKs, nothing else. Nothing.

Null, what's that? I'm dealing with 'N/A', my dudes.

Unique key, what's that? The table which stores users has all the fields nullable. Email is not unique ( even though that's the required behaviour).

ALL the numeric values are stored as varchar. Varchar, my dudes. Varchar. '1', '1.1'

And finally, the good ole, 1 table to rule them all. Normalisation, fuck that.

And what's the root cause of all this? My PM used to hand them Excel sheets she maintains on her local system. FTW. I don't have a enough explanations.

What a fucking day!
So some many years ago, we placed a small and useful piece of code into a MySQL Query, which prefixes the order ids with a string and returns the value.

Basically

SELECT
CONCAT(“ORDER_PREFIX”, LPAD(order.id,5,’0’) AS order_reference

Now many years ago when this was a simple solution to a system that wasn’t expected to be running today, all went well, except today.... today that fucking line exceeded 5 digits
😓😍😓

I don’t know if I should be ashamed, or happy right now, a totally unfuture proof query that just rolled that little too far, or the fact that I’ve watch 100k orders role through this system.

Now for the clean up crew to do their job.... oh 🙁 that’s me too.

Now this doesn’t affect the order ids... so that’s something but external systems rely on that guy 😭

Oh God, When your boss is reviewing your code and he pauses to take some meds.

Never heard of a so terribly designed online game.

For starters: the client-server model is process everything on the client, then save it on the server, and due to the nature of the site design, simply changing a tag will give you another of money.

The PayPal processing system doesn't read any headers or anything of that sort. So if you cancel your payment, this game thinks you've paid anyways.

Also, the trading system is based off of what buttons you can see so if you can see the cancel button it must be yours. So if you copy the cancel button to someones trade offering (FYI this is all done locally), and you click it you have gotten said item(s).

It gets worse, but I don't remember much more than that. The one thing they actually do is make session IDs expire.

Me trying to understand redux 🤢

Hello everyone 👋

I see people blaming the developers when you see a crappy software product , saying that they have done a bad job.

But even it could be true also it could be the product managers who didn’t give enough time todo what needs to be done or project scope is too big for the persons knowledge.

I’ve worked in a company where deadlines were so tight I didn’t have enough time to proper UI and Testing. I used to be only developer who has someone experience and I had to train the interns as well. I am also to blame to joining such company but in desperate times takes desperate measures.

And now when i’m leaving the company and I have spend 2 years of my life for apps that I’m not proud of.

Just rant. Please feel free to give ur thoughts

Me : *writes code and feel good about the result and quality *
Code reviewer : Dafuq is this shit

We don't know what one-to-many is! Instead, we convert all associated IDs to a string and join the list into a string separated by commas! Only after this absolute clownery do we save this new nice clean string to the database column! Then, when we want all associated entities, we serialize this list back into an array of IDs and retrieve them! It's clown-genius!

🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡

You know what really grinds my gears? As a junior webdeveloper (mostly backend) I try my hardest to deliver quality content and other people's ignorance is killing me in my current job.

Let's rant about a recent project I had under my hood, for this project (a webshop) I had to restructure the database and had to include validation on basicly every field (what the heck, no validation I hear you say??), apperently they let an incompetent INTERN make this f***king webshop. The list of mistakes in this project can bring you close to the moon I'd say, seriously.

Database design 101 is basicly auto incremented ID's, and using IDs in general instead of using name (among a list of other stuff obv.). Well, this intern decided it was a good idea to filter a custom address-book module based on a NAME, so it wasn't setup as: /addressbook/{id} (unique ID, never a problem) but as /addressbook/{name}, which results in only showing one address if the first names on the addresses are the same. Lots of bugs that go by this type of incompetence and ignorance. Want to hear another joke? Look no further, this guy also decided it was a great idea to generate the next ID of an order. So the ordernumber wasn't made up by the auto incremented id on the order model, but by a count of all the orders and that was the next order number. This broke so many times, unbelievable.

To close the list of mistakes off, the intern decided it was a great idea to couple the address of a user directly to an order. Because the user is able to ship stuff to addresses within his addressbook, this bug could delete whole orders out of the system by simply deleting the address in your addressbook.

Enough about my intern rant, after working my ass of and going above and beyond the expectations of the customer, the guy from sales who was responsible for it showed what an a**hole he was. Lets call this guy Tom.

Little backstory: our department is a very small part of the company but we are responsible for so much if you think about it. The company thinks we've transitioned to company wide SCRUM, but in reality we are so far from it. I think the story below is a great example of what causes this.

Anyway, we as the web department work within Gitlab. All of our issues and sprints are organized and updated within this place. The rest of the company works with FileMaker, such a pile of shit software but I've managed to work around its buggyness. Anyway, When I was done with the project described above I notified all the stakeholders, this includes Tom. I made a write-up of all the changes I had made to the project, including screenshots and examples, within Gitlab. I asked for feedback and made sure to tag Tom so he was notified of my changes to the project.

After hearing nothing for 2 weeks, guess who came to my desk yesterday? F**king tom asking what had changed during my time on the project. I told him politely to check Gitlab and said on a friendly tone that I had notified him over 2 weeks ago. He, I shit you not, blantly told me that he never looks on there "because of all the notifications" and that I should 'tell him what to do' within FileMaker (which I already had updated referencing Gitlab with the write-up of my changes). That dick move of him made me lose all respect for this guy, what an ignorant piece of shit he is afterall.

The thing that triggers me the most in the last story is that I spent so much free time to perfect the project I was working on (the webshop). I even completed some features which weren't scheduled during the sprint I was working on, and all I was asking for was a little appreciation and feedback. Instead, he showed me how ignorant and what a dick he was.

I absolutely have no reason to keep on working for this company if co-workers keep treating me like this. The code base of the webshop is now in a way better condition, but there are a dozen other projects like this one. And guess what? All writen by the same intern.

/rant :P

I am much too tired to go into details, probably because I left the office at 11:15pm, but I finally finished a feature. It doesn't even sound like a particularly large or complicated feature. It sounds like a simple, 1-2 day feature until you look at it closely.

It took me an entire fucking week. and all the while I was coaching a junior dev who had just picked up Rails and was building something very similar.

It's the model, controller, and UI for creating a parent object along with 0-n child objects, with default children suggestions, a fancy ui including the ability to dynamically add/remove children via buttons. and have the entire happy family save nicely and atomically on the backend. Plus a detailed-but-simple listing for non-technicals including some absolutely nontrivial css acrobatics.

After getting about 90% of everything built and working and beautiful, I learned that Rails does quite a bit of this for you, through `accepts_nested_params_for :collection`. But that requires very specific form input namespacing, and building that out correctly is flipping difficult. It's not like I could find good examples anywhere, either. I looked for hours. I finally found a rails tutorial vide linked from a comment on a SO answer from five years ago, and mashed its oversimplified and dated examples with the newer documentation, and worked around the issues that of course arose from that disasterous paring.

like.
I needed to store a template of the child object markup somewhere, yeah? The video had me trying to store all of the markup in a `data-fields=" "` attrib. wth? I tried storing it as a string and injecting it into javascript, but that didn't work either. parsing errors! yay! good job, you two.

So I ended up storing the markup (rendered from a rails partial) in an html comment of all things, and pulling the markup out of the comment and gsubbing its IDs on document load. This has the annoying effect of preventing me from using html comments in that partial (not that i really use them anyway, but.)

Just.
Every step of the way on building this was another mountain climb.
* singular vs plural naming and routing, and named routes. and dealing with issues arising from existing incorrect pluralization.
* reverse polymorphic relation (child -> x parent)
* The testing suite is incompatible with the new rails6. There is no fix. None. I checked. Nope. Not happening.
* Rails6 randomly and constantly crashes and/or caches random things (including arbitrary code changes) in development mode (and only development mode) when working with multiple databases.
* nested form builders
* styling a fucking checkbox
* Making that checkbox (rather, its label and container div) into a sexy animated slider
* passing data and locals to and between partials
* misleading documentation
* building the partials to be self-contained and reusable
* coercing form builders into namespacing nested html inputs the way Rails expects
* input namespacing redux, now with nested form builders too!
* Figuring out how to generate markup for an empty child when I'm no longer rendering the children myself
* Figuring out where the fuck to put the blank child template markup so it's accessible, has the right namespacing, and is not submitted with everything else
* Figuring out how the fuck to read an html comment with JS
* nested strong params
* nested strong params
* nested fucking strong params
* caching parsed children's data on parent when the whole thing is bloody atomic.
* Converting datetimes from/to milliseconds on save/load
* CSS and bootstrap collisions
* CSS and bootstrap stupidity
* Reinventing the entire multi-child / nested params / atomic creating/updating/deleting feature on my own before discovering Rails can do that for you.

Just.
I am so glad it's working.
I don't even feel relieved. I just feel exhausted.

But it's done.
finally.

and it's done well. It's all self-contained and reusable, it's easy to read, has separate styling and reusable partials, etc. It's a two line copy/paste drop-in for any other model that needs it. Two lines and it just works, and even tells you if you screwed up.

I'm incredibly proud of everything that went into this.
But mostly I'm just incredibly tired.

Time for some well-deserved sleep.

I hired a coder to write a WordPress plugin on my dev server. He no longer works for me and is unreachable. The plugin does most of what it needs to do. But when I dig into the code and the database to find what should be obvious bits of code that do obvious things? None of that code is found. Not even with a recursive directory keyword search for that should be easy to find like CSS class names and IDs. Even the data that comes from the database and that I see on the screen is not actually present in the database!!! Yet it all works. I'm pretty sure at this point the code and data reside in a parallel dimension only the coder can get to. How do I debug code that doesn't actually exist?!

Client: can you filter boats by location?
Me: Let me see... As you know, there are three remote systems that feed data into your database. I'd have to make a connection between the location records. But I can't rely on coordinates, name, ID or anything else. You'd have to manually create those links for me by remote systems records IDs. Telling me that record XY from system A is identical to record YX from system B, etc...
Client: How many records are we talking about?
Me: 504.

Three days later...

Client: Got it, is that enough for you in excel?
Me: Let me see... Very nice work, I can work with that.
Client: I almost died on it!

An hour later...

Me: Got it, test it and let's run it on the production version.
Client: It works beautifully.

A minute later...

Can we filter the ships by ports?
Me: Let me see... Yes, it's theoretically possible, but it's the same situation as with places...
Client: How many records are we talking about?
Me: 12,647.

Skype relayed to me the sound of something heavy falling, something grunting. Something dying.

dear api author at my company pt. 2:

If you're gonna create an api method that takes some arguments.

And one of those arguments is an array.

THEN MAKE THE FUCKING ARGUMENT'S NAME PLURAL YOU FUCKING PIECE OF SHIT.

REPEAT WITH ME, MOTHERFUCKER.
ARRAY, PLURAL, NON-ARRAY, SINGULAR.

I need to pass a shitload of filters for the data for this table, and for every suckin fuckin filter I need to singularize this shit. Thank god for es6.

I know this sounds like nitpick, but I swear to fucking alpha omega this guy is inconsistent as fuck.

Every time it feels like he makes up a new rule.

Sometimes I need to send arrays of ids, other times arrays of objects with an id property on each.

He uses synonyms too, sometimes it's remove, other times erase.

PICK ONE MOTHERFUCKER.

If you can't do the basic things well, then what is to expect of more advanced stuff?

Naming conventions you fucking idiot, follow them. It's programming 101.

You're already sending them as plural in the fucking response. Why change them for the request?

And that's just style, conventions.

This idiot asshole also RARELY DOES ANY FUCKING CHECK ON THE ARGUMENTS.

"Oh, you sent a required argument as null? 500"

We get exceptions on sentry UP THE ASS thanks to this useless bone container.

YOU'RE SEEING THE EXCEPTIONS TOO!!!!! 500'S ARE BUGS YOU NEED TO FIX, YOU CUMCHUGGER

And sometimes he does send 400, you know what the messages usually are?
"Validation failed".

WHYYYYYY YOU GODDAMN APATHETIC TASTELESS FUCK???
WHAT EXACTLY CAUSED THE FUCKING VALIDATION TO FAIL????

EXCEPTIONS HAPPEN AND THANKS TO YOU I HAVE NO IDEA WHY.

The worst of all... the worst of fucking all is that everytime I make a suggestion to change shit, every time, you act like you care.
You act like the api is the way it is because you designed it in a calculated manner.

MOTHERFUCKER. IF A USER HAS ONLY PRODUCT A, THEN HE SHOULDN'T BE ABLE TO ACCESS DATA FOR PRODUCT B. IT IS NOT ENOUGH TO JUST RESTRICT SHIT WITH ADMIN ROLES. IDIOT!!!!!

This is the work of someone who has no passion for programming.

This feature I'm building requires crossing over to a second application for some actions (fair, this reduces repetition), but the method used for it is kind of ridiculous.

To keep with the existing patterns, I followed suit, and added two PATCH and a DELETE routes, wrappers, and calls. (Typical CRUD + de/reactivate).

But. This freaking halfassed HTTP model doesn't support anything but POST and PUT! wtf. (Also, the various IDs, naming schemes, and required json data/formats differ across view, controller, and endpoints. but whatever?)

Two and a half hours later, and the feature is done and works wonderfully. Four times the functionality of the previous incarnation, and the code is only about 25% longer! haha.

Ahh, I'm complimenting myself again. (but somebody has to, right? 😅)

but really, when i want to get something done i'm actually surprised at how quickly it all comes together. Even when I need to patch API Guy's madness.

(and this time I actually found someone else's code in the mess! It was actually worse!)

I suppose taking a day off yesterday did me some good.

- "Hi A, we had a bug in production due to a changed category ID which we were not informed of."
- "Oh but my API just proxies the content from team B."
_____
- "Hi B, we had a bug in production due to a changed category ID."
- "Ah, I have nothing to do with category IDs, you should talk to my colleague C."
_____
- "Hi C, we had a bug in production due to a changed category ID."
- "I wish I knew anything about that, you should contact person D!"
_____
- "Hi D, we had a bug in production due to a changed category ID."
- *changes status to "Absent" on IM*

ERROR_TOO_MANY_REDIRECTS

I’m trying to add digit separators to a few amount fields. There’s actually three tickets to do this in various places, and I’m working on the last of them.

I had a nightmare debugging session earlier where literally everything would 404 unless I navigated through the site in a very roundabout way. I never did figure out the cause, but I found a viable workaround. Basically: the house doesn’t exist if you use the front door, but it’s fine if you go through the garden gate, around the back, and crawl in through the side window. After hours of debugging I eventually discovered that if I unlocked the front door with a different key, everything was fine… but nobody else has this problem?

Whatever.
Onto the problem at hand!

I’m trying to add digit separators to some values. I found a way to navigate to the page in question (more difficult than it sounds), and … I don’t know what view is rendering the page. Or what controller. Or how it generates its text.

The URL is encrypted, so I get no clues there. (Which was lead dev’s solution to having scrapeable IDs instead of just, you know, fixing them). The encryption also happens in middleware, so it’s a nightmare to work through. And it’s by the lead dev, so the code is fucking atrocious.

The view… could be one of many, and I don’t even know where they are. Or what layout. Or what partials go into building it.

All of the text on the page are “resources” — think named translations that support plus nested macros. I don’t know their names, and the bits of text I can search for are used fucking everywhere. “Confirmation number” (the most unique of them) turns up 79 matches. “Fee” showed up in 8310 places before my editor gave up looking. Really.

The table displaying the data, which is what I actually care about, isn’t built in JS or markup, but is likely a resource that goes through heavy processing. It gets generated in a controller somewhere (I don’t know the resource name so I can’t find it), and passed through several layers of “dynamic form” abstraction, eventually turned into markup, and rendered as a partial template. At least, that’s how it worked in the previous ticket. I found a resource that looks right, and there’s only the one. I found the nested macros it uses for the amount and total, and added the separators there… only to find that it doesn’t work.

Fucking dead end.

And i have absolutely nothing else to go on.

Page title? “Show”
URL? /~LiolV8N8KrIgaozEgLv93s…
Text? All from macros with unknown names. Can’t really search for it without considerable effort.
Table? Doesn’t work.
Text in the table? doesn’t turn up anything new.
Legal agreement? There are multiple, used in many places, generates them dynamically via (of course) resources, and even looking through the method usages, doesn’t narrow it down very much.

Just.
What the fuck?
Why does this need to be so fucking complicated?

And what genius decided “$100000.00” doesn’t need separators? Right, the lot of them because separators aren’t used ANYWHERE but in code I authored. Like, really? This is fintech. You’d think they would be ubiquitous.

And the sheer amount of abstraction?
Stupid stupid stupid stupid stupid.

OMFG I don't even know where to start..
Probably should start with last week (as this is the first time I had to deal with this problem directly)..

Also please note that all packages, procedure/function names, tables etc have fictional names, so every similarity between this story and reality is just a coincidence!!

Here it goes..

Lat week we implemented a new feature for the customer on production, everything was working fine.. After a day or two, the customer notices the audit logs are not complete aka missing user_id or have the wrong user_id inserted.
Hm.. ok.. I check logs (disk + database).. WTF, parameters are being sent in as they should, meaning they are there, so no idea what is with the missing ids.

OK, logs look fine, but I notice user_id have some weird values (I already memorized most frequent users and their ids). So I go check what is happening in the code, as the procedures/functions are called ok.

Wow, boy was I surprised.. many many times..
In the code, we actually check for user in this apps db or in case of using SSO (which we were) in the main db schema..
The user gets returned & logged ok, but that is it. Used only for authentication. When sending stuff to the db to log, old user Id is used, meaning that ofc userid was missing or wrong.

Anyhow, I fix that crap, take care of some other audit logs, so that proper user id was sent in. Test locally, cool. Works. Update customer's test servers. Works. Cool..

I still notice something off.. even though I fixed the audit_dbtable_2, audit_dbtable_1 still doesn't show proper user ids.. This was last week. I left it as is, as I had more urgent tasks waiting for me..

Anyhow, now it came the time for this fuckup to be fixed. Ok, I think to myself I can do this with a bit more hacking, but it leaves the original database and all other apps as is, so they won't break.
I crate another pck for api alone copy the calls, add user_id as param and from that on, I call other standard functions like usual, just leave out the user_id I am now explicitly sending with every call.
Ok this might work.

I prepare package, add user_id param to the calls.. great, time to test this code and my knowledge..

I made changes for api to incude the current user id (+ log it in the disk logs + audit_dbtable_1), test it, and check db..
Disk logs fine, debugging fine (user_id has proper value) but audit_dbtable_1 still userid = 0.

WTF?! I go check the code, where I forgot to include user id.. noup, it's all there. OK, I go check the logging, maybe I fucked up some parameters on db level. Nope, user is there in the friggin description ON THE SAME FUCKING TABLE!!
Just not in the column user_id...

WTF..Ok, cig break to let me think..

I come back and check the original auditing procedure on the db.. It is usually used/called with null as the user id. OK, I have replaced those with actual user ids I sent in the procedures/functions. Recheck every call!! TWICE!! Great.. no fuckups. Let's test it again!
OFC nothing changes, value in the db is still 0. WTF?! HOW!?

So I open the auditing pck, to look the insides of that bloody procedure.. WHAT THE ACTUAL FUCK?!
Instead of logging the p_user_sth_sth that is sent to that procedure, it just inserts the variable declared in the main package..
WHAT THE ACTUAL FUCK?! Did the 'new guy' made changes to this because he couldn't figure out what is wrong?! Nope, not him. I asked the CEO if he knows anything.. Noup.. I checked all customers dbs (different customers).. ALL HAD THIS HARDOCED IN!!! FORM THE FREAKING YEAR 2016!!! O.o

Unfuckin believable.. How did this ever work?!

Looks like at the begining, someone tried to implement this, but gave up mid implementation.. Decided it is enough to log current user id into BLABLA variable on some pck..
Which might have been ok 10+ years ago, but not today, not when you use connection pooling.. FFS!!

So yeah, I found easter eggs from years ago.. Almost went crazy when trying to figure out where I fucked this up. It was such a plan, simple, straight-forward solution to auditing..

If only the original procedure was working as it should.. bloddy hell!!

Who the fuck writes a 200 line method with 52 if/else statements, 3 try-catches, 6 loops and only 1 comment saying //Array of system records. No dipshit I thought that was a Fucking interface. What happened to the whole keep it simple notion?!

LPT: NEVER accept a freelance job without looking at the project's source first

Client: I have a project made by a company that is now abandoning it, I want you to fix some bugs

Me: Okay, can you:
1) Give me a build to test the current state of the game
2) Tell me what the bugs are
3) Show me the source
4) Tell me your budget

Client: *sends a list of 10 bugs* Here's the APK and to give you the project I'll need you to sign an NDA

Me: Sure...

*tests build*
*sees at least 20 bugs*
*still downloading source*
*bugs look quite easy to fix should be done under an hour*

Me: Okay, so, I can fix each bug for $10 and I can do 2 today

Client: Okay can you fix 8 bugs today for $40??

*sigh*

Me: No I cannot.

Client: okay then 2 today for $20 is fine, I want a refund if you can't fix them today

*sigh*

Me: Look dude, this isn't the first time I am doing this, aight? I'll fix the bugs today you can pay me after check they are done, savvy?

Client: okay

*source is downloaded*
*literal apes wrote the scripts, commented out code EVERYWHERE
Debug logs after every line printing every frame causing FPS drops, empty objects in the scene
multiple unused UI objects
everything is spaghetti*

*give up, after 2 hours of hell*
*tfw averted an order cancellation by not taking the order and telling client that they can pay me after I am done*

Attached is an image of a level object pool
It's an array with each element representing a level.
The numbers and "Final" are ids for objects in an object pool
The whole string is .Split(',') into an array (RIP MEMORY BTW) and then a loop goes through each element in the split array and instantiates the object from an object pool

Spending half a day wondering why certain DIVs refused to appear in a custom theme I was building, only to find out the reason why was because AdBlock had blocked the IDs being used.

Have kept AdBlock turned off on my primary dev machine ever since.

So I joined this financial institution back in Nov. Selling themselves as looking for a developer to code micro-services for a Spring based project and deploying on Cloud. I packed my stuff, drove and moved to the big city 3500 km away. New start in life I thought!
Turns out that micro-services code is an old outdated 20 year old JBoss code, that was ported over to Spring 10 years ago, then let to rot and fester into a giant undocumented Spaghetti code. Microservices? Forget about that. And whats worse? This code is responsible for processing thousands of transactions every month and is currently deployed in PROD. Now its your responsibility and now you have to get new features complied on the damn thing. Whats even worse? They made 4 replicas of that project with different functionalities and now you're responsible for all. Ma'am, this project needs serious refactoring, if not a total redesign/build. Nope! Not doing this! Now go work at it.
It took me 2-3 months just to wrap my mind around this thing and implement some form of working unit tests. I have to work on all that code base by myself and deliver all by myself! naturally, I was delayed in my delivery but I finally managed to deliver.
Time for relief I thought! I wont be looking at this for a while. So they assign me the next project: Automate environment sync between PROD and QA server that is manually done so far. Easy beans right? And surely enough, the automation process is simple and straightforward...except it isnt! Why? Because I am not allowed access to the user Ids and 3rd party software used in the sync process. Database and Data WareHouse data manipulation part is same story too. I ask for access and I get denied over and over again. I try to think of workarounds and I managed to do two using jenkins pipeline and local scripts. But those processes that need 3rd party software access? I cannot do anything! How am I supposed to automate job schedule import on autosys when I DONT HAVE ACCESS!! But noo! I must think of plan B! There is no plan B! Rather than thinking of workarounds, how about getting your access privileges right and get it right the first time!!
They pay relatively well but damn, you will lose your sanity as a programmer.
God, oh god, please bless me with a better job soon so I can escape this programming hell hole.
I will never work in finance again. I don't recommend it, unless you're on the tail end of your career and you want something stable & don't give a damn about proper software engineering principles anymore.

Issue reporter:
Feed from external service provider is overwriting the wrong things, pls fix

Resolution:
Service provider is sending duplicate unique IDs, you need to get with them to discuss

Service provider response:
This is a *RE-USABLE UNIQUE ID* . . . The bottom line is you should not use this UNIQUE ID as a primary key.

Came across this company when I was looking for regex for organization-ids/organization-numbers. 😂

Everyone and their dog is making a game, so why can't I?
1. open world (check)

2. taking inspiration from metro and fallout (check)

3. on a map roughly the size of the u.s. (check)

So I thought what I'd do is pretend to be one of those deaf mutes. While also pretending to be a programmer. Sometimes you make believe
so hard that it comes true apparently.

For the main map I thought I'd automate laying down the base map before hand tweaking it. It's been a bit of a slog. Roughly 1 pixel per mile. (okay, 1973 by 1067). The u.s. is 3.1 million miles, this would work out to 2.1 million miles instead. Eh.

Wrote the script to filter out all the ocean pixels, based on the elevation map, and output the difference. Still had to edit around the shoreline but it sped things up a lot. Just attached the elevation map, because the actual one is an ugly cluster of death magenta to represent the ocean.

Consequence of filtering is, the shoreline is messy and not entirely representative of the u.s.

The preprocessing step also added a lot of in-land 'lakes' that don't exist in some areas, like death valley. Already expected that.

But the plus side is I now have map layers for both elevation and ecology biomes. Aligning them close enough so that the heightmap wasn't displaced, and didn't cut off the shoreline in the ecology layer (at export), was a royal pain, and as super finicky. But thankfully thats done.

Next step is to go through the ecology map, copy each key color, and write down the biome id, courtesy of the 2017 ecoregions project.

From there, I write down the primary landscape features (water, plants, trees, terrain roughness, etc), anything easy to convey.
Main thing I'm interested in is tree types, because those, as tiles, convey a lot more information about the hex terrain than anything else.

Once the biomes are marked, and the tree types are written, the next step is to assign a tile to each tree type, and each density level of mountains (flat, hills, mountains, snowcapped peaks, etc).
The reference ids, colors, and numbers on the map will simplify the process.

After that, I'll write an exporter with python, and dump to csv or another format.

Next steps are laying out the instances in the level editor, that'll act as the tiles in question.
Theres a few naive approaches:

Spawn all the relevant instances at startup, and load the corresponding tiles.

Or setup chunks of instances, enough to cover the camera, and a buffer surrounding the camera. As the camera moves, reconfigure the instances to match the streamed in tile data.

Instances here make sense, because if theres any simulation going on (and I'd like there to be), they can detect in event code, when they are in the invisible buffer around the camera but not yet visible, and be activated by the camera, or deactive themselves after leaving the camera and buffer's area.

The alternative is to let a global controller stream the data in, as a series of tile IDs, corresponding to the various tile sprites, and code global interaction like tile picking into a single event, which seems unwieldy and not at all manageable. I can see it turning into a giant switch case already.

So instances it is.

Actually, if I do 16^2 pixel chunks, it only works out to 124x68 chunks in all. A few thousand, mostly inactive chunks is pretty trivial, and simplifies spawning and serializing/deserializing.

All of this doesn't account for
* putting lakes back in that aren't present

* lots of islands and parts of shores that would typically have bays and parts that jut out, need reworked.

* great lakes need refinement and corrections

* elevation key map too blocky. Need a higher resolution one while reducing color count
This can be solved by introducing some noise into the elevations, varying say, within one standard div.

* mountains will still require refinement to individual state geography. Thats for later on

* shoreline is too smooth, and needs to be less straight-line and less blocky. less corners.

* rivers need added, not just large ones but smaller ones too

* available tree assets need to be matched, as best and fully as possible, to types of trees represented in biome data, so that even if I don't have an exact match, I can still place *something* thats native or looks close enough to what you would expect in a given biome.
Ponderosa pines vs white pines for example.

This also doesn't account for 1. major and minor roads, 2. artificial and natural attractions, 3. other major features people in any given state are familiar with. 4. named places, 5. infrastructure, 6. cities and buildings and towns.

Also I'm pretty sure I cut off part of florida.
Woops, sorry everglades.

Guess I'll just make it a death-zone from nuclear fallout.

Take that gators!

Sign in with Apple...

* Nobody tells you that a app group can consist of a maximum of 6 apps.
* Nobody tells you that suddenly a key id is needed for constructing the signing key for signing the client_secret when other keys are added in the dev portal.
* Apple gives you email and name only (and i mean only) the first time a customer uses Sign In With Apple.
* You have no chance to reset your user during development in a way to try a fresh auth. So either create separate app ids or separate apple ids.

Sounds like fun, right?

Was exploring google foobar upon how it works and found out this strange
div:rhtext

wonder how they insert this code in html randomly.
xpath and ids are all obfuscated,unreadable

I downloaded mr robot. season1-season3. guess what? All of them downloaded in my project folder and I did `git add .` later while working. I was lucky to see it. By now I should've been looking for commit ids to revert.

!devButAlsoKindaIsDev

Alright, time to do some explanation.

TL;DR: JavaScript is a fucking nightmare. May god help every web developer out there. Essentially, I was gone because of JavaScript.

Q: where tf are you bruh
A: in your mo-uhhhhh alright, so I was chosen to be the main developer for an interactive promotional video for my school (every year the school holds something called an open day, where kids from 8th grade can come to the school and have a tour in the school first hand. Because of the coronavirus (just gonna call it “the rona” from here) this is now impossible so we are losing the interest and the first impressions so the school decided to make an interactive virtual one). They asked me if I want to do it and I said yes.

Boy, was that ever a mistake... (hint: it was a huge mistake)

So the guy who talked to me and asked if I wanted to do this was my grade’s manager, and he gave me the phone number of my PM. So we talked and stuff, and then this happened: (bruh = PM)

bruh: I’ll send you the API and documentation for the thing that we are working with! They have lots of examples and stuff and they’re Israeli too!

Me: Okay! What language are we talking about here?

bruh: JavaScript.

Me: (questioning life choices) Okay!

I didn’t write any JavaScript for the last 3 years or so. It had to be done because I promised and I can’t let down people who count at me and ask me to show where I shine.

So, what was the objective for me? Build a Firebase client that sends the user’s score and choices to Firestore after he chooses something in the interactive video (for example, go to chemistry or go to physics) while learning JavaScmeme (ECMEMEScript) as I go.

Deadline? A week and a half.

After working almost 12 hours a fucking day, I made it work. Sorta. In order to reconcile with small exceptions and edge cases in the interactive video, I had to hard-code some IDs in the code. I had no choice, since I couldn’t allow myself to spend more and more time to make my code more dynamic than it was because I simply didn’t have time. The code absolutely STINKS but it works.

Today is the day where we (aim) to finish all of the cosmetic things that we need to fix. All of them are non-essential for everything to work, but we want to make this thing presentable because we want to put this on the school’s website.

CONCLUSION:

JavaScript is literal shit. Dynamic weakly-typed languages are cursed AF and need to die in a fire.

How do you deal with massively poorly-performing and unknowledgeable teams?

For background, I've been in my current position for ~7 months now.

A new manager joined recently and he's just floored at the reality of the team.

I mean, a large portion of my interview (and his) was the existing manager explicitly warning about how much of a dumpster fire everything is.

But still, nothing prepares you for it.

We're talking things like:
- Sequential integer user ids that are passable as query string args to anonymous endpoints, thus enabling you to view the data read by that view *for any* user.
- God-like lookup tables that all manner of pieces of data are shoved into as a catch-all
- A continued focus on unnecessary stored procedures despite us being a Linq shop
- Complete lack of awareness of SOLID principles
- Actual FUD around the simplest of things like interfaces, inversion of control, dependency injection (and the list goes on).

I've been elevated into this sort of quasi-senior position (in all but title - and salary), and I find myself having to navigate a daily struggle of trying to not have an absolute shit fit every time I have to dive into the depths of some of the code.

Compounded onto that is the knowledge that most of the team are on comparable salaries (within a couple thousand) of mine, purely owing to length of service.

We're talking salaries for mid-senior level devs, for people that at market rates would command no more (if even close) than a junior rate.

The problem is that I'm aware of how bad things are, but then somehow I'm constantly surprised and confronted with ever more insane levels of shitfuckery, and... I'm getting tired.

It's been 7 months, I love the job, I'm working in the charity sector and I love the fact that the things I'm working on are directly improving people's lives, rather than lining some fintech fatcat's pockets.

I guess this was more a rant than a question, and also long time no see...

So my question is this:

- How do you deal with this?
- How do you go on without just dying inside every single day?

Developing a notification API, sends emails to subscribers, email API can take only 100 IDs at once, so partitioned the email list and send mails in blocks of 100.

Forgot to reset the list after every block, so each new partition got appended to the existing list and kept going on.

Ran it against a test DB, which was recently refreshed with near-prod data !!! Thousands of emails went out of the app server in one shot and everybody receiving numerous duplicate emails. Especially the ones in the very first partition.

Got an incident raised by the CEO himself reg the flurry of emails. But, things were out of our hands, quite literally. All emails are queued up in the exchange server.

Called up the exchange server team, purged​ the queued emails. No other emails were sent/received during this whole episode.

Thanks to Iterables.partition in the present day.

Saw this email today from dev.to
Didn't know, they assign new account IDs by "SPAM_XXX" :/

Oh boy I got a few. I could tell you stories about very stupid xss vectors like tracking IDs that get properly sanitized when they come through the url but as soon as you go to the next page and the backend returns them they are trusted and put into the Dom unsanitized or an error page for a wrong token / transaction id combo that accidentally set the same auth cookie as the valid combination but I guess the title "dumbest" would go to another one, if only for the management response to it.

Without being to precise let's just say our website contained a service to send a formally correct email or fax to your provider to cancel your mobile contract, nice thing really. You put in all your personal information and then you could hit a button to send your cancelation and get redirected to a page that also allows you to download a pdf with the sent cancelation (including all your personal data). That page was secured by a cancelation id and a (totally save) 16 characters long security token.

Now, a few months ago I tested a small change on the cancelation service and noticed a rather interesting detail : The same email always results in the same (totally save) security token...
So I tried again and sure, the token seemed to be generated from the email, well so much about "totally save". Of course this was a minor problem since our cancelation ids were strong uuids that would be incredibly hard to brute force, right? Well of course they weren't, they counted up. So at that point you could take an email, send a cancelation, get the token and just count down from your id until you hit a 200 and download the pdf with all that juicy user data, nice.

Well, of course now I raised a critical ticket and the issue was fixed as soon as possible, right?
Of course not. Well I raised the ticket, I made it critical and personally went to the ceo to make sure its prioritized. The next day I get an email from jira that the issue now was minor because "its in the code since 2017 and wasn't exploited".

Well, long story short, I argued a lot and in the end it came to the point where I, as QA, wrote a fix to create a proper token because management just "didn't see the need" to secure such a "hard to find problem". Well, before that I sent them a zip file containing 84 pdfs I scrapped in a night and the message that they can be happy I signed an NDA.

*packing for a school-hosted graduation celebration with friends*
let's see, first rule of packing for a trip, count on every slim chance happening...

List of things now in backpack:
3 changes of clothes (1-night trip for an all night party in <100-MILE-AWAY MAJOR CITY>)
Laptop
3DS
3x 4-port USB Hubs
10-port power strip (not fully in bag, but mostly so.)
Extra pair of shoes
3.5" external floppy drive
First aid kit
SAK
precision driver set
soldering set
multitool
pliers (1x farmer's, 1x bent needlenose)
multimeter
empty laptop HDD (250GB)
magnet in Altoids tin (can't have it trashing the HDD!)
VGA to RGB (Composite ends) adapter
Composite/S-VIDEO USB capture card
Portable USB chargers (1x 30k mAh 2-port, 1x superslim 3k mAh 1-port)
Enough phone chargers to replace all chargers within 30 miles
Smelling salts
2x 16GB thumbdrives
Boot disc set
$200
School IDs (for bag's ID slot)
3 pairs of decent earbuds (no el cheapo $1 ones because they break trying to get them out of the package)
Serial to USB adapter
Rehydration salts
Magnesium fire striker
Plenty of pens and pencils
Emergency radio locator beacon
Emergency cellular locator beacon
SD/eMMC/CF/TF/MCP(D) USB reader
external HDD reader (2.5" IDE/3.5" IDE/SATA, external power)

am i missing anything?

So I am finally plunging into continuous integration. If I make one more deploy script mistake, I've lost enough time to merit having learned a better solution than bash scripting calling git and rhc and py files I wrote. I have failing tests that are failing because they weren't updated after the million and a half urgent changes in the past 2 months, so it's time to act like I am a TDD fanatic and write the tests correctly. So much work. All from me listening to the constant req changes, listening to the urgency, letting non-devs get under my skin if you will. I'm optimistic in all the wrong places - I think I can write that by end of day let's try it. I'm lazy in the wrong places - I think that I can write that test later, because all I changed was XYZ (which took all night but I said I'd get it as close as possible didn't I?). And I think these handful of bash scripts are good enough to make sure I run tests? But remember, I didn't write the tests or I didn't go back and update them. Or the tests that fail, I'm too lazy. And so much of the tests, I would need to use, idk selenium for, and damnit if I really don't want to dig for element IDs to wait for every time I need an AJAX call.

Okay wow, I really did rant here. And discredited myself a bit lol I need to ignore the wrong lazy and embrace the right lazy. Protect myself from myself and from contributors. It really is, up to me now, to rescue myself from my bad habits. Bad habits perpetuated by clients urgency every day, to change things, that should have been finalized in November if we wanted a stable flipping system in January. It feels like the blind (client) leading the blind (me, when I do dumb shit like rush features out the door half tested).

Anyway all this came out, because I have been reading about continuous integration and stumbled upon this quote. And thought someone might laugh at the anachronism like I did

Social Captain (a service to increase a user's Instagram followers) has exposed thousands of Instagram account passwords. The company says it helps thousands of users to grow their Instagram follower counts by connecting their accounts to its platform. Users are asked to enter their Instagram username and password into the platform to get started.

According to TechCrunch : Social Captain was storing the passwords of linked Instagram accounts in unencrypted plaintext. Any user who viewed the web page source code on their Social Captain profile page could see their Instagram username and password in plain text, as they had connected their account to the platform. A website bug allowed anyone access to any Social Captain user's profile without having to log in ; simply plugging in a user's unique account ID into the company's web address would grant access to their Social Captain account and their Instagram login credentials. Because the user account IDs were for the most part sequential, it was possible to access any user's account and view their Instagram password and other account information easily. The security researcher who reported the vulnerability provided a spreadsheet of about 10,000 scraped user accounts to TechCrunch.

I am so fucking lost.

I literally have zero expectations from life for now and future.

There was a time when I had so much clarity in my life. Rather, I was known for it.
Folks used to reach me out for guidance and my approaches even worked for others.

I was goal oriented and biased towards action. Failing and learning from it, I used to make things happen and with constant feedback kept progressing.

While none of that has changed, I still feel lost and numb. No, I am not depressed or suffering through any mental illness. I am physical active and able to feel the happiness.

But the recent incident with a narcissistic, left me emotionally handicap. I can no longer feel any kind of love or affection. I overcame the damage done and healed myself.

But now, I am done. Even if I engage with anyone for a relationship it would be mostly for sex. I can care for people around me and be affectionate towards them but when it comes to an intimate relationship, I feel it's not something I can do in this lifetime. I tried multiple times but failed.

These days, all I am doing is putting my heads down and working like crazy. Never in my life I worked more than 10 hours in an entire week. Now, I work 10+ hours everyday. During that time, I am highly productive.

And in my free time, I am busy housekeeping different life problems. Either paying bills, figuring out an insurance, planning some investment, or making some kind of life decision.

It's draining me. I feel as if I am losing sanity. But that's the only thing I am able to do.

Maybe it's the lockdown effect. Maybe some damage is yet to be healed.

But I got nothing better to do. I have some good ideas. Not those hipster-ish disruptive Million dollar ideas, but decent enough to solve a problem for a strong use case.

However, all of this is becoming overwhelming these days. Because decision making is complex and difficult task. It can make or break the future.

As of now I am confused how should I go about pursuing two of the important projects that I want to accomplish.

1. Migrating out of Google ecosystem. Is it even practically possible for my use case? What are the alternatives? Planning to opt in for a paid cloud storage so have to factor in that aspect as well.

I want to keep this new setup only for official use like bank and government stuff. Maybe family and close friends. Then have current ids for public logins and sharing it with retards whom I can block or ignore if they harass me. The research is overwhelming but having a structured setup gives insane amount of efficiency when life is spam free.

2. Migrating my Pihole and OpenVPN setup out of Digital Ocean to GCP. Primarily because $5 is a lot of amount for my computational requirements and Google has used my data enough, for me to use the free tier.
However, there isn't a simple script for a tech noob like me, to go ahead and setup something. I did find a Github repository but the documentation is kind of outdated so RTFM failed for me.

I don't know whether to pursue my start-up or let it go and focus on moving to Europe.

It's just so fucking stupid to even exist. And let's not forget taxes. Bloody taxes.

Guess who has 2 thumbs, half a brain and lost his job today...

Just wanted to admit that when I was in school, first learning about web, my first website used only IDs -- no classes.

I was so proud though.

Mixing tabs and spaces on collabs with my friends

I think I just gave my teammates/boss another mind-blowing idea...
Daily stand-ups are usually done standing up... Which means away from computers... And therefore JIRAs should not be mentioned, at least not by ID...

WHO THE FUCK CAN REMEMBER THEIR ISSUE IDS ALONG WITH EVERYONE ELSE'S...

Why the fuck these managers can’t understand that you can’t build a full blown system with in a week. After building a demo driven application to show the client you can tell the client we are fucking ready to launch the damn thing . I FUCKING MENTIONED BEFORE GOING TO THE MEETING ITS NOT RELEASE READY GOD DAMN IT.

Now when I say we can’t launch this app we need to fix things . THE FUCKING MANAGER HAS THE GUTS TO SAY “one day is enough to fix the issues right ? Shouldn’t be a big deal for you to fix this” .

Kill me now 🤬🤬🤬🤬🤬

So note to self, when creating random IDs, maybe generating 1,000 digit long IDs constantly is the source of that massive ram spike and subsequent crash...

Last year during my HTML/CSS exam, there was a question requested that items should be displayed in the center of the screen and move outwards as you add in to them.

There were three given IDs for the divs. Left, right and main. So what I did to reduce the amount of code written(mind you this is written on paper). I just used the main class wrapped it inside a container and then did what the question was asked and achieved the same result. My teacher still gave me 0 points even though I provided a solution better than what most other students actually did. His reason was, you should've done as I said.

And yes, yes we're writing our coding exams on paper.

The learning curve between learning syntax to hackerrank/leetcode feels massive

1. It's gonna be more and more specialized - to the point where we'll equal or even outdo the medical profession. Even today, you can put 100 techs/devs into a room and not find two doing the same job - that number will rise with the advent of even more new fields, languages and frameworks.

2. As most end users enjoy ignoring all security instructions, software and hardware will be locked down. This will be the disadvantage of developers, makers and hackers equally. The importance of social engineering means the platform development will focus on protecting the users from themselves, locking out legitimate tinkerers in the process.

3. With the EU getting into the backdoor game with eTLS (only 20 years after everyone else realized it's shit), informational security will reach an all-time low as criminals exploit the vulnerabilities that the standard will certainly have.

4. While good old-fashioned police work still applies to the internet, people will accept more and more mass surveillance as the voices of reason will be silenced. Devs will probably hear more and more about implementing these or joining the resistance.

5. We'll see major leaks, both as a consequence of mass-surveillance (done incompetently and thus, insecurely) and as activist retaliation.

6. As the political correctness morons continue invading our communities and projects, productivity will drop. A small group of more assertive devs will form - not pretty or presentable, but they - we - get shit done for the rest.

7. With IT becoming more and more public, pseudo-knowledge, FUD and sales bullshit will take over and, much like we're already seeing it in the financial sector, drown out any attempt of useful education. There will be a new silver-bullet, it will be useless. Like the rest. Stick to brass (as in IDS/IPS, Firewall, AV, Education), less expensive and more effective.

8. With the internet becoming a part of the real life without most people realizing it and/or acting accordingly, security issues will have more financial damages and potentially lethal consequences. We've already seen insulin pumps being hacked remotely and pacemakers' firmware being replaced without proper authentication. This will reach other areas.

9. After marijuana is legalized, dev productivity will either plummet or skyrocket. Or be entirely unaffected. Who cares, I'll roll the next one.

10. There will be new JS frameworks. The world will turn, it will rain.

So I am a Junior Dev in this small company. We have different tasks for the current sprint so I don't care what my teammates are doing. Then came the integration of our works, where a Mid Dev was assigned to create a Carting/Basket service. As we are integrating, I noticed that we are passing data to his service as is. We are passing the price, item name, etc. on his API. I asked him why the fuck are we not passing the IDs of the items instead. He didn't understand what I'm saying and instead defended his work. I showed him how I was able to manipulate the total amount of items I added to cart. He wasted almost 6 days of developing. Ughh.

I was taught that an IDS is a passive protection method, and an IPS is active. My security+ boot camp is trying to tell me IDS is active. Thoughts?

And yes, I'm still studying for this, I've been avoiding it because I'm salty I failed by one. But now it's a requirement, so I have no more time to avoid. :(

At my last gig, part of our business process was to generate a unique human-readable ID that could tie an individual to our product and service. Well, we had a few rather superstitious, paranoid and vocal customers who felt 'uneasy' when they received their unique ID with 666 in it.

So after having a good laugh and roll on the floor, I got to write an exorciseUniqueId() method that compelled the evil numbers to stop possessing those innocent IDs!

I'm considering quitting a job I started a few weeks ago. I'll probably try to find other work first I suppose.

I'm UK based and this is the 6th programming/DevOps role I've had and I've never seen a team that is so utterly opposed to change. This is the largest company I've worked for in a full time capacity so someone please tell me if I'm going to see the same things at other companies of similar sizes (1000 employees). Or even tell me if I'm just being too opinionated and that I simply have different priorities than others I'm working with. The only upside so far is that at least 90% of the people I've been speaking to are very friendly and aren't outwardly toxic.

My first week, I explained during the daily stand up how I had been updating the readmes of a couple of code bases as I set them up locally, updated docker files to fix a few issues, made missing env files, and I didn't mention that I had also started a soon to be very long list of major problems in the code bases. 30 minutes later I get a call from the team lead saying he'd had complaints from another dev about the changes I'd spoke about making to their work. I was told to stash my changes for a few weeks at least and not to bother committing them.

Since then I've found out that even if I had wanted to, I wouldn't have been allowed to merge in my changes. Sprints are 2 weeks long, and are planned several sprints ahead. Trying to get any tickets planned in so far has been a brick wall, and it's clear management only cares about features.

Weirdly enough but not unsurprisingly I've heard loads of complaints about the slow turn around of the dev team to get out anything, be it bug fixes or features. It's weird because when I pointed out that there's currently no centralised logging or an error management platform like bugsnag, there was zero interest. I wrote a 4 page report on the benefits and how it would help the dev team to get away from fire fighting and these hidden issues they keep running into. But I was told that it would have to be planned for next year's work, as this year everything is already planned and there's no space in the budget for the roughly $20 a month a standard bugsnag plan would take.

The reason I even had time to write up such a report is because I get given work that takes 30 minutes and I'm seemingly expected to take several days to do it. I tried asking for more work at the start but I could tell the lead was busy and was frankly just annoyed that he was having to find me work within the narrow confines of what's planned for the sprint.

So I tried to keep busy with a load of code reviews and writing reports on road mapping out how we could improve various things. It's still not much to do though. And hey when I brought up actually implementing psr12 coding standards, there currently aren't any standards and the code bases even use a mix of spaces and tab indentation in the same file, I seemingly got a positive impression at the only senior developer meeting I've been to so far. However when I wrote up a confluence doc on setting up psr12 code sniffing in the various IDEs everyone uses, and mentioned it in a daily stand up, I once again got kickback and a talking to.

It's pretty clear that they'd like me to sit down, do my assigned work, and otherwise try to look busy. While continuing with their terrible practices.

After today I think I'll have to stop trying to do code reviews too as it's clear they don't actually want code to be reviewed. A junior dev who only started writing code last year had written probably the single worst pull request I've ever seen. However it's still a perfectly reasonable thing, they're junior and that's what code reviews are for. So I went through file by file and gently suggested a cleaner or safer way to achieve things, or in a couple of the worst cases I suggested that they bring up a refactor ticket to be made as the code base was trapping them in shocking practices. I'm talking html in strings being concatenated in a class. Database migrations that use hard coded IDs from production data. Database queries that again quote arbitrary production IDs. A mix of tabs and spaces in the same file. Indentation being way off. Etc, the list goes on.
Well of course I get massive kickback from that too, not just from the team lead who they complained to but the junior was incredibly rude and basically told me to shut up because this was how it was done in this code base. For the last 2 days it's been a bit of a back and forth of me at least trying to get the guy to fix the formatting issues, and my lead has messaged me multiple times asking if it can go through code review to QA yet. I don't know why they even bother with code reviews at this point.

I have been waiting on a data file for days now and when I finally got my hands on it I discover that excel converted the IDs into scientific notation when they exported it.

Thank you, Microsoft, for yet another delay in my work.

Ah, when you run into a bug that only has 7 google results, and have of them is in Russian for some reason. Gonna be a long day.

The ticket system blokes - episode 3

So we always had and have very awful performance with our ticket system. You can't get anything to load in under ~4s normally. Now since it has gotten worse over the last weeks i decided to set aside a few hours to closely watch our SQL server.
After i identified a culprit that was hogging the CPU almost every 2 minutes i looked at other long running queries in the server and found out where exactly the 4s come from.

6 tables from various DBs. Sure, no problem.

Left Outer Join. Sure, why not.

Querying every fucking column in every fucking table explicitly adding up to a whopping 160 columns which they need not even 10% of. We're talking about session IDs, passwords, stock count, IBANs and all that stuff to show the work done on a ticket. Absolutely not.

So i extracted the query and reduced it to the stuff we need and the execution time went from 4 seconds to almost instant.

The funny thing is that their idea of performance optimization is throwing LIMIT around everywhere to get these monstrous queries under control.

So in the next few days I'll have an appointment with their lead programmer. I'm looking forwards to it.

So out of curiosity: does anyone know an SQL builder or toolset that does shit like
SELECT X AS [t0_c0],
SELECT Y AS [t0_c1],
SELECT Z AS [t1_c0],
and so on? I'd like to know how they got to this point.

I hate having to deal with our IT service desk. Every time it takes enormous energy to get to the right people and make them understand that no, you are not an idiot, but you actually have a technical issue.

Sure thing they do have a few competent nice folks there too I've gotten to know over time and they indeed have to deal with a ton of dumb non-tech savvy idiots on a daily basis. However, if my job title mentions "software" and "engineer" they should at least assume I'm an idiot in tech. Or something. Every single time I need to open a ticket, even for the simplest "add x to env y", I need to quadruple check that the subject line is moron-friendly because otherwise they would take every chance to respond "nah we can't do that", "that's not us", or "sry that's not allowed". And then I would need to respond, "yes you do:) your slightly more competent colleague just did this for us 2 weeks ago".

Now you might imagine this is on even another level when the problem is complex.

One of our internal apps has been failing because one of the internal APIs managed by a service desk team responds a 500 status code randomly but only when called with a specific internal account managed by another service desk team.
(when I say "managed by", that doesn't mean they maintain it, it just mean they are the only ones who would have access to change something)

Yesterday I spent over a fucking hour writing a super precise essay detailing the issue, proving a million times it's not on our end and that they need to fix it. Now here is an insight to what beautiful "IT service" our service desk provides:

1) ticket gets assigned to a "Connectivity Engineer" lady

2) few hours later she responds and asks me to give her the app and environment IDs and grant her access to those
(naturally everything in my email was ignored including these two IDs)

3) since the app needs to be in prod for the issue, I make a copy isolating the failing part and grant her access to the original "for reference" and the copy to play with

4) few hours later I get an email from the env that some guy called P made changes to the actual app, no changes to the copy
(maybe they immediately fixed the app even though I asked them to only touch the copy)
I also check the env and the live app had been shared with another 2 people giving them editing rights:)

5) another few hours pass and the lady responds that she had been chatting with P (no mention of who tf that guy is) and that P has a suggestion that might work and I should test it, "please see screen shot" for details:

These motherfuckers sent me a fucking screenshot of the env config file where "P has edited a few parameters" that might help. The screenshot had a 16 line part of the config json with a bunch of IDs and Base64 params which HE EDITED LOCALLY.

Again, because I needed a few iterations to realise what I've just witnessed:
These idiots modified some things in the main app (not the copy) for hours. Then came to the conclusion that the config needs some IDs and params updated. They downloaded the config json. Edited it locally. Did not fucking upload it back to the main or test app. Did not test it live. Did not CC in or direct the guy with changes to me. Did not send me the modified config file. Did not even paste the new IDs into the email. But TOOK A FUCKING SCREENSHOT OF THE MODIFIED FILE AND SENT THAT SHIT TO ME. And then had the audacity to ask me to test it when they had access to it and that's literally their fucking job.

I had to compare the fucking screenshot to the live config file and manually type in the changes.

And no, it still doesn't work. And Now I have to get back to them showing it still fails the same way but I just can't deal with these people. Fuck. Was hoping by the time I write it all down it'd be better, and it does feel a bit better, but I still need to get this app fixed. And I can only do it through these... monkeys. I just can't. Talking to these people drains my life energy... I'm just sad.

Please share the weirdest business logic you had to implement!

I remember having to filter certain categories and specific movies based on ID that were.. Well.. German porn.. Hardcoded Ids, not proud

Public REST (-inspired) API. Should I skip numeric IDs because it's easy for consumers to snoop around?

Example:

POST api/foo
201 Created api/foo/69

Uh, I'll get 68 just because I can. Hopefully it returns Unauthorized, unless we some kind of bug.

Is it just security by obscurity if I use, like, guids or something instead of sequental IDs?

How to become the favourite client among your app devs in two simple steps

1 - raise a support ticket, stating that it really needs to be solved, the sooner the better, but omit any ids/names in the description.
2 - leave for a vacation, without any way to contact you.

...
We are using a shitty language and a even more shitty IDE at our company for our software.
I'm quite new to this, so I don't know all sorta stuff.

Was writing an addition to a convertion from an old system to a new one.
Needed to "Map" Strings to IDs, so I used a switch case to determine the needed IDs.

Because that fuckin horseshit has no realtime errors (just at compile time...) I didn't realize that there is no such thing as strings in switch case in this language.
So I wrote this whole fuckin shit and when I compiled I got massive list of errors.

So I had to redo that shit with If, Else If... And that motherfucker just crashed on me...
HOLY SHIT...

I didn't know why I didn't ever told it:

I did a few multiplayer projects in Unity 4 Engine (beloved old multiplayer) and I wanted to create a custom dedicated server within the Unity engine.

I created a new project and started programming. The clients even connected to the server but I couldn't figure out how to sync the world's because the blocks the world was made of existed in both projects,but had different IDs (didn't knew there were IDs).

After a bit of googling I found out that it isn't possible to sync these projects. Tired of myself giving up I tried a different route and found out that these IDs would sync of you exported them as asset pack. So I did!

And it worked ❤️❤️❤️❤️

So I could have a less power heavy dedicated within the unity engine.

(PS: I knew I just could made a server in C# or so with sockets and what ever, but 12 year old me doesn't knew sockets)

API team: "Hey they have a client demo on Monday! What about changing all of our object IDs from int to string on a Friday night without notifying our only subscribers?"

You made a very important device used in pharmaceutical labs which stores important data, but for some fucking reason you decided to write the communication protocol so poorly that I want to cry.

You can't fucking have unique IDs for important records, but still asks me for the "INDEX" (not unique ID, fucking INDEX) to delete a particular one. YOU HAVE IT IN THE MEMORY, WHY DON'T USE IT?!
How the fuck you have made such a stupid decision… it's a device that communicates using USB so theoretically I could unplug it for a moment, remove records, add them and plug it in again and then delete a wrong one.
I can't fucking check if it's still the correct one and the user isn't an asshole every 2 seconds because this dumb device takes about 3 for each request made.

WHY?
Why I, developing a third party system, have to be responsible for these dumb vulnerabilities you've created?

So here I am trying to understand the database schema in order to write a REST interface. Then I find that one of the tables contains an id and a name columns but the name is Integer not a string!
I contacted the developer who gladly explained that it was easier for them to store the ids in the database but the actual names strings were hard coded in the source files so they can handle translations!

go fuck yourself with your fucking communities. i went into computing because i like being left alone. who are all those fucking freaks building their communities? this is capitalism mother fuckers, everybody in the world agreed on it, on each person being an independent individual doing their job to the best possible standard, instead these low-skill low-iq oversocialised sheeple started conglomerate into communities and brainwash everybody that this is what it is about. get stuffed alright. all my life i've been introverted, just leave me alone to write code alright? take my library i don't mind i'll take yours no strings attached, just push the code and forget about it. but no, all these degenerate morons without CS degrees have occupied our safe space, pushed us out of it and just can't get enough of using the buzzword "community-driven" "volunteers" volunteer my ass assholes you can't even make software nobody in real industry needs you because you have no skill at all you learn a bit of js which is any 14-15 yo can do and now think you're some kind of prodigies, unsung heros of humanity who selflessly bring the progress. nothing can be further from the truth - because of you we don't have real software, we don't have investment we don't get no respect everybody walks all over software engineers treating us like shit, there's an entire generation of indoctrinated parasitic scum that believes that software tools is grown for them on trees by some development teams that their are entitled to automatically, because some corporation will eventually support those big projects - yeah does it really happen though - look at svelte, the guy is getting 50k a year when he should be earning at least 500k if he had balls to start a real businesses, but no we are all fucking prostitutes, just slaving away for the army of people we never see. are you out of your mind. this shit should be fucking illegal alright it's modern day slavery innit bruh, if a company wants to pay their engineers to work on open source this is fine, i love open source like java or google closure compiler, but it's real software made by real engineers, but who are all these community freaks who can't spend a 10 seconds on stage in their shitty bogus conferences without ringing the "community" buzzer? you're not my community i fucking hate your guts you're all such dumb womenless imbeciles who justify their lack of social skill by telling themselves that you're doing good by doing open source in your free time - mate nobody gives a shit alrite? don't you want money sex power? you've destroyed everything that was good about good olde open source when it was actually fun, today young people are coerced into slavery at industrial scale, it's literally impossible to make a buck from software as indie unless you build something really big and good, and you can't build anything big without investment and who invests in software nowadays? all the ai "entrepreneurs" are getting fucking golden rained with cash while i have to ask for a 5$ donation? what the actual fuck? who sanctions this? the entire industry is in one collective psychotic delusion, spurred by microsoft who use this army of useful idiots to eliminate all hounour dignity of the profession, drive the abundance and bring about poverty of mind, character, as well as wallet as the natural state of things. fucking amatures of course you love your shitty little communities because you can't achieve anything on your own. you literally have no personality, just one homogenous blob of dumb degenerates who think and act all the same. there used to be a tool called adobe flash builder, i could just buy it, then open and make a web app, all from start to finish in one program, using tutorials of adobe experts on youtube, sure it might have had its pitfals but it was a product - today there's literally no fucking product to make websites. do you people get it? i can't buy a tool that i need to do my job and have to insult myself by downloading some shitty scripts from some shitty unemployed devs and hope my computer doesn't blow up in my face in the process because some freak went off his nut and uploaded some dodgy ass exploit on npm in his package. i really don't like. it's not supposed to be like that. good for me i build by own front/back end. this "community" insanity is just a symptom of industrial degeneration, they try to sell it to us like it's the "bright" communist future but things never been worst, i can't give a shit about functional programming alright i just need to get my job done mate leave me alone you add functional because you don't know how to solve the problem properly, e.g., again adobe flex had mxml where elements had ids and i could just program to id, it was alright but today all this unqualified morons filled the whole space after flash blew up and adobe execs axed flash builder instead of adapting it to js runtime, it was a crime against humanity that set us back to 1000s

ChatGPT, Copilot, React, how to make a link in a frontend website?
To create a link in a frontend website, create a span, a div, or a paragraph that contains the link text. In your JavaScript web app, add an event listener to that element that opens the link on click. If you want to claim you're accessible, add an aria-role to the clickable element. To make debugging harder and only possible for the real arcane experts, let your framework generate generic ids and class name hashes for styling and event handling, like "item_09fcfck" or "elementor_element_foo_bar". Avoid, at all price, to use an a href element!

I Have got a lot of swags going to events and meetups! Shirts Pins IDs Stickers ! what is your most Treasured swag of all time??
BONUS IMAGE down

Just found the most embarrassing security hole. Basically a skelleton key to millions of user data. Names, email addresses, zip codes, orders. If the email indicates a birthdate, even more shit if you chain another vector. Basically an order id / hash pair that should allow users to enter data AND SHOULD ONLY AUTHORIZE THEM TO THE SITE FOR ENTRING DATA. Well, what happend was that a non mathing hash/id pair will not provide an aith token bit it will create a session linked to that order.

Long story short, call url 1 enter the foreign ID, get an error, access order overview site, profit. Obviously a big fucking problem and I still had to run directly to our CEO to get it prioritized because product management thought a style update would be more important.

Oh, and of course the IDs are counted upwards. Making them random would be too unfair towards the poor black hats out there.

Sending email to client (the following is a short version of it)

"
Dear Data Evaluation Team,

Here is a link with the password to the data export for the questionaire.

You will find in there 4 sections:

1. Utilization Report
2. Question List
3. User Responses to questionnaire
4. Summary of responses
"

Email from client
"
Thank you data team.
I see that the user responses have some ids for the questions. Can you please give me the full question text, where is it?
"
My response
"Section 2, Question List"

Like really? Did you just not f*ing read the email and just jumped into the data export blindly. I wrote some fucking docs for a reason.

If you're reviewing someone's code, do you run/test the code before reviewing the logic? Or do you review logic before running the code?

So when we started this project like 4 years ago... new to the framework, kickstarting lot's of forms with file uploads. Everything seemed to work fine, uploads and downloads worked..
First version of the project got deployed to prod and for weeks or so users have been registering and submitting stuff...

Only problem was: most files were overridden by consecutive uploads as our central upload lib stored files with the same name on disk (normally the ID of the db row was injected but most files were saved before the db row was - resulting in 0 IDs...)
Yeah so... that hurt :(

So a follow up on my post yesterday, I had a brain flash.

Basically it bypasses a webpage with JS that redirects the browser on mobile browsers so I can actually get to the download page for the anime.

Before I still had to paste the starting but now I just download the anime site to get all the latest updates.

The key was actually getting the information from the page. What I realized was I don't need Title or Episode #. All I need is the URL because it's in there (at least for now). The site probably should've used ids instead but :)

Do you need a degree to become a software engineer ?

Now this is a question I’ve seen many people ask. I personally have no degree and I’ve been doing programming for the past 10 years (since I was 18 ). Whatever I learned, I learned from reading and watching tutorials.
So far It wasn’t a problem for me.

What do u guys think and what is your experience is this matter ?

Allright, so now I have to extend a brand new application, released to LIVE just weeks ago by devs at out client's company. This application is advertised as very well structured, easy to work on, µservices-based masterpiece.

Well either I lack a loooot of xp to understand the "µservices", "easy to work on" and "well structured" parts in this app or I'm really underpaid to deal with all of this...

- part of business logic is implemented in controllers. Good luck reusing it w/o bringing up all the mappings...
- magic numbers every-fucking-where... I tried adding some constants to make it at least a tiny bit more configurable... I was yelled at by the lead dev of the app for this later.
- crud-only subservices (wrapped by facade-like services, but still.. CRUD (sub)services? Then what's a repository for...?). As a result devs didn't have a place where they could write business logic. So business logic is now in: controllers (also responsible for mapping), helpers (also application layer; used by controllers; using services).
- no transactions wrapping several actions, like removing item from CURRENT table first and then recreating it in HISTORY table. No rollback/recovery mechanism in service layers if things go South.
- no clean-code. One can easily find lines (streams) 400+ cols long.
- no encapsulation. Object fields are accessed directly
- Controllers, once get result from Services (i.e. Facade), must have a tree of: if (result instanceof SomeService.SomeSubservice1.Item1) {...} else if (result instanceof SomeService.SomeSubservice2.Item4) {...} etc. to build a proper DTO. IMO this is not a way to make abstraction - application should NOT know services' internals.
- µservices use different tables (hats off for this one!) but their records must have the same IDs. E.g. if I order a burger and coke - there are 2 order items in my order #442. When I make a payment I create an invoice which must have an id #442. And I'm talking about data layer, not service or application (dto)! Shouldn't µservices be loosely coupled and be able to serve independently...? What happens if I reuse InvoiceµService in some other app?

What are your thoughts?

So I just released my first official app which was a mobile charity solution and platform for all ethical and morally sound non profits appearing on Google via its search and map API to receive funds via PayPal. We integrated paypals android sdk and launched but not even a day in Google Kansas and removes the app saying that we were not compliant with their payment policy even though the 503 exempt IDs were represented in that they stated that in that building needs to be used and Android pay. We attempted to use Braintree payments and they made up some mother excuse now the donation Clause recently was updated to cut 30% from each payment making us by far the most expensive Channel 2 donate. Does anyone know of a work around or solution I could use ? Popmoney ? Maybe...I been reading up on their service and its seems feasible...

Microservices

Lets take an example: Products service & orders service.

When I want to save an order for a user, data saved as
1. UserId, ProductId, Quantity, Date

Or
2. UserId, Name, Email, ProductId, ProductName, Quantity, Date

I'm a bit confused here because if I'm going to fetch that purchase, in example 1, it will return IDs requiring another trip to server to get user & product info

In example two it takes only one trip BUT if any changes is made to either user info or product info it means I'm returning wrong info to the user.

What do we do in this scenario? Excuse my questions first time applying Microservices and been using monolith all my life

So, here we are using postgres in production with the fancy feature of UPSERT. We’ve got loads of request popping in, both new and updates - so the UPSERT getting triggered alot. Today we faced a problem with integer within our app stating that the number is too high. We were like «WTF? Already?!»! After looking in to the features of UPSERT, we came to realize that any sequence will be incremented regardless of an insert being handled. This results then in an ID field being defined with ids such as:
1
2
5
19
222
73377
282828282
Etc. You get the point..
This design is so WTF and I have absolutely no idea why anyone would like their IDs to be generated and incremended even though there is no insert. I hope it is due to my naivity that I cannot comprhend it. Oh well. UPSERT, you’re forever gone 👍🔥

This moment when your PFSense routers IDS lights up like a christmas tree when you try to play a game. Also this moment when you are a programmer and only rant about sysadmin stuff because your programming almost never is a problem.

Implementing an Audio File preview for Voice Records for one of our clients. The system we are reading names the files by IDs date length etc. And every value separated by #.
Why the hell you name a file like this: 12345#20171204#523.wav
We are implementing the tool with web technologies and this is not just ugly filenaming but also very url unfriendly.

Well, I love react-native and how easy to build mobile app with it. but damn look at these folder sizes jeez

Data wrangling is messy

I'm doing the vegetation maps for the game today, maybe rivers if it all goes smoothly.
I could probably do it by hand, but theres something like 60-70 ecoregions to chart,
each with their own species, both fauna and flora. And each has an elevation range its
found at in real life, so I want to use the heightmap to dictate that. Who has time for that? It's a lot of manual work.

And the night prior I'm thinking "oh this will be easy."

yeah, no.

(Also why does Devrant have to mangle my line breaks? -_-)

Laid out the requirements, how I could go about it, and the more I look the more involved
it gets.

So what I think I'll do is automate it. I already automated some of the map extraction, so
I don't see why I shouldn't just go the distance.
Also it means, later on, when I have access to better, higher resolution geographic data, updating it will be a smoother process. And even though I'm only interested in flora at the moment, theres no reason I can't reuse the same system to extract fauna information.
Of course in-game design there are some things you'll want to fudge. When the players are exploring outside the rockies in a mountainous area, maybe I still want to spawn the occasional mountain lion as a mid-tier enemy, even though our survivor might be outside the cats natural habitat. This could even be the prelude to a task you have to do, go take care of a dangerous
creature outside its normal hunting range. And who knows why it is there? Wild fire? Hunted by something *more* dangerous? Poaching? Maybe a nuke plant exploded and drove all the wildlife from an adjoining region?
who knows.

Having the extraction mostly automated goes a long way to updating those lists down the road.

But for now, flora.

For deciding plants and other features of the terrain what I can do is:

* rewrite pixeltile to take file names as input,
* along with a series of colors as a key (which are put into a SET to check each pixel against)
* input each region, one at a time, as the key, and the heightmap as the source image
* output only the region in the heightmap that corresponds to the ecoregion in the key.
* write a function to extract the palette from the outputted heightmap. (is this really needed?)
* arrange colors on the bottom or side of the image by hand, along with (in text) the elevation in feet for reference.

For automating this entire process I can go one step further:
* Do this entire process with the key colors I already snagged by hand, outputting region IDs as the file names.
* setup selenium
* selenium opens a link related to each elevation-map of a specific biome, and saves the text links
(so I dont have to hand-open them)
* I'll save the species and text by hand (assuming elevation data isn't listed)
* once I have a list of species and other details, to save them to csv, or json, or another format
* I save the list of species as csv or json or another format.
* then selenium opens this list, opens wikipedia for each, one at a time, and searches the text for elevation
* selenium saves out the species name (or an "unknown") for the species, and elevation, to a text file, along with the biome ID, and maybe the elevation code (from the heightmap) as a number or a color (probably a number, simplifies changing the heightmap later on)

Having done all this, I can start to assign species types, specific world tiles. The outputs for each region act as reference.

The only problem with the existing biome map (you can see it below, its ugly) is that it has a lot of "inbetween" colors. Theres a few things I can do here. I can treat those as a "mixing" between regions, dictating the chance of one biome's plants or the other's spawning. This seems a little complicated and dependent on a scraped together standard rather than actual data. So I'm thinking instead what I'll do is I'll implement biome transitions in code, which makes more sense, and decouples it from relying on the underlaying data. also prevents species and terrain from generating in say, towns on the borders of region, where certain plants or terrain features would be unnatural. Part of what makes an ecoregion unique is that geography has lead to relative isolation and evolutionary development of each region (usually thanks to mountains, rivers, and large impassible expanses like deserts).

Maybe I'll stuff it all into a giant bson file or maybe sqlite. Don't know yet.

As an entry level programmer I may not know what I'm doing, and I may be supposed to be looking for a job, but that won't stop me from procrastinating.

Data wrangling is fun.

Finding this in the documentation - //skipping index that are multiples of 10 (multiples of 10 create problems as the input IDs) if ( $input_id % 10 == 0 ) { $input_id++; }

Someone's built the whole nav menu im restyling with ids that have spacing in them what the hell

I once had to implement a program to process CSV files. One line would be one order, so I wrote a class with a static factory method (Java) instead of an ordinary constructor, because I needed to throw exceptions if something with the line was wrong (which now and then was the case: invalid product IDs, missing fields and the like). After I committed my changes (CVS was still common in those days), a coworker (let's call him Max) asked me what the hell I was doing there. He expected me to replace the code (perfectly working, by the way) with either an ordinary constructor or by implementing "the factory pattern properly". His rationale: "We don't have those kinds of things in our code base!" So I let him argue a bit, not finding any well substantiated reason for me to "fix" the code. So Max wanted to team up with another developer in our office (let's call him Rick), explained the "issue" to him. I just sat there and enjoyed, knowing that Rick would not really care. But as soon as Rick understood what I did, he walked over to the book shelf, picked "Effective Java" from it, opened the book at chapter 1 and said to Max: "Look, Josh Bloch suggests doing it exactly that way for the problem at hand!" Max kept on arguing for a while, because his "rationale" (see above) was not affected by the fact that the code was actually good. It just didn't appear in our code base before.

A CASE AGAINST BLUE PRISM
Let's review one of the worst weeks I had with Blue Prism

Monday: Yay! Solved one of the problems we've been carrying around for a week before.

One of the robots suddenly became slow. Like, REAL slow. A process that would take 3 minutes per record now takes 45, and that broke apart all the following schedule.

There were no updates on the application server, the production machine, the robot, it just became slow. And not always slow; a process manually run from console room would work, a process in debug room would work, it's just the scheduled part that caused problems.

It turned out, BP didn't seem to like that particular combination of schedulation + process + machine. Moving the process to a different machine seemingly fixed that. IDK why.

Tuesday: One of our processes waits for a code to appear in the page, and when that happens, it memorizes this code. However, now it is always returning blank. Worked for months, now it breaks every single time.
After half a day of debugging a bug which DIDN'T HAPPEN IN DEBUG MODE YET AGAIN, at 11pm I decided to just place a nonsensical timeout in page before reading and call it a day.

WEDNESDAY: a scheduled process didn't start. "No sessions created". Thanks Blue Prism, very cool.

THURSTAY: This time, schedulation did start, but the process is "waiting". As in: it's 9:30 am, the process has been stuck in the same step since 6:00 am. Turns out, it blocked during a navigate stage; you need to send a string to clipboard using the standard BP action for that, then paste and click "enter", but for some reason the standard BP object sent "ORRCO" instead of "ORRICO" to clipboard, which obviously returned no results and then... the process just didn't feel like doing things anymore. No errors, no logs, nothing: just sitting on its ass. Because fuck you that's why.

Friday: another process uses a very moderate amount of scripts to work. Nothing really fancy, just a couple of lines of code to place in page some IDs and selector to help BP do its thing, otherwise selecting these elements would be a nightmare.

But

Failed while invoking javascript method:Exception from HRESULT: 0x80020101-> at mshtml.HTMLWindow2Class.IHTMLWindow2_execScript(String code, String language)

The same script -it's not dynamically generated-worked yesterday, the day before and the day after. But sometimes it will not. Why? The answer, my friend, is blowin'' in the wind

Today I wanted to automate checking the status of running jobs. There's a UI but navigating it is tedious and I sort of wanted a Dashboard.

So I started writing a Selenium app to automate it. I'm writing the code, inspecting all the inputs. And I'm looking "woah, all of them have nice ids... This should be easy"

Login is ok, but then run into IFrames (can't find the input elements on the page itself).

Fine Google... find the answer and so try again. But wait... It doesn't work???

There's apparently 9 of them on the page. And there's no easy way to identify the correct one...

Spent an hr trying different ways of locating the right one... eventually settling on very complex XPath...

All in all though it took 2 hours... And still not done...

Rant and opinions wanted. Its a long one.

I have been working on a project for a month and a half. For the first week I was requesting designs that I got about 2 of out of 15. For the next week and a half the designer was on holiday so I couldn't do anything but delivered a few more designs once he got back.

This takes us 2 weeks in already. I have other things to do as well so at the same time I work on support tickets and some bespoke development coming in.

I get given 2 or 3 more designs and can't get anything else out of the designer after waiting a week so I have to design everything myself as I go and build it. Something I have never done before.

We are now 3 and a half weeks in. My boss randomly tells my pm it needs to be demo ready the next day. I work furiously to hack something together. It works but key functionality is missing.

I move house and work from home for a week and a half. I do my best but the project is full of bugs and the CSS is horrible because I didn't know what I was making at any stage. It is therefore CSS rules repeated in IDs everywhere.

My colleagues join me on the project because my boss has decided to try and sell it tomorrow.

They run through it and find all the bugs left from me working furiously to get things done quickly. Things like no search pagination and missing validation.

My boss is now pisses at me because the project is not finished, my colleagues are now all working on it. Throughout it all he knew the designer was not delivering me anything and that I was struggling.

Am I in the wrong for writing shit code that came about because I was coding with no idea of what the finished project should look like? Is he in the wrong for dumping this on me and just letting me get on with it even though he knew there were no designs?

Btw I am just finishing a 1 year internship and before this have never done web dev before.

Discuss.

All of my unit tests are failing. Other devs went and took out or changed all of the IDs I added to elements instead of properly updating their projects with my changes. WHY AM I EVEN HERE?

😞

Maxi-Rant, rest in the first comment!

Yay, I've caught up with my "watch later" list on YouTube! Next thing: Just quickly go through my subscribed channels and add old videos that I haven't seen yet to the watch later list so that I have more stuff to watch the next months. The easiest way to do that is to go to the "all uploads" playlist of the channel (that is luckily always linked now, it used to be hidden sometimes) and use "add all to" to get them on my playlist. Then sort out the stuff that I've already seen and turn on automatic sorting by date, easy. Yeah...
Firstly, in the new design there's no "add all to", I have to go to the old design. For my own playlists, there's a handy "edit" button to do that, but on other pages I have to do it manually. Luckily I have set Ctrl+Shift+1 as a shortcut for "&disable_polymer=true" long ago.
Next surprise: On "all uploads" playlists, there is no "add all to" button. It's on every single other playlist on YouTube, including "liked", "watch later", "favourites" and so on, just not there.
Fine, I'll just abuse my subscription playlist script that I already have by making a copy of it, putting the channel IDs in it and setting the last execution date to 1.1.2001. Little problem with that: Google apps scripts can run for at most 5 minutes and the YouTube API restricts it to add one video per second. So it doesn't work for more than 300 videos. I could now try to split it up by dates, but I didn't write the script myself and I don't know how it sorts the videos to add, so I'll just google for another solution instead.
Found one: Go to the video overview of the channel in the old layout, Ctrl+Shift+I, paste this little Javascript thing and it automatically clicks all the little clocks that add the video to the watch later list. Yay, that works! Ok, i'm restricted to 5000 videos, because that's the maximum size of a YouTube playlist, so I can't immediately add all 8000+, but whatever, that's a minor problem and I'll sort out later anyway. Still another little problem: For some reason I can't automatically sort the watch later list. Because that would be too easy.
But whatever, I'll just use "add all to" from there to add it to my creatively named "WL" list. If that thing is restricted by the same rate limit of 1 video per second, it should be done in about 1½ hours. A bit long, but hey, I'm dealing with 5000 videos. Waiting 2 hours... Waiting 3 hours... Nothing happens. It would be nice if it at least added them one by one, but no, it waits an eternity and then adds all at once. At least in theory, right now it does absolutely nothing.
Shortly considered running it for more hours or even days on my Raspberry Pi, but that thing already struggles when using Chromium normally, I shouldn't bother it with anything that has to do with 5000 videos.
Ok, what else can I do then? Googling, trying out different things, mainly external services that have their own concept of "playlists" and can then add them to an arbitrary playlist later...
Even tried writing my own Java program with the YouTube API, but after about an hour not even the example program in the YouTube API tutorial worked (50 errors and even more open questions, woohoo), so I discarded that idea.
Then I discovered "DiskYT". Everything looked like it would work and I'm still convinced that I can do it with that little pile of shit. Why is it a pile of shit? Well, for example the site reloads itself after a while, so it can at most add 700 videos to a playlist. Also I can't just paste the channel link (even though it recognises those links, but just to show an error message that it can't copy from channels). I can't enter/paste URLs, I have to drag them. The site saves absolutely nothing (should in theory work, but in practise it doesn't), so I have to re-drag everything on every try. In one network, the "authorise YouTube" button (that I have to press again on every computer) does absolutely nothing ("inspect" reveals that there isn't even any action bound to the button), in another network the page mostly doesn't work at all or the button to copy from playlists is suddenly gone or other weird stuff. Luckily I have the WiFi at home, there it works in theory. But just on my desktop PC, no other device, wow. I tried to run it on my new laptop, but it's so new that it still has the preinstalled OS and there I can't deactivate going to standby when closing the laptop, so while I expected it to add 5000 videos, it instead added 4 and went to standby. But doesn't matter, because it would have failed at about 700 anyway. Every time I try to use this website, I get new problems, but it seems to still be the best option, because everything else just doesn't do anything. This page at least got to 700 before.

Continuing in first comment!

Restarted my ZFS NAS today which last time corrupted one drive because of this changing /dev/sd? stuff. Now replaced them by IDs and rebooted. Enough adrenaline for today.

I've been wondering about renting a new VPS to get all my websites sorted out again. I am tired of shared hosting and I am able to manage it as I've been in the past.

With so many great people here, I was trying to put together some of the best practices and resources on how to handle the setup and configuration of a new machine, and I hope this post may help someone while trying to gather the best know-how in the comments. Don't be scared by the lengthy post, please.

The following tips are mainly from @Condor, @Noob, @Linuxxx and some other were gathered in the webz. Thanks for @Linux for recommending me Vultr VPS. I would appreciate further feedback from the community on how to improve this and/or change anything that may seem incorrect or should be done in better way.

1. Clean install CentOS 7 or Ubuntu (I am used to both, do you recommend more? Why?)
2. Install existing updates
3. Disable root login
4. Disable password for ssh
5. RSA key login with strong passwords/passphrases
6. Set correct locale and correct timezone (if different from default)
7. Close all ports
8. Disable and delete unneeded services
9. Install CSF
10. Install knockd (is it worth it at all? Isn't it security through obscurity?)
11. Install Fail2Ban (worth to install side by side with CSF? If not, why?)
12. Install ufw firewall (or keep with CSF/Fail2Ban? Why?)
13. Install rkhunter
14. Install anti-rootkit software (side by side with rkhunter?) (SELinux or AppArmor? Why?)
15. Enable Nginx/CSF rate limiting against SYN attacks
16. For a server to be public, is an IDS / IPS recommended? If so, which and why?
17. Log Injection Attacks in Application Layer - I should keep an eye on them. Is there any tool to help scanning?

If I want to have a server that serves multiple websites, would you add/change anything to the following?
18. Install Docker and manage separate instances with a Dockerfile powered base image with the following? Or should I keep all the servers in one main installation?
19. Install Nginx
20. Install PHP-FPM
21. Install PHP7
22. Install Memcached
23. Install MariaDB
24. Install phpMyAdmin (On specific port? Any recommendations here?)

I am sorry if this is somewhat lengthy, but I hope it may get better and be a good starting guide for a new server setup (eventually become a repo). Feel free to contribute in the comments.

grrrr

last week my laptop died out of nowhere. it stopped recognizing the one drive in it. I lost a bunch of files, code. evidently ssds fail out of nowhere unlike hdds which slow down and error all the time before ultimate failure

my warranty for this 4k$ laptop expires in 12 months and this was month 13. nice. I don't like warranties anyway, and the site said they would replace things with "comparable hardware, sometimes refurbished" wtf no thanks

so I found some guides of people upgrading the drive in this laptop. seemed easy enough, unlike older laptops from back when I was in school where you had to take out 12 things first to get to anything
unfortunately I needed a specific screwdriver. I walked several miles to the nearby hardware store thinking they would have said screwdriver. the old guy in the basement said there was a kit where it started from t4 (I needed t5), but he had just sold out his last one. I checked their online store with a friend for a while on my way back home and we kept finding torx screws but the wrong sizes. fuck.
he said screwdrivers this small are only used for electronics, asked if there's any other hardware stores and there aren't near me
however it occurred to me this strip mall has a lot of suspicious computer stores on it. so I walked back up the street looking for one.
found one with a suspicious poster, saying it was an internet cafe but the last point on their poster said they do repairs. walked in. nobody is in there, suspiciously 2 desks with old computers all empty, then you go forward in this dark cave, with plastic wrapped implements on the walls, you finally find a glass shield and behind it was a meek Asian man that took me a moment to notice
I asked him if he had t5
he handed me a plastic baggy full of tiny screwdrivers, for me to take one
I asked if they're t5
the shape looked right, but I can't tell the size
I took one out and tried to find size marking, but nothing
he didn't seem to know what I was asking when I asked about its size
he said if it's wrong I can come back and trade what I took for another. lol
I asked him if I can buy it, since that wasn't evident to me due to how sus this random bag of screws is being thwarted on me lmao
he said 5$ cash
I gave him a fiver
this sus shop literally avoiding taxes lmao

walked back home, ate food cuz starving, tried the screw and FUCK, it's too big. put laptop in a bag and hauled ass fast, checked on maps the store I got this from closes in a few minutes so I really wanted to make it there because what if the receptionist changes and they don't know I took this screw. I got no receipt

got there right before closing, put my laptop down, said it was too big. he used a few screws until he found one that fit, said I could try it and I did (so scam aware!). bingo bango. now I got a screwdriver that fits the laptop.

walked home, sat down and took apart the laptop. been a few years since I did so. the hardware inside looks entirely unrecognizable to me. started cycling through YouTube videos of laptops of the same name as mine, but their insides don't look like mine. is this ram? is this the NVMe? what the fuck is anything?
finally found a video guide where the guy was quite informative. not the same laptop but he's informative enough I figure it out. ram and drives are so different and weird now. took parts out, put them back in, rebuilt laptop, tried to boot, same problem. jiggling parts like this works with desktops often, guess not with a failed NVMe

so I'm screwed. get on Newegg and bought a new NVMe. should arrive in 3 days via Purolator

yesterday was day 3. it was at a sort facility near me, then out on delivery, but nobody ever came. then it went back to sorting. now it's out on delivery again. I'm sitting here thinking that's a little weird, wasn't Purolator the delivery company that had me go 2 hours outside of town to pick up a 15lb desktop case once?

... and then I looked up Reddit comments... then reviews on the purolator facility it's at... I am screwed. last time iirc they were out for delivery for 3 days, never tried delivery, then on the last day at the end of day they stated they attempted delivery but no go. that was bullshit. then it ended up at that facility. which takes 2 hours to fucking reach.
the reviews are so bad... the facility has 1.2 star reviews with thousands of them. they won't leave even a stub, then seem to not know where your package is at the facility, or they deny you have the right to pick it up despite ample IDs, or someone ELSE picks it up and it's not there. they also ship your package back after 5 days, so if they don't leave a note and you miss it tough luck...

fucking hell
also rumours that they just hire "contractors" in normal cars to drop off packages? wat? lol
AND EVERY REVIEW HAS A BOT COMMENT. THEIR SUPPORT IS JUST A CHATBOT

I thought this was just a small hiccup
I think I might not have a drive for weeks now
fucking hell
now I'm sitting on my porch

Was trying to act super smart.
Created a *special* email account so that I could store all my passwords (and some email ids too) for different sites in which I logged in (development related sites).
Went on a vacation for a few days.
Came back and realized that I had forgotten the email id of that special account.
Fuck my life.

SharePoint: Designer is discontinued but they haven't released an alternative method of creating custom workflows...
Also, SharePoint only shows correlation ids, which you'd have to check the logs to see what the error was (no description or error code for user): SharePoint Online doesn't split their logs by client... so they can't give clients access to the logs even if they wanted too. Only option is to contact their support... seems overkill when the error may be a user trying to upload a document with the same name.

Isn’t the usage of environment variables common for golang apps?

I interviewed for a company which made me develop a golang backend service and I used environment variables for sql connection strings and client and secret IDs and all.

When I submitted them the project, the feedback was that the tech person isn’t familiar with dotenv configuration.

Any inputs about any other way this could’ve gone?

#get unique images ids
images_ids = np.unique(images_df.index)

Dear developer who wrote the code I'm looking at,
thanks, I really need comments like this one. I was wandering lost in 1500 lines of code, looking for an explaination of what the actual fuck the code is doing, and there I see you, comment. It's not like I want to know what the hundreds of lines functions do, who cares about that. What I needed to know, what shed light on this dark forest, is what the numpy functions do, because as you certainly know dear developer, such functions are really hard to comprehend, lacking of documentation.
Thanks.

It is this time of the year that I get to work on a shitty project to add some new functionality to it, it is a front end part of the project which before was externally developed, so now I have to deal with this BS Marionette mess where nothing they wrote comply to standards, like the fucking router.js doesn't look anything like the Marionettes doc, the bootstrap they used they fking decided to override classes in custom css and turn the 12 col grid system into 5ths or shit, then they created some autmated tests with bunch of intricated selectors selecting by 'labels' instead of !!!!FUCKING WHAT ARE THIS FOR IDs!? - fuk me - so I better decide to procrastinate on this project since luckily enough we don't have a deadline and I wouldn't care if we had either! My job is java developer, and yes I feel good about learning new things and learning front end. BUT NOT THIS CRAP DEPRECATED MttehorseShit!

When my mom asked what would I like to have - sweet corn or Avacado.
I said - Let's document all the possible approaches and setup some time to discuss pros and cons.

Inherited a massive code base today... All JS is still being accessed via global scope... what are modules & modular design even... SOLID and DRY are things that clearly never crossed the devs mind during inception of this beast... and to top it all off all there is a weird BEM / SCSS style going on that somehow manages to confuse the IDE... thus all style helper utilities in the IDE are useless...

So I have a question to anyone familiar with the General Transit Feed Specification...

Why is the data provided in text files? Is there not a way to format the data to allow for random access to it?

Like I'm currently writing a transit app for a school project, and as far as I can tell, the only way to get all specific stops for a route, is to first look up all trips in a route, then look up all the stopids that are associated with a trip in stoptimes.txt (while also filtering out duplicates since the goal is to get stop ids, not specifically stop times) and then look up those stop ids in the stops.txt file.

The stoptimes file alone is over 500000 lines long, unless there is a way better way to be parsing the data that I'm not aware of? Currently I'm just loading the entire stoptimes file into a data structure in memory because the extra bit of ram used seems negligible compared to the load times I'm saving...

Would it be faster if I just parsed all the data once and threw it into a database? (And then updated the database once a month when the new data comes in?)

Working on a multi-year college project, going through tests from previous team.
Every test is not working quite right. They're almost all intermittent failures.
The reason? Every single test class extends some test class, which usually extends from some primary test class.
That primary test class opens up their whole UI, and outside of their UI test package, the only thing that gets used is a variable named session (a string), which isn't even specific.
WHY THE FUCK WOULDN'T YOU JUST MAKE THE SESSION NAME STRING A VARIABLE IN THE TEST FILES YOU DUMB FUCKS
THE ARGUMENT VALIDATION TESTS DO NOT NEED TO OPEN THE UI, LET ALONE CREATE THE WHOLE FUCKING DATABASE JUST TO VALIDATE ARGUMENTS, WHICH YOU DO APPLICATION SIDE
(Also they made it so every session has their own tables as opposed to having session IDs. E.g., "person_sessionID1" and "person_sessionID2" exist.)

I used alot of if checks to convert category name to category ids for sql query. For eg.

/Index.php?cat=venue

And I handled it like

If($cat=='venue')
{
$cat =1;
}

And so on.

Very early on I was putting together my first database-driven web app and decided to use record IDs with leading zeroes - you know, because that would look neater. It was a long, long time before I came to know that a number with a leading zero would be evaluated as octal, which in turn meant that any number with an 8 or a 9 in it was invalid, which then meant it would be a match for any other invalid number and retrieve a seemingly random record.

Resource not found exception occurred when i tried to set an integer text inside a TextView in android.

Spent an hour trying to comb through my entire android app's layout resources looking at all the declared ids and cross checking then.

Didn't work. Tried googling and stumbled upon a stray human who had encountered a similar issue.

Turns out if you print an integer inside the setText, it will not consider it a normal printable value, it will think that's it's a resource id and try to use it.

Fucking misleading exception. FML ANDROID

So I'm interested in building a Raspberry Pi stack at home to continue securing and adding my smart home capabilities, 👍

Have ideas for 2/3 but what else could I look to add?

1. Pi. Hole with cloudflared argo proxy for all DNS
2. Home Automation server
3. IPS / IDS like Bro or snort? Or firewall like pfsense?
4. Log server with Splunk agent from other pi's and router....
5. What else?

Ideas in the comments

"Just create a new text column on a table and store the IDs comma separated in it for many-to-many relationships!"

For my bachelor thesis I'm working with Snort (an Intrusion Detection System). Running it on some test pcaps I get X alerts. When I switch the alert output from stdout to a file I get a different number of alerts. When I re-run it, I get yet another number of alerts (on stdout the number is always X)

Wtf?!

*Triggers OAuth request through browser
Returns : success and valid tokens.

*Another project triggers the same process and code.
Returns : well shit nigga, I know I use the same logic as above but fuck you.

In my head: Look man, I'm not saying you're lying. I just need examples of these reported failures. Call times, caller IDs, etc. I am trying to track this issue for you, but we've had no failures, and the call samples you provided show that the calls went through. We've tested the calls and they went through. You tested the call with your cell and it went through. Can you please provide examples of failures? That's what I need to help you. I'm not calling you a liar. Oh, and by the way, GO FUCK YOURSELF!

How about a random number generator which uses Ref-IDs of error pages?

Umbraco updated so a Content Picker now returns a collection of IPublishedContent rather than their IDs. Fantastic.
Except, upgrading from an older version is now more tedious.

Really trying to tutor my friend so he can land a front end position. He's currently working in fast food and is about to be hit by crippling student loan debt. Is there anything better I can do to give him a hand? I'm fairly entry level myself but I know what I'm doing. I've started teaching him Git and told him to focus on knowing HTML and CSS, and to use vanilla JS if he wants to practice.

He's still really early on, like trying to figure out which elements have hrefs and trying to remember the difference between classes and IDs. Think I'll be able to coach him into an internship offer by the end of the year?

When you are trying to write event handlers in JavaScript and nothing is working so you spend hours and hours trying to figure out what the fuck is wrong with your js code only for it to be a duplicate id. Fuck sake. I really wish JavaScript warned you about duplicate ids, but then again that's what you get for using such a weakly typed language.

So first you said that the id's wouldn't change and now they do,

Wtf, guys c'mon

But if you look at the bright sight I can now play with regex again

🙃

*me trying to fix the preview issue by editing layout file*
*issue gets fixed by clean build*
*me implementing a new feature as per plan*
*suddenly another issue occurs with the items in recycler view*
*tries SO, no related question and me too scared to ask one*
*trying different names, keywords, ids and methods to get atleast some output*
*checks json and recycler adapter, all fine but still the error*
*hello darkness my old friend*
*checks the item layout again with a microscopic look and encounters a 0 added to layout width which makes 95dp to 950dp and hence no output somehow*
*2 hours and sunday mood wasted*

I hate IDs generations.

Every time Apple updates iTunes, everything moves, becomes less understandable and takes more clicks to happen.

And I still have to put up with it because it's the ~most convenient~ way of updating iOS apps if you have multiple Apple IDs.

Just drop it already, will ya Apple?

A few days back, I was battling to setup a spring app the old fashioned way. By that, I mean the way I'm used to securing routes in laravel and indicating model relationships. For the most part, I'd gotten used to the authentication config more than my first experience with it

But the jpa/hibernate relationship mess? Honestly, it's insane. If I can only access the relationship if I let them be defined eagerly (which stupidly breaks due to circular dependencies during deserialization btw), what's the point even bothering to define them there? Might as well pretend the relationship doesn't exist and strictly use IDs on belongsTo. That's it. At the time, it felt like Very sick, amateurish stuff but I'm calmer now so it's just disappointing. How come the framework is so popular??

They haven't figured out migrations, lazy and eager load, hydrating models while evading the circular dependency trap, etc. These seem so rudimentary in eloquent, I don't even have to think about it

God fuckin dammit, I swear to heaven if this bitch ass code returns IO.Exception file is being used blah blah blah even though I'm using filestream and streamwriter. I will lose my shit in this fucking office

Tip: when doing transactions, don't pay as cash even if they tell you it is a requirement. Tell them you will pay via cheque or via bank transfer with a contract first with a seal from an attorney. You must have a valid copy first of the contract before doing payments. Also, get a photo of 2 valid IDs the person you are doing transactions. They require you personal infos and IDs? Require them also that.

#noContractFirstNoPayment

My tech lead rookie mistake of the week. Makes ids in the MySql DB big integers.

Now react, python and pinecone are all converting them to scientific values resulting into invalid or missing values and lookups.

Fml I need to change companies.

Way too long story short: Needed to figure out how to use jQuery to update a table that had no classes or IDs to help you tell what's inside it. Worked out a looping structure to read the contents of the cell with the dependent data in each row, and then update the cell that needed changing depending on the value of the first cell.

Minified the solution and dropped it into the console. Worked exactly right on the first try.

Apparently on demand tech support expecially when their wifi is down or computer is being 'bad'

I'm trying to set value of a kendo js property using value from dB. I would like to do something similar to

template : "#= dataItem.Item1 #"
But I can't use template for what I'm trying to set

Trying to test this React app my team is working on with selenium. There were no classes or ids I could've used to find elements.
I ended up looking for elements by attributes and contained text using XPath.

Living and growing up in the east coast feels like I've severely hindered my opportunities.

Okay, so, I have a functional snort agent instance, and it's spewing out alerts in it's "brilliant" unified2 log format.

I'm able to dump the log contents using the "u2spewfoo" utility (wtf even is that name lol... Unified2... something foo) but... It gives me... data. With no actual hint as to *what* rule made it log this. What is it that it found?

All I see are IDs and numbers and timings and stuff... How do I get this

(Event)
sensor id: 0 event id: 5540 event second: 1621329398 event microsecond: 388969
sig id: 366 gen id: 1 revision: 7 classification: 29
priority: 3 ip source: *src-ip* ip destination: *my-ip*
src port: 8 dest port: 0 protocol: 1 impact_flag: 0 blocked: 0
mpls label: 0 vland id: 0 policy id: 0

into information like "SYN flood from src-ip to destination-ip"

I somehow managed to create 2 different IDs and realize that I'd need to store previous value for one of them - in a tabbed view component. Although to be fair the component allows reordering tabs and moving them across containers with drag&drop.

What does devrant think about custom IDs?

Instead of:
- "d2ac9db1-3222-4e99-97cb-e14fb4240f43"

Something like this:
- "user-d2ac9db1-3222-4e99-97cb-e14fb4240f43"
- "document-34ea29ce-6022-40d4-821d-95b240633ba9"

They can be saved as binary in DB (like in the old days before native UUID support), have basic protection against being confused with IDs of another prefix and are pretty much self-documenting (better debugging/logging experience).

Plus, every ID would have their own value object (increased type safety) and if required, prefix can be omitted for 3rd party systems.

I think, it would be well worth it... 🤔

Sharepoint's html editor which puts zero width white spaces in your element ids....

Back at uni, finishing a degree--
Thinkin of making a things to unlearn before uni because boy, there are alot of practices they teach that arent industry standard

P.s dont use goddamn ids for css effect use classes like everybody else

Hello guy who develop the internal library I'm using

Just so you know, no, "idString" is not a cool name for ppl to know what they should use when you have dozens of differents ids.
And no documentation makes it less likeable.

Have a good day, you're making mine being horrible

So I sent an email to a list of email ids. I got error message that one id does not exist. Does that mean the email didn’t go to just that one address and went to the others? Or the email didn’t do to anyone? I’m talking about gmail.

Can you guys drop your discord IDs?
PS: Upvote it :)

(tldr: are foriegn keys good/bad? Can you give a simple example of a situation where foriegn keys were the only and/or best solution?)

i have been recently trying to make some apps and their databases , so i decided to give a deeper look to sql and its queries.

I am a little confused and wanted to know more about foreign keys , joins and this particular db designing technique i use.

Can anyone explain me about them in a simpler way?
Firstly i wanted to show you this not much unheard tecnique of making relations that i find very useful( i guess its called toxi technique) :
In this , we use an extra table for joining 2 tables . For eg, if we have a table of questions and we have a table of tags then we should also have a table of relation called relation which will be mapping the the tags with questions through their primary IDs this way we can search all the questions by using tag name and we can also show multiple tags for a question just like stackoverflow does.

Now am not sure which could be a possibile situation when i need a foriegn key. In this particular example, both questions and tags are joined via what i say as "soft link" and this makes it very scalable and both easy to add both questions and new tags.

From what i learned about foriegn keys, it marks a mandatory one directional relation between 2 tables (or as i say "hard a to b" link)
Firstly i don't understand how i could use foriegn key to map multiple tags with a question. Does that mean it will always going to make a 1to1 relationship between 2 tables( i have yet to understand what 11 1mant or many many relations arr, not sure if my terminology is correct)

Secondly it poses super difficulty and differences in logics for adding either a tag or question, don't you think?
Like one table (say question) is having a foreign key of tags ID then the the questions table is completely independent of tag entries.

Its insertion/updation/deletion/creation of entries doesn't affect the tags table. but for tag table we cannot modify a particular tag or delete a tag without making without causing harm to its associated question entries.
if we have to delete a particular tag then we have to delete all its associated questions with that this means this is rather a bad thing to use for making tables isn't it?

I m just so confused regarding foriegn keys , joins and this toxi approach. Maybe my example of stack overflow tag/questions is wrong wrt to foreign key. But then i would like to know an example where it is useful