Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "new session"
-
I love the fact in Linux that you can put fortune | cowsay every time you start a new terminal session22
-
Dear websites,
Please stop fucking asking me to install your shitty mobile apps. They do the same thing your site does. I have a browser, and it's a lot better. I don't even visit you every day. But even if I did, and I wanted your crappy app, I'd open the app store and download it by myself. No need to push me.
No need to waste the little screen estate I have with crappy call-to-action sections to download that shit.
Fuck your desire for more information about me. Fuck your narcissistic enjoyment when I have your icon on my fucking home screen.
The truth is, there is a very small number of apps that really need to integrate with a phone to offer better experience.
I feel most of you feel you need to have an app just because everyone else does. And so you could show these little Android and Apple logos on your website or ads. Well, how about you just make sure your site works well on a mobile screen and don't waste your money on a half-baked mobile shit app unless it really offers something worthwhile?
And if you do have a good app and it really does something, ask me just once and fucking respect my choice. Don't just ask me again and again, on every page, with every new session, or I'll just stop visiting.
You're all not that unique, so fuck you!14 -
The day I send myself about 76k mails
> be me
> be working on a rest api
> implement an error handler that would send me a mail with exception details
> use same error handler in mail send error handler
> Summoned the recursion devil by accident
> Test error handler
> Forgot port forwarding to SMTP server
> keep the debug session open
> throw new UnexpectedInterruptionException()
> get back to work
> Add the missing port forwarding rule to putty
> The error handler starts doing it's thing
> The handler chain starts to pop
> handler after handler executes
> PCFreeze.png
> WhatTheFuckIsGoingOn.gif
> VS finally accepts stop debugging
> PhoneVibrationSpam.mp3
> Peek into webmail
> WowFinallySomeFanMail
> Look into it
> Realizing what I have done
> Delete mailbox
> Remove recursion
> Wow that's how randy must have felt in southpark
> Feel weird
> Shutdown, go outside
> What's up anon?
> Nothing, really6 -
I have a telephone headset with a "confusing" mute button. Sometimes it works normally, but quite often it will "double-toggle" (toggle twice as though I pressed it twice, which essentially has no effect) - so I'm either left muted or left un-muted, the same as before I pressed the button at all - so I have to press it again, sometimes several times, for it to actuary work.
While I'm at my desk, I have a visual indicator of mute status (a light that turns green for un-muted or red for muted), so I can easily tell if my mic is hot or not. My old headset had a nice audible beep reminder if I was muted, but the new headset? Nope, not-so-much.
I work from home, while my wife works at an office; so each morning she leaves, but I stay in the home office. I almost always see her off one way or another, usually doing or saying something funny as she heads out.
So, one day, I'm on a large conference call with a number of cross-team managers, and my wife is about to head out the door. With the meeting droning on in my headset, I was in the kitchen with her for a while helping finish clean up after breakfast and getting her ready to go.
She needed to pack an ice-pack for some reason, and for the random humor of it, I start screaming something to the effect of "GIMMIE YO ICE PACKS - GIMMIE ALLLL YO ICE PACKS - YEAH! YEAH! IMMA PUT MY BAAAAAAAAALLLLLS ON IT - WHOOOOOOOOO!"
During which time I am jumping around like a crazy person, including actually grabbing one of the ice packs, putting it down the front of my pants and screaming. Loudly.
It was after my own screaming I overheard more than one person yelling on the bridge line "YOU'RE NOT MUTED! YOU'RE NOT MUTED!"
I have seldom felt such raw, unadulterated panic.
I rushed back to my home office - yes, the green light is on my desk - my mic is hot. When I pressed mute at some point earlier in the call, it double-toggled, leaving me un-muted, and I never knew.
Even more embarrassing was the chat session I saw on my computer screen. It was from my manager (one of the managers on the call) - he had pinged me several times while I was in the kitchen.
It read something like:
hey, you there?
is that your phone
I think your phone isn't muted
mute
dude, mute
is that you?
MUTE!
did you just say balls?10 -
Wrote my friend Sam a letter when I was still working in support. I think it still holds up today.
---
Dear Sam,
I understand that you will join us in our overseas office. Congratulations on landing that job. It’s good steady work. I’ve been doing it for the last ten years.
Your still young so maybe I can give you some little wisdom that will help you in your working years to come.
Let me begin by shedding some light on phone calls.
I try. I really do try Sam. But it is getting so hard for me to hold back the rage that builds up during certain phone calls. Especially the ‘Sorry, I just don’t know anything about computers! -giggle-’ ones.
Those are the times that I have no access to what they see. I’ve no team-viewer, can not take over that screen in any other way. And why-oh-why can I not take over that terminal session dear Sam? It’s because the caller can not double-click an icon or find a terminal session number.
And what is the reason for this? Because they ‘just don’t know anything about computers! -giggle-’. This is a sort of get-out-of-jail-free card. Beware of these callers Sam.
There is nothing so nerve-wrecking then finding yourself at the mercy of people describing Internet Explorer (do not even get me started) as ‘the big ‘E’, if they use Chrome for their webmail then they most likely will say ‘Mail’ if they mean Chrome. There is no logic Sam. That is just the way these people work.
They will suck all enjoyment out of your work. They will make you want to hunt them down in dark office hallways and show them your tears Sam. Because cry you will.
Sure, I understand that not everyone can be tech savvy. Why, if everyone would be, where would that leave us? No. I love the technologically challenged. They put the fiber in my internet. They make me LOL for real. After the initial anger subsides anyway.
But just below that well-willing folk, on the other side of that border… there they dwell: Management.
Nice cars, suits and iphones Sam. First thing a new manager will require is a brand spanking new business-card. It will hold his/her new title. Then an iphone or overpriced android model will follow suit.
Then they will barge into your office, holding it like it’s the next best thing since sliced bread.
Any manager will automatically assume that you will drop anything you are doing at the present moment to acknowledge the presence of greatness. Failing to do so will result in awkward yet fulfilling situations. I recommend that you do not take your hands of the keyboard and give only the slightest of nods after 5 minutes of complete silence and glaring.
Well… you feel the glare. You do not glare yourself. You do not break eye-contact with the monitor. It does not even matter if you are typing for real or not. I once clicked away happily for 5 minutes. I just typed ‘he is still there’ over and over again. Do not break down Sam. This moment will decide your relationship with this individual.
After the nod there will be a flood of words aimed in your general direction. You can disregard anything that is said. It boils down to ‘can not operate device’.
You then take the device from this person and put it next to you on your desk. You’ll ask the name of this simpleton, write it down on a sticky-note, slap that on the phone. Then you’ll write a random date in the not so near future on another sticky and hand that to the bewildered person in front of you.
It will usually utter some incoherent words about ‘needing, time or but’ (I find that ‘but’is a word they like. They tend to use it three or four times consecutive before you usher them through the door).
Now you’ve won Sam. Well… not really. But it will feel good, I can guarantee that.
This must do for now. A new suit is glaring at me for the last five minutes.
Felt good to do something productive with this time.
Take care,
Baltasar
P.s. I just noticed that there is some foam around his mouth. So if you encounter this, don’t worry: it seems to be perfectly normal.13 -
I've had my share of incompetent coworkers. In order of appearance:
1. A full stack dev. This one guy never, and I mean NEVER uses relationships in their tables. No indexing, no keys, nada. Couple of months later he was baffled why his page took ten seconds to load.
2. The same dev as (1). Requirement was to create some sort of "theme" feature for a web app. Hacked it by putting !important all over the place.
3. The same dev again. He creates several functions that if the data exists returns a view, and if it doesn't, "echo '0'". No, not return 0 or return false or anything, but fucking echo. This was PHP. If posted a rant about this a few months ago.
4. Same dev, has no idea what clean code is. No, not just reusable functions, he doesn't even get indenting right. Some functions have 4 spaces, some 2 tabs, some 6 tabs! And this is inside the same function. God wait until he tries Python...
5. Same dev now suggests that he become the PM. GM approves (very small company). Assigns me to travel to a client since they needed "technical assistance about the API". Was actually there to lead a UAT session.
Intermezzo, that guy went from fullstack dev to PM to sales (yes, one who calls clients to offer products) to business development, to product analyst in the span of two years.
After a year and a half there, I quit.
6. New company, a "QA engineer" who also assumes the role as the product owner. Does absolutely no tests other than "functional tests" in which he NEVER produces any form of documentation. Not even a set of test cases. He goes by "intuition".
7. Same guy as (6), hands me requirements for a feature. By "hands me" I mean he did that verbally. No spec documents, no slack chat, no Trello card. I ended up writing it as a card in Trello. Fast forward to the due date, he flips out because that wasn't what he wanted. Showed him the card. He walked away, without thinking of a solution how this mess should be handled.
Despite all this, I really don't want him (6&7) to leave the company. The devs get really stressed out at this job and he does make a really good person to laugh with/at. -
What I did wrong during my home office cleaning session this morning:
- put soap on my mouse mat
- snapped my enter key
- vacuumed up my F8 key
- absent-mindedly cut my ethernet cable
- lost my zero key
- dropped my backup hard drive (data was recoverable, but I need a new drive)
- lost one of the nose pads on my glasses
- got a cocktail stick stuck in a USB port
- exploded my mouse by using the wrong type of battery
Things I did good:
- nothing11 -
I wrote a database migration to add a column to a table and populated that column upon record creation.
But the code is so freaking convoluted that it took me four days of clawing my eyes out to manage this.
BUT IT'S FINALLY DONE.
FREAKING YAY.
Why so long, you ask? Just how convoluted could this possibly be? Follow my lead ~
There's an API to create a gift. (Possibly more; I have no bloody clue.)
I needed the mobile dev contractor to tell me which APIs he uses because there are lots of unused ones, and no reasoning to their naming, nor comments telling me what they do.
This API takes the supplied gift params, cherry-picks a few bits of useful data out (by passing both hashes by reference to several methods), replaces a couple of them with lookups / class instances (more pass-by-reference nonsense). After all of this, it logs the resulting (and very different) mess, and happily declares it the original supplied params. Utterly useless for basically everything, and so very wrong.
It then uses this data to call GiftSale#create, which returns an instance of GiftSale (that's actually a Gift; more on that soon).
GiftSale inherits from Gift, and redefines three of its methods.
GiftSale#create performs a lot of validations / data massaging, some by reference, some not. It uses `super` to call Gift#create which actually maps to the constructor Gift#initialize.
Gift#initialize calls Gift#pre_init (passing the data by reference again), which does nothing and returns null. But remember: GiftSale inherits from Gift, meaning GiftSale#pre_init supersedes Gift#pre_init, so that one is called instead. GiftSale#pre_init returns a Stripe charge object upon success, or a Gift (and a log entry containing '500 Internal') upon failure. But this is irrelevant because the return value is never actually used. Pass by reference, remember? I didn't.
We're now back at Gift#initialize, Rails finally creates a Gift object using the args modified [mostly] in-place by all of the above.
Another step back and we're at GiftSale#create again. This method returns either the shiny new Gift object or an error string (???), and the API logic branches on its type. For further confusion: not all of the method's returns are explicit, and those implicit return values are nested three levels deep. (In Ruby, a method will return the last executed line's return value automatically, allowing e.g. `def add(a,b); a+b; end`)
So, to summarize: GiftSale#create jumps back and forth between Gift five times before finally creating a Gift instance, and each jump further modifies the supplied params in-place.
Also. There are no rescue/catch blocks, meaning any issue with any of the above results in a 500. (A real 500, not a fake 500 like last time. A real 500, with tragic consequences.)
If you're having trouble following the above... yep! That's why it took FOUR FREAKING DAYS! I had no tests, no documentation, no already-built way of testing the API, and no idea what data to send it. especially considering it requires data from Stripe. It also requires an active session token + user data, and I likewise had no login API tests, documentation, logging, no idea how to create a user ... fucking hell, it's a mess.)
Also, and quite confusingly:
There's a class for GiftSale, but there's no table for it.
Gift and GiftSale are completely interchangeable except for their #create methods.
So, why does GiftSale exist?
I have no bloody idea.
All it seems to do is make everything far more complicated than it needs to be.
Anyway. My total commit?
Six lines.
IN FOUR FUCKING DAYS!
AHSKJGHALSKHGLKAHDSGJKASGH.7 -
- Let's make the authentication system so the user can only login in one device at time, because this is more secure.
- You know that this will be a general-public application, right?
- Yeah!
- Sou you want to "punish" users with a logoff on the other device when he tries to login in a new one?
- Yeah!
- But before you said we will use Json Web Token to make the backend stateless.
- Yeah!
- And how will we check if the token is the last one generated?
- We will store the last generated token for this user on a table in our DB.
- So... you are basically describing the old authentication model, with session tokens stored on the backend and communicating them via cookies.
- Yeah, but the token will be sent on the Header, not on cookies
- Okay, so why will we use Json Web Token to do this in the first place?
- Because this is how they're doing now, and this will make the backend stateless.
A moment of silence, please.8 -
Boss: Hey, you were in that "Pike place fish market session" today. How was it?
Me: well, it was really motivational and inspiring. I learned few new things.
Boss: Great! Also let me tell you that you're again our employee of the week and we're considering you for the employee of the year award. No one got nominated so early in the job here.
Me: Thanks
Boss: So you wanted to talk to me. What was it about?
Me: Oh, I wanted to resign. Already sent the mail to you.4 -
I'm editing the sidebar on one of our websites, and shuffling some entries. It involves moving some entries in/out of a dropdown and contextual sidebars, in/out of submenus, etc. It sounds a little tedious but overall pretty trivial, right?
This is day three.
I learned React+Redux from scratch (and rebuilt the latter for fun) in twice that long.
In my defense, I've been working on other tasks (see: Alerts), but mostly because I'd rather gouge my freaking eyes out than continue on this one.
Everything that could be wrong about this is. Everything that could be over-engineered is. Everything that could be written worse... can't, actually; it's awful.
Major grievances:
1) The sidebars (yes, there are several) are spread across a ridiculous number of folders. I stopped counting at 20.
2) Instead of icon fonts, this uses multiple images for entry states.
3) The image filenames don't match the menu entry names. at all. ("sb_gifts.png" -> orders); active filenames are e.g. "sb_giftsactive.png"
4) The actions don't match the menu entry names.
5) Menu state is handled within the root application controller, and doesn't use bools, but strings. (and these state flags never seem to get reset anywhere...)
6) These strings are used to construct the image filenames within the sidebar views/partials.
7) Sometimes access restrictions (employee, manager, etc.) are around the individual menu entries, sometimes they're around a partial include, meaning it's extremely difficult to determine which menu entries/sections/subsections are permission-locked without digging through everything.
8) Within different conditionals there are duplicate blocks markup, with duplicate includes, that end up render different partials/markup due to different state.
9) There are parent tags outside of includes, such as `<ul>#{render 'horrific-eye-stabbing'}</ul>`
10) The markup differs per location: sometimes it's a huge blob of non-semantic filthiness, sometimes it's a simple div+span. Example filth: section->p->a->(img,span) ... per menu entry.
11) In some places, the markup is broken, e.g. `<li><u>...</li></u>`
12) In other places, markup is used for layout adjustments, such as an single nested within several divs adorned with lots of styles/classes.
13) Per-device layouts are handled, not within separate views, but by conditionally enabling/disabling swaths of markup, e.g. (if is_cordova_session?).
14) `is_cordova_session` in particular is stored within a cookie that does not expire, and within your user session. disabling it is annoying and very non-obvious. It can get set whether or not you're using cordova.
15) There are virtually no stylesheets; almost everything is inline (but of course not actually everything), which makes for fun layout debugging.
16) Some of the markup (with inline styling, no less) is generated within a goddamn controller.
17) The markup does use css classes, but it's predominately not for actual styling: they're used to pick out elements within unit tests. An example class name: "hide-for-medium-down"; and no, I can't figure out what it means, even when looking at the tests that use it. There are no styles attached to that particular class.
18) The tests have not been updated for three years, and that last update was an rspec version bump.
19) Mixed tabs and spaces, with mixed indentation level (given spaces, it's sometimes 2, 4, 4, 5, or 6, and sometimes one of those levels consistently, plus an extra space thereafter.)
20) Intentional assignment within conditionals (`if var=possibly_nil_return_value()`)
21) hardcoded (and occasionally incorrect) values/urls.
... and last but not least:
22) Adding a new "menu sections unit" (I still haven't determined what the crap that means) requires changing two constants and writing a goddamn database migration.
I'm not even including minor annoyances like non-enclosed ternaries, poor naming conventions, commented out code, highly inefficient code, a 512-character regex (at least it's even, right?), etc.
just.
what the _fuck_
Who knew a sidebar could be so utterly convoluted?6 -
(Written March 13th at 2am.)
This morning (yesterday), my computer decided not to boot again: it halts on "cannot find firmware rtl-whatever" every time. (it has booted just fine several times since removing the firmware.) I've had quite the ordeal today trying to fix it, and every freaking step along the way has thrown errors and/or required workarounds and a lot of research.
Let's make a list of everything that went wrong!
1) Live CD: 2yo had been playing with it, and lost it. Not easy to find, and super smudgy.
2) Unencrypt volume: Dolphin reports errors when decrypting the volume. Research reveals the Live CD doesn't incude the cryptsetup packages. First attempts at installing them mysteriously fail.
3) Break for Lunch: automatic powersaving features turned off the displays, and also killed my session.
4) Live CD redux: 25min phonecall from work! yay, more things added to my six-month backlog.
5) Mount encrypted volume: Dolphin doesn't know how, and neither do I. Research ensues. Missing LVM2 package; lvmetad connection failure ad nauseam; had to look up commands to unlock, clone, open, and mount encrypted Luks volume, and how to perform these actions on Debian instead of Ubuntu/Kali. This group of steps took four hours.
6) Chroot into mounted volume group: No DNS! Research reveals how to share the host's resolv with the chroot.
7) `# apt install firmware-realtek`: /boot/initrd.img does not exist. Cannot update.
8) Find and mount /boot, then reinstall firmware: Apt cannot write to its log (minor), listed three install warnings, and initially refused to write to /boot/initrd.img-[...]
9) Reboot!: Volume group not found. Cannot process volume group. Dropping to a shell! oh no..
(Not listed: much research, many repeated attempts with various changes.)
At this point it's been 9 hours. I'm exhausted and frustrated and running out of ideas, so I ask @perfectasshole for help.
He walks me through some debugging steps (most of which i've already done), and we both get frustrated because everything looks correct but isn't working.
10) Thirteenth coming of the Live CD: `update-initramfs -u` within chroot throws warnings about /etc/crypttab and fsck, but everything looks fine with both. Still won't boot. Editing grub config manually to use the new volume group name likewise produces no boots. Nothing is making sense.
11) Rename volume group: doubles -'s for whatever reason; Rebooting gives the same dreaded "dropping to a shell" result.
A huge thank-you to @perfectasshole for spending three hours fighting with this issue with me! I finally fixed it about half an hour after he went to bed.
After renaming the volume group to what it was originally, one of the three recovery modes managed to actually boot and load the volume. From there I was able to run `update-initramfs -u` from the system proper (which completed without issue) and was able to boot normally thereafter.
I've run updates and rebooted twice now.
After twelve+ hours... yay, I have my Debian back!
oof.rant nightmare luks i'm friends with grub and chroot now realtek realshit at least my computer works again :< initrd boot failure9 -
The tech stack at my current gig is the worst shit I’ve ever dealt with...
I can’t fucking stand programs, especially browser based programs, to open new windows. New tab, okay sure, ideally I just want the current tab I’m on to update when I click on a link.
Ticketing system: Autotask
Fucking opens up with a crappy piss poor sorting method and no proper filtering for ticket views. Nope you have to go create a fucking dashboard to parse/filter the shit you want to see. So I either have to go create a metric-arse tonne of custom ticket views and switch between them or just use the default turdburger view. Add to that that when I click on a ticket, it opens another fucking window with the ticket information. If I want to do time entry, it just feels some primal need to open another fucking window!!! Then even if I mark the ticket complete it just minimizes the goddamn second ticket window. So my jankbox-supreme PC that my company provided gets to strugglepuff along trying to keep 10 million chrome windows open. Yeah, sure 6GB of ram is great for IT work, especially when using hot steaming piles of trashjuice software!
I have to manually close these windows regularly throughout the day or the system just shits the bed and halts.
RMM tool: Continuum
This fucker takes the goddamn soggy waffle award for being utterly fucking useless. Same problem with the windows as autotask except this special snowflake likes to open a login prompt as a full-fuck-mothering-new window when we need to open a LMI rescue session!!! I need to enter a username and a password. That’s it! I don’t need a full screen window to enter credentials! FUCK!!! Btw the LMI tools only work like 70% of the time and drag ass compared to literally every other remote support tool I’ve ever used. I’ve found that it’s sometimes just faster to walk someone through enabling RDP on their system then remoting in from another system where LMI didn’t decide to be fully suicidal and just kill itself.
Our fucking chief asshat and sergeant fucknuts mcdoogal can’t fucking setup anything so the antivirus software is pushed to all client systems but everything is just set to the default site settings. Absolutely zero care or thought or effort was put forth and these gorilla spunk drinking, rimjob jockey motherfuckers sell this as a managed AntiVirus.
We use a shitty password manager than no one besides I use because there is a fully unencrypted oneNote notebook that everyone uses because fuck security right? “Sometimes it’s just faster to have the passwords at the ready without having to log into the password manager.” Chief Asshat in my first week on the job.
Not to mention that windows server is unlicensed in almost every client environment, the domain admin password is same across multiple client sites, is the same password to log into firewalls, and office 365 environments!!!
I’ve brought up tons of ways to fix these problems, but they have their heads so far up their own asses getting high on undeserved smugness since “they have been in business for almost ten years”. Like, Whoop Dee MotherFucking Doo! You have only been lucky to skate by with this dumpster fire you call a software stack, you could probably fill 10 olympic sized swimming pools to the brim with the logarrhea that flows from your gullets not only to us but also to your customers, and you won’t implement anything that is good for you, your company, or your poor clients because you take ten minutes to try and understand something new.
I’m fucking livid because I’m stuck in a position where I can’t just quit and work on my business full time. I’m married and have a 6m old baby. Between both my wife and I working we barely make ends meet and there’s absolutely zero reason that I couldn’t be providing better service to customers without having to lie through my teeth to them and I could easily support my family and be about 264826290461% happier!
But because we make so little, I can’t scrap together enough money to get Terranimbus (my startup) bootstrapped. We have zero expendable/savable income each month and it’s killing my soul. It’s so fucking frustrating knowing that a little time and some capital is all that stands between a better life for my family and I and being able to provide a better overall service out there over these kinds of shady as fuck knob gobblers.5 -
A senior developer come to interrupt me.
Senior developer: blah...blah....blah about this concept...... that concept... So, any new things you learn lately that you would like to share?
Me: I am learning back C++
Immediately he stop me and said, "Why did you learn C++? It is obsolete, no one use it anymore"
Me (in my head): But, you just said what I learn. It doesn't matter if its obsolete or not. Infact you are wrong, C++ is not obsolete anytime soon. I was about to share on webassembly.
Senior developer: So, would you like to join me in a short sharing session this afternoon.
Me: No thanks, I am really busy (just want to avoid at any cost)8 -
There was a time I made an update on one of our client's e-commerce website sign-up page. The update caused a bug that allowed new users to create an account without actually creating an account.
The code block meant to save user credentials (i.e email address and password) to the database was commented out for some reasons I still can't remember to this day. After registration new users had their session created just as normal but in reality they have no recorded account on the platform. This shit went on like this for a whole week affecting over 350 new customers before the devil sent me a DM.
I got a call from my boss on that weekend that some users who had made purchases recently can't access their account from a different device and cannot also update their password. Nobody likes duty calls on a weekend, I grudgingly and sluggishly opened up my PC to create a quick fix but when I saw what the problem was I shut down my PC immediately, I ran into the shower like I was being chased by a ghost, I kept screaming "what tha fuck! what tha fuck!!" cus I knew hell was about to break loose.
At that moment everything seemed off as if I could feel everything, I felt the water dripping down my spine, I could hear the tiniest of sound. I thought about the 350 new customers the client just lost, I imagined the raving anger on the face of my boss, I thought about how dumb my colleagues would think I was for such a stupid long running bug.
I wondered through all possible solutions that could save me from this embarrassment.
-- "If this shitty client would have just allowed us verify users email before usage things wouldn't have gotten to this extent"
-- "Should I call the customers to get their email address using their provided telephone?... No they'd think I'm a scammer"
-- "Should I tell my boss the database was hacked? Pffft hack my a**",
-- "Should I create a page for the affected users to re-verify their email address and password? No, some sessions may have expired"
-- "Or maybe this the best time to quit this f*ckn job!"
... Different thoughts from all four corners of the bathroom made it a really long bath. Finally, I decided it was best I told my boss what had happened. So I fixed the code, called my boss the next day and explained the situation on ground to him and yes he was furious. "What a silly mistake..!" he raged and raged. See me in my office by Monday.
That night felt longer than usual, I couldn't sleep properly. I felt pity for the client and I blamed it all on myself... yeah the "silly mistake", I could have been more careful.
Monday came boss wasn't at the office, Tuesday, Wednesday, Thursday, Friday not available. Next week he was around and when we both met the discussion was about a different project. I tried briefing him about last week incident, he seems not to recall and demands we focus on the current project.
However, over three hundred and fifty customers swept under the carpet courtesy of me. I still felt the guilt of that f*ck up till this day.1 -
Went to an introductory session for the new version of the lousy CMS my organization uses and on the second slide of the presentation WRITTEN BY THE BIG BRITCHES OF THE IT DEPARTMENT they informed us that the CMS removes the necessity to learn languages for web programming like HTML, CSS, and Java. My first thought is "huh why would I need Java for... wait..." You could see the thoughts crossing my mind.
"Wait a minute... Who writes Java applets anymore? Java isn't.... but what if... no... they wouldn't..."
For the holy love of Bill, YOU ARE THE IT DEPARTMENT. Please don't tell me you misguided cactus-heads just mixed up JavaScript and Java on an official document you're using in presentations for everyone using the system? It hardly did anything to inspire overwhelming confidence. And even if it was handled by somebody whose entire job is to write PowerPoints for these things, who reviewed this thing? Dilbert's boss? And that wasnt even the only soul-scorching error. Sweet mother of Tux, people, I'm a student using your system, your professional presentations shouldn't make me cringe.3 -
One of our newly-joined junior sysadmin left a pre-production server SSH session open. Being the responsible senior (pun intended) to teach them the value of security of production (or near production, for that matter) systems, I typed in sudo rm --recursive --no-preserve-root --force / on the terminal session (I didn't hit the Enter / Return key) and left it there. The person took longer to return and the screen went to sleep. I went back to my desk and took a backup image of the machine just in case the unexpected happened.
On returning from wherever they had gone, the person hits enter / return to wake the system (they didn't even have a password-on-wake policy set up on the machine). The SSH session was stil there, the machine accepted the command and started working. This person didn't even look at the session and just navigated away elsewhere (probably to get back to work on the script they were working on).
Five minutes passes by, I get the first monitoring alert saying the server is not responding. I hoped that this person would be responsible enough to check the monitoring alerts since they had a SSH session on the machine.
Seven minutes : other dependent services on the machine start complaining that the instance is unreachable.
I assign the monitoring alert to the person of the day. They come running to me saying that they can't reach the instance but the instance is listed on the inventory list. I ask them to show me the specific terminal that ran the rm -rf command. They get the beautiful realization of the day. They freak the hell out to the point that they ask me, "Am I fired?". I reply, "You should probably ask your manager".
Lesson learnt the hard-way. I gave them a good understanding on what happened and explained the implications on what would have happened had this exact same scenario happened outside the office giving access to an outsider. I explained about why people in _our_ domain should care about security above all else.
There was a good 30+ minute downtime of the instance before I admitted that I had a backup and restored it (after the whole lecture). It wasn't critical since the environment was not user-facing and didn't have any critical data.
Since then we've been at this together - warning engineers when they leave their machines open and taking security lecture / sessions / workshops for new recruits (anyone who joins engineering).26 -
In the last project i worked in, the product owner wouldn't treat people as people but as resources.
The problem with that is you just look at people and their work in terms of a checklist and remain blind about real humans face.
She wouldn't understand the challenges of building something with an absolutely new stack which people needed to learn from scratch and put pieces together. She wouldn't be supportive of people trying out things and fail.
One fine day I told her that I was spending too much time on meetings and i should be excluding that time from available sprint timings.. she made me open my calendar in a screenshare session with all team members. Made me go through go through every meeting invite i had on calender and ordered which ones should i be attending from then and which ones i wont. That was insulting. It broke the trust.
I decided to not work with the project. Stopped putting my heart and soul into it and eventually got out of it in a month time.
Don't put your team into a position like this ever. You have to trust them with the problems they face and try to find a solution. Scrutinizing and micro management will always kill the team.1 -
The management brought some devs from another outsourcing company into our project to overcome the fact that we, the existing developers, are retarded. We are retarded because they change the scope continously (aka daily) and we can’t keep track with their requests. They want something and after we implement it, they want it changed. Completely.
Instead of getting the project and deep dive into it using the materials (setup, architecture etc.) I prepared along the way, their PM said that we have to make some low level knowledge transfer. This knowledge transfer session happened on Friday.
The presenters were me and one of my colleagues. After 2 hours of training, we found out that the supposed senior devs don’t know how to use GIT, they don’t have a clue about Spring nor Angular (nor any SPA framework), their only questions were ‘why didn’t you use X?’ (where X = bootstrap, jQuery etc.) etc.
What is even funnier: during the presentation we were asked to keep a screen sharing opened during working hours for a couple of days just so the new devs could see how we are working.
Guess what happened with the scope on Friday evening: it changed again because ‘you got new devs so there will be multiple resources to handle tasks’.
2 more weeks and i’m out of there...7 -
Felt so awkward today. Bare in mind I am still a junior. I was on a pull request reviewing session on a repo I use. I was being super super pedantic with variable names, data types etc as the people who wrote it are brand new to the company. I then realise I had just reviewed the companies lead developers PR to a different repo. Every time someone comments on a PR on this repo all developers in the company get an email notification. I sat there litrually sweating, bright red with the words 'oh ****' on an infinite loop in my head, staring at the screen waiting to see what was to happen.
Thankfully he was ok with the comments. But now people keep calling me the lead developer (teasing) fml I hate anxiaty2 -
I’m trying to add digit separators to a few amount fields. There’s actually three tickets to do this in various places, and I’m working on the last of them.
I had a nightmare debugging session earlier where literally everything would 404 unless I navigated through the site in a very roundabout way. I never did figure out the cause, but I found a viable workaround. Basically: the house doesn’t exist if you use the front door, but it’s fine if you go through the garden gate, around the back, and crawl in through the side window. After hours of debugging I eventually discovered that if I unlocked the front door with a different key, everything was fine… but nobody else has this problem?
Whatever.
Onto the problem at hand!
I’m trying to add digit separators to some values. I found a way to navigate to the page in question (more difficult than it sounds), and … I don’t know what view is rendering the page. Or what controller. Or how it generates its text.
The URL is encrypted, so I get no clues there. (Which was lead dev’s solution to having scrapeable IDs instead of just, you know, fixing them). The encryption also happens in middleware, so it’s a nightmare to work through. And it’s by the lead dev, so the code is fucking atrocious.
The view… could be one of many, and I don’t even know where they are. Or what layout. Or what partials go into building it.
All of the text on the page are “resources” — think named translations that support plus nested macros. I don’t know their names, and the bits of text I can search for are used fucking everywhere. “Confirmation number” (the most unique of them) turns up 79 matches. “Fee” showed up in 8310 places before my editor gave up looking. Really.
The table displaying the data, which is what I actually care about, isn’t built in JS or markup, but is likely a resource that goes through heavy processing. It gets generated in a controller somewhere (I don’t know the resource name so I can’t find it), and passed through several layers of “dynamic form” abstraction, eventually turned into markup, and rendered as a partial template. At least, that’s how it worked in the previous ticket. I found a resource that looks right, and there’s only the one. I found the nested macros it uses for the amount and total, and added the separators there… only to find that it doesn’t work.
Fucking dead end.
And i have absolutely nothing else to go on.
Page title? “Show”
URL? /~LiolV8N8KrIgaozEgLv93s…
Text? All from macros with unknown names. Can’t really search for it without considerable effort.
Table? Doesn’t work.
Text in the table? doesn’t turn up anything new.
Legal agreement? There are multiple, used in many places, generates them dynamically via (of course) resources, and even looking through the method usages, doesn’t narrow it down very much.
Just.
What the fuck?
Why does this need to be so fucking complicated?
And what genius decided “$100000.00” doesn’t need separators? Right, the lot of them because separators aren’t used ANYWHERE but in code I authored. Like, really? This is fintech. You’d think they would be ubiquitous.
And the sheer amount of abstraction?
Stupid stupid stupid stupid stupid.11 -
Here I am trying to get some tickets for a theater, and I noticed an interesting thing. It seems that the website holds no session persistence. In other words it doesn't check to see if the user has stopped trying to order tickets, instead it holds the seats for about 30 minutes. This is kind of stupid because when you back out, your treated as a completely new session, you have no way of trying to get back the seats you had chosen.
Sooo, what does this mean? It means that I can start selecting a bunch of seats and continue selecting a bunch of seats. There appears to be no server-side checks to prevent someone from just booking the entire theater.
Soooooo, what does this mean? I could potentially spam the entire country's theaters (any that use this website as a booking system) and make it impossible for people to book seats through this website.
What do you guys think? Is this a bug or feature?6 -
Thanks to mandatory password change, today:
- My windows account got locked because my phone kept logging into wifi using
old password.
- Google Hangouts were silently running in background with old session until I re-opened it. Work of others delayed by 4 hours due to missing message notifications.
- Docker for Windows lost credentials needed to use SMB mounts - 1h of debugging why my containers mount empty folders ( now I will know)
- Google G-Sync for Outlook asked for new password on outlook restart - few mails delayed.
All of that for sake of security that could be easily solved with 2FA instead, not faking that "I do not change number at the end of my password" -
5 stages of failing WIFI connectivity on Linux
This morning I woke up my laptop to start my work day. I have 2 very important meetings today, so I better get all prepared.
"Wifi connection failed"
Syslog says:
- wpa_supplicant: wlp9s0: SME: Trying to authenticate with <MAC>
- kernel: wlp9s0: authenticate with <MAC>
- kernel: wl9s0: send auth to <MAC> (try 1/3)
- kernel: wl9s0: send auth to <MAC> (try 2/3)
- kernel: iwlwifi: Not associated and the session protection is over already...
- kernel: wl9s0: send auth to <MAC> (try 3/3)
- kernel: wl9s0: authentication with <MAC> timed out
#### DENIAL #####
No biggie, let's try another AP (I have 3). All 3 failed to connect. Fine, let's try my phone's hotspot! FAILED!!!!!
w00t.... okay, let's restart the router... but failing to connect to a phone hotspot is already a worrying sign.
Wifi connection failed
wtf.. disable and re-enable wifi
Wifi connection failed
#### ANGER #####
the fuuuuuuck. Maybe my router is dead. But my phone connects to it, no fuss. My personal lappy also connects there easily.
wtf... Does that mean I'm about to lose my uptime?? Come one!! It's Linux - there MUST be something I could do! I don't see processes hanging in D state so the radio must be fine - it's gotta be a software issue!
ChatGPT – type all the log entries manually, via phone (that took a while...). Nothing useful there: update firmware, restart NetworkManager, etc.
#### BARGAINING #####
Alright... How about a USB dongle? Plug it in and wifi connects immediately! Yayyy!!! But that's only b/g/n and I'd very much like to have ac. It works well as a limping backup, but not something I'd use for the meetings.
rfkill block/unblock all the radios. No change. USB dongle connects right away but the PCIe adapter keeps throwing notifications at me with failure messages. It's annoying, to say the least.
So I've already tried
- restarting the router(s)
- disabling/reenabling the radios
- multiple APs
- suspending/waking again several times
- praying
#### DEPRESSION #####
The only thing I haven't tried yet is the most cruel one - restarting the laptop. But that's unfair... It's LINUX! How could it disappoint me. I have so many tmux sessions open, so many unsaved leafpad notes, terminal histories with oh so comfy ^r and ! retriggers all ready and waiting to be executed...
#### ACCEPTANCE #####
But I can't miss the meeting. So I slowly start closing off apps, starting with the least important ones, trying to preserve as much history and recent commands as I can. I'm gonna lose my uptime, that's the inevitable obvious truth... Linux has failed me. Or maybe it's a hardware issue... I can't be sure until I restart.
I must reboot.
#### A NEW HOPE #####
Hold on.. What if... What if before restarting I try to reload the Intel wifi kernel module? Just for the giggles. I've got nothing to lose anyway...
rmmod iwlmvm
rmmod iwlwifi
modprobe iwlwifi
modprobe iwlmvm
*WiFi Connected*
YESSSS!!!!!!!!! My uptime is saved!
403 days and counting! YEAH BABY!!!
Linux is the best!rant sysadmin 5 stages of grief wifi reboot or not reboot reboot uptime network-manager wpa_supplicant linux8 -
Well on my last full-time job, that ware using cookies for authentication (not something new, eh?). The thing is, you see, the cookies had the 'accountId' which if you change to another number, kaboom you're that account, oh but that was not all, there was an option to mark the account type in there 'accountType', which was kind of obvious in VLE (virtual learning environment), 'Teacher', 'Student', 'Manager' put what of those values and boom you are that role for the session
Thing was open of SQL injection from the login form, from said cookies and form every part you can pass input to it, when I raised the question to my TL he said 'no one is going to know about thatt, I don't see what is the problem', then escalated to higher management 'oh well speak to *tl_guy*'
Oh and bonus points for it being written in ASP CLASSIC in 2014+ (I was supposed to rewrite, but ended up patching ASP code and writing components in PHP)
In 2015-2016, in a private college, charging kind-of big money per year1 -
So I started in a new job a week ago for a two weeks probation period, im getting payed double than my last job but it's so professionally frustrating.
They use a full php stack with a framework called tinymvc that I never heard of and the last commit is from 2009.
Beside this they implement some sort of "flexible" MVC where a great amount of the logic are inside the views. They have one model for each entity (in theory) but in reality one model have methods for a lot of tables.
Beside this the i18n is done by querying the database for all the translation strings and copying it in every user session, so every session file it's about 400kb where around 380 are duplicated translations.
The views folder is empty because they decided to modify the framework to look for the views in another folder called resource's and the development must be done connected directly to the production database
Above all this shit all the many-to-many relations in the database (MySQL) are handled creating a comma separated field on one of the tables, completely breaking the reference integrity.
So, after a week of work I can't stop thinking who the fuck developed this? In which world this shit is okay? How can I work around this big lake of shit?7 -
tl;dr:
The Debian 10 live disc and installer say: Heavens me, just look at the time! I’m late for my <segmentation fault
—————
tl:
The Debian 10 live cd and its new “calamares” installer are both complete crap. I’ve never had any issues with installing Debian prior to this, save with getting WiFi to work (as expected). But this version? Ugh. Here are the things I’ve run into:
Unknown root password; easy enough to get around as there is no user password; still annoying after the 10th time.
Also, the login screen doesn’t work off-disc because it won’t accept a blank password, so don’t idle or you’ll get locked out.
The lock screen is overzealous and hard-locks the computer after awhile; not even the magic kernel keys work!
The live disc doesn’t have many standard utilities, or a graphical partition editor. Thankfully I’m comfortable with fdisk.
The graphical installer (calamares) randomly segfaults, even from innocuous things like clicking [change partition] when you don’t have a partition selected. Derp.
It also randomly segfaults while writing partitions to disk — usually on the second partition.
It strangely seems less likely to segfault if the partitions are already there, even if it needs to “reformat” (recreate) them.
It also defaults to using MBR instead of GPT for the partition table, despite the tooltip telling you that MBR is deprecated and limited, and that GPT is recommended for new systems. You cannot change this without doing the partitions manually.
If you do the partitions manually and it can’t figure out where to install things, it just crashes. This is great because you can’t tell it where to install things, and specifying mount points like /boot, /, and /home don’t seem to be enough.
It also tries installing 32bit grub instead of 64bit, causing the grub installer to fail.
If you tell it to install grub on /boot, it complains when that partition isn’t encrypted — fair — but if you tell it to encrypt /boot like it wants you to, it then tries installing grub on the encrypted partition it just created, apparently without decrypting it, so that obviously fails — specific error: cannot read file system.
On the rare chance that everything else goes correctly, the install process can still segfault.
The log does include entries for errors, but doesn’t include an error message. Literally: “ERROR: Installation failed:” and the log ends. Helpful!
If the installer doesn’t segfault and the install process manages to complete, the resulting install might not even boot, even when installed without any drive encryption. Why? My guess is it never bothered to install Grub, or put it in the wrong place, or didn’t mark it as bootable, or who knows what.
Even when using the live disc that includes non-free firmware (including Ath9k) it still cannot detect my wlan card (that uses Ath9k).
I’ve attempted to install thirty plus times now, and only managed to get a working install once — where I neglected to include the Ath9k firmware.
I’m now trying the cli-only installer option instead of the live session; it seems to behave at least. I’m just terrified that the resulting install will be just as unstable as the live session.
All of this to copy the contents of my encrypted disks over so I can use them on a different system. =/
I haven’t decided which I’m going with next, but likely Arch, Void, or Gentoo. I’d go with Qubes if I had more time to experiment.
But in all seriousness, the Debian devs need some serious help. I would be embarrassed if I released this quality of hot garbage.
(This same system ran both Debian 8 and 9 flawlessly for years)15 -
I've been staffed on a old ongoing project, first day.
0. Compatibility has to be guaranteed down till IE9... ppf.
1. Front end made in XHTML+JS(jQuery)... bah, ok.
2. XHTML+JS is actually generated by PHP5.4, not a line is actually statically served... beh, funny, ok.
3. PHP files are the output of an XSLT transform of a bunch of XMLs... meh, seriously? Oooook.
4. XMLs are the product of the serialisation of a truck of stateful JavaEE6 DTOs populated magically (undocumented) with data coming from a SQL DB... WTF mode!!!
5. Session logics lives within PHP-land at point 2, front end makes ajax calls here that propagates to another WS out of our control that triggers -somehow- (undocumented) our Java backend at point 4 to generate new XMLs and then reach front end again. Kill me now.
Boss: look... it's too slow for the client, it's too heavy on our servers: fix it. Ah, and we sold 85% test coverage by October. You're the man for the job. (I'm a Node.js fullstacker and right now there's not even a testing scaffold, ofc).
Me: prod is on Linux or Windows?
Boss: RHEL7.
Me: rm -rf / as root. Done.
Boss: I know I know...
Me: ...
I think time has come...6 -
Soooo it's Monday........ 🤯
@C0D4 started the day fixing current projects defects (4 tickets smashed before coffee 💪)
Then after coffee, run a test coverage report and see a significant decline over the past few months, so spends a couple hours adding more tests to get some areas filled in - meh, nothing like 50+ lines per test... to test a if() statement but whatever - complex scenarios will be complex to get too, but no my tests break and I'm missing data I didn't know about🤦♂️
So let's comment all that out, and go to lunch ... mmmm lunch.
Get back, start working on those again, and then get handed a new issue, so comment that all back out again, ( ok I know what you're thinking, but I'm working in an environment that does not use git for deployments - don't ask, real pain in the ass I haven't had time to invest into yet - but as code versioning only) anywho, starts to workout this new issue but don't figure it out, enter a 30 minute meeting.................. yea that was 2 hours later but was a very practical whiteboard session only to work out I have something like 16-20 weeks of work over 4-5 projects to get out in like 6 weeks... hahahahahahaha fml..... oh and that's excluding another project which had a 6 weeks of work in the pipeline to get to somehow.... I'm not seeing this one happening, and probably conflicting projects needed on top of that down the track... but we'll leave those out for now!
Whoot is fucking home time!!!
🤷♂️I'm starting to think I'm like a team of 5-10 devs right now, maybe I should start asking for 5-10x more 😏
#letsBringOnTuesday!!!!4 -
@JoshBent and @nikola1402 requested a tutorial for installing i3wm in a windows subsystem for linux. Here it is. I have to say though, I'm no expert in windows nor linux, and all I'm going to put here is the result of duckduck searches, reddit and documentation. As you will see, it isn't very difficult.
First things first: Install WSL. It's easy and there's a ton of good tutorials on this. I think I used this one: https://msdn.microsoft.com/en-us/...
Once you got it installed, I guess it would be better to run "sudo apt-get update" to make sure we don't encounter many problems.
Install a windows X server: X is what handles the graphical interface in linux, and it works with the client/server paradigm. So what we'll do with this is provide the linux client we want to use (in this case i3wm) with an X server for it on windows. I guess any X server will do the work, but I highly recommend vcXsrv. You can download it here:
https://sourceforge.net/projects/...
for i3 just "sudo apt-get install i3"
Configurations to make stuff work:
open your ~/.bashrc file ("nano ~/.bashrc" vim is cool too). You'll have to add the following lines to the end of it:
"""
export DISPLAY=:0.0 #This display variable points to the windows X server for our linux clients to use it.
export XDG_RUNTIME_DIR=$HOME/xdg #This is a temporary directory X will use
export RUNLEVEL=3
sudo mkdir /var/run/dbus #part of the dbus fix
sudo dbus-daemon --config-file=/usr/share/dbus-1/system.conf #part of the dbus fix
"""
Ok so after this we'll have a functional x client/server configuration. You'll just have to install your desktop enviroment of choice. I only installed i3wm, but I've seen unity and xfce working on the WSL too. There are still some files that X will miss though.
*** Here we'll add some files X would miss and :
With "nano ~/.xinitrc" edit the xinitrc to your liking. I only added this:
"""
#!/usr/bin/env bash
exec i3
"""
Then run "sudo chmod +x ~/.xinitrc" to make it an excecutable.
Then, to make a linking file named xsession, run:
"ln -s ~/.xinitrc ~/.xsession"
Now you'll be able to run whatever you put in ~/.xinirc with:
"dbus-launch --exit-with-session ~/.xsession"
There's a ton of personalisation to be done, but that would be a whole new tutorial. I'll just share a github repo with my dotfiles so you can see them here:
https://github.com/DanielVZ96/...
SHIT I ALMOST FORGOT:
Everytime you open any graphical interface you'll need to have the x server running. With vcXsrv, you can use X launch. Choose the options with no othe programs running on the X server. I recommend using "one window without title bar".10 -
I hate windows.
I hate windows update.
I hate windows update rebooting my PC and not reopen everything from last session.
I hate windows update trying to install updates while running from battery in power save mode.
I hate windows not being able to figure out where to put windows on dual head setup.
I hate developing in windows environment.
Man I'm glad that I use windows at home only for gaming.
Man I'm glad that I can choose a non-windows PC on my new workplace.20 -
My team lead be like when we're in a meeting with the boss:
He: I'll have a working session with her, we'll brainstorm on how to come up with a better design and improve such and such feature, once that's done, we would call you to have another meeting.
Boss: sounds good, I'm looking forward to it.
Me: *internally rolls eyes...*
He: thank you everyone.
.
*meeting done*
.
.
.
couple of minutes later, I get a message from him:
He: hey, it turns out I'm busy and I can't have that session with you, do come up with a new idea/design and share it with me.
Me: .... *fuck you, like you didn't know you were busy before making that fake promise*
.
.
.
The fucker will take credit again for things he didn't do.8 -
Gosh only Idiots out there...
Told my coworker, to install the tomar manager on server 1. Same easiest way for him just copy it from server 2. He was already in console of the first... then I see that he opened winscp, navigating via gui to the directory miss clicked a few times. Tried drag and drop the folder to desktop. Get notified that he didn't installed the plugin. Dragged it to another folder on his pc in winscp. Started new session of winscp for the other server. And so on. I said after he started the first winscp that the command line would be 1000x faster.
Meanwhile I wrote the command for this torture on a sticky note and left the room. That wastes too much time of 2 ppls. Good old days when the most people's know how to use a console.3 -
My designer just had an user interview where the user is a developer and my designer showed him the mock-ups of a no code tool that we are building, asking the dev for his input.
She literally had a session with a guy announcing him that we are building a tool that will put him out of work and moreover asked him for inputs so that we miss no use case.
And in another story, one of my dev lead decided to decommission an entire feature and replace it will a hacky solution because the devs in her team were not comfortable using the current design in their development stage. Hence, without user research, any strong use case, or considering business implications, she went ahead and drafted the entire approach on how to fuck everyone.
I am out of my honeymoon phase at my new org and I am scared. Shit scared.16 -
I work on a warehouse dev team. One day this past year, I was trying to deploy a new build to a QA server. Earlier that day I had been looking at the logs on the production server and had left the ssh session open. I had been working for less than a year out of college at this point and shouldn't have had access to deploy to the production server.
Long story short I deployed my QA build to the production server and saw there were problems connection to our production database. Then my heart dropped in my chest as I realized I had just brought down our production server.
I managed to get the server back up by rolling back in about 5 minutes and no one ever knew except some people on my team.
I felt horrible for the longest time. Later in the year another guy that joined my team that has about 20 years of experience under his belt did the exact same thing, but needed help rolling it back. Needless to say, that made me feel a lot better. 😂
Definitely the worst moment of my year.3 -
So one of my clients got their wordpress site hacked and basically just redirects to scam links and well.. I looked at in the server file manager and their are like three directories with this wordpress site (not clones but the same?) one in the root, a version in a folder called old and another in temp.. with 3 separate wp databases.. DNS entries had malware redirects, the wp-content folder was writable to the public and contained a temp folder with tons of encoded malware and ip links to malicious sites.. there was encoded malware in index.php, has like 20+ plugins, oh and the theme uses a dynamic web builder so the code is basically unreadable in source and scattered.. and the redirects seem to happen randomly or at least on a new session or something. Oh.. and did I mention there are no backups? 😃2
-
I despise it when software developers remove features because "too few people use them".
Is this what those shady telemetry features are for? So they can pick which useful features to get rid of because some computer rookies whined that it is "feature creep" rather than just ignoring it?
Now I have to fear losing useful (or at least occasionally convenient) features each time I upgrade, such as Firefox ditching RSS, FTP, and the ability to view individual cookies. The third can be done with an extension, but compatibility for it might be broken at some point, so we have to wait for someone to come up with a replacement.
Also, the performance analysis tool in the developer tools has been moved to an online service ("Firefox profiler"). I hope I don't need to explain the problems with that.
But perhaps the biggest plunge in functionality in web browser history was Opera version 15. That was when they ditched their native "Presto" browsing engine for Chromium/Blink, and in the process removed many features including the integrated session manager and page element counter.
The same applies to products such as smartphones. In the early 2010s, it was a given that a new smartphone should cover all the capabilities of its predecessors in its series, so users can upgrade without worrying a second that anything will be missing. But that blissful image was completely destroyed with the Galaxy S6. (There have been some minor feature removals before that, such as the radio and the three-level video recording bitrate adjustment on the S4, but that's nothing compared to what was removed with the S6.).
Whenever I update software to a new version or upgrade my smartphone, I would like it to become MORE capable, not LESS (and to hell with that "less is more" nonsense).10 -
Follow up to: https://devrant.com/rants/5047721/....
1- The attacker just copy pasted its JWT session token and jammed requests on the buy gift cards route
2- The endpoint returns the gift card to continue the payment process, but the gift card is already valid
3- Clients wants only to force passwords to have strong combinations
4- Talk about a FIREWALL? Only next month
5- Reduce the token expiration from 3 HOURS to 10 minutes? Implement strong passwords first
6- And then start using refresh tokens
BONUS: Clearly someone from inside that worked for them, the API and database password are the same for years. And the route isn't used directly by the application, although it exists and has rules that the attacker kows. And multiple accounts from legit users are being used, so the person clearly has access to some internal shit7 -
Hmm. So have you ever argued in a job interview? Like really standing your ground? In a technical interview?
Today I had a live coding session with a company I'm interested in. The developer was giving me tasks to evolve the feature on and on.
Everything was TDD. Splendid!
However at one point I had to test if the outcome of the method call is random. What I did is basically:
```
Provider<String> provider = new SomeProvider("aaa", "bbb", "ccc", "ddd", "eee", "fff")
for(int i=0; i<100; i++) {
String str = provider.get();
map.put(str, incrementCount(str));
}
Set<Integer> occurences = new HashSet(map.values());
occurences.removeIf(o -> o.equals(occurences.get(0)));
assertFalse(occurences.empty());
```
and I called it good enough, since I cannot verify true randomness.
But the dev argued that this is not enough and I must verify whether the output is truly random or not, and the output (considering the provider only has a finite set of values to return) occurences are almost equal (i.e. the deviation from median is the median itself).
I argued this is not possible and it beats the core principle of randomness -- non-determinism. Since if you can reliably test whether the sequence is truly random you must have an algorithm which determines what value can or cannot be next in the sequence. Which means determinism. And that the (P)RNG is then flawed. The best you can do is to test whether randomness is "good enough" for your use case.
We were arguing and he eventually said "alright, let's call it a good enough solution, since we're short on time".
I wonder whether this will have adverse effect my evaluation . So have you ever argued with your interviewer? Did it turn out to the better or to the worse?
But more importantly, was I right? :D21 -
Mozilla has announced that it's rolling out changes under the California Consumer Privacy Act (CCPA) to all Firefox users worldwide.
According to report of ZDNet: The CCPA (America's privacy legislation) came into effect on January 1, 2020, offering Californian users data-protection rules. Much like Europe's GDPR, the CCPA gives consumers the right to know what personal information is collected about them and to be able to access it. While the law technically only applies to data processed about residents in California, US. But Mozilla notes it was one of the few companies to endorse CCPA from the outset. Mozilla has now outlined the key change it's made to Firefox, which will ensure CCPA regulations benefit all its users worldwide. The main change it's introducing is allowing users to request that Mozilla deletes Firefox telemetry data stored on its servers. That data doesn't include web history, which Mozilla doesn't collect anyway, but it does include data about how many tabs were opened and browser session lengths. The new control will ship in the next version of Firefox on January 7, which will include a feature to request desktop telemetry data be deleted directly from the browser.6 -
Aaaah ! So fuckin done with this Server error !
I am checking if a cookie is set in Php and if it is, I am redirecting user to some page, basically its a 'remember me' logic. But this fucking error comes in everytime my page redirects.
I have a similar logic to check if user is currently logged in the current session,and if he opens a new window and types the url(index.php) he is automatically logged in (obviously,duh !) and redirected,bt it dosent crash at that time!
Help 😥15 -
#wk13
Client: Let's get our car online using the phone as the router!
Me: let's do that!
Client: Can we use NFC as the protocol?
Me: Probably, but just to automate the connection..
Client: No we should use NFC for the entire session!
Me: No!
Client: Why not? It's new, it's happening, bosses will be excited!
Me: You do know what the N in NFC stands for right!
Client: New?
Me: -_- thinking "I hope you lose your genitals to a horrible case of blue waffles.."8 -
Testing an attendace machine API one by one so i know what does what.
And there’s an API for wiping all the attendance data stored in the machine.
I didn’t realize it until i push the damn button.
The attendance machine just become fresh like new 😱😨😰
Shit.
A testing session just become an extreme sport.
Thankfully the IT guy has a backup but just up to last month.
Well, it’s better than nothing isn’t it?
He just tell his boss that the machine was run out of memory and the attendance data for the current month were not saved.
And he ask him to buy me some machine for testing.
Yes, i was living on the edge by testing in the production machine. -
i was hired to join a team of old devs (40+) in an unnamed European country "yay goodbye 3rd world it's time to enjoy the quality of life" assist with enhancing already existing software and creating new solutions.
prior to my arrival most things were slow and super buggy, looking at the code base it shouldn't be a surprise, amateur hour everyone, logic implemented that is not needed, comment driven development, last time code review was done back in 1996. lots of anti patterns.
i swear there is a for loop that does nothing but it loops through a 100+ elements list, trunk based development with tfs since git is "not really needed"
test projects are not there.
>enter me an educated fool, with genuine passion for the craft and somehow a decent amount of knowledge.
>spent the last year fixing stuff educating people on principles and qualities.
> countless hours of training and explaining. team is showing cooperation, a new requirement comes in to develop with react.
> tear my ass creating reusable shit and self explanatory code with proper naming etc using git with feature branching, monday is first deployment day.
> today a colleague was working on an item submit a pull request and self approve it
> look at the code..... WTF the dumb fuck copied and pasted the whole code from different kendo components but somehow managed to refractor the name to test component, commented out all the code that he didn't use did the api call directly from the component, has 2 useeffects that depends on the a fucking text box changes for no reason, no redux implementation, the acceptance criteria is not achieved, and it doesn't work it just look right.
> first world country shit cannot scold, cannot complain, lead by example.
>asked him why you did this, the response was yeah probably i shouldn't have done that, i really didn't understand anything in the training but didn't want to waste time!!!!
> rest of the team created a different styled disaster with different flavors they don't even name their shit the same way.
fellow developers I'm stuck in a spaceship with a bunch of imposters, seriously i never cried in my entire life now I'm teary and on the verge of a break down.
talk with management "improving needs time" and offers me to join a yoga session to release the stress as if reaching nirvana would deliver shit on monday.
i really don't know what do is this a rant, is this a cry for help, I'm not sure, any advice is welcomed.7 -
Fuck Unity.
Every single time I try to use Unity to develop my well-along-in-development video game, it finds some way of fucking itself up.
Be it from somehow failing to compile a DLL - which is something completely out of my control, the inspector failing to update itself when I select a new object every five minutes, to the engine managing to fail to load its UI layout because it somehow managed to lose a file responsible for containing the layout, the Inspector forgetting to include a scrollbar and as such trying to cram a bunch of components into one area, crashing in a certain area because I tried using reflections, crashing because I tried running the game in a place that always works, all the way to the whole thing closing instantaneously when I try selecting a new layout.
My experience with using this god-forsaken configuration of code and imagery has been one of endless torment; I've spent hours lamenting about the pain this piece of utter horseshit has caused me to those who'd listen.
I don't know what I did to this thing to deserve to be shown the absolute worst of this engine for the year I've been working on my game for. I can't even take a look at its source code to see if I can piece together things I'll pick up from alien code to fix obnoxious bugs myself because you cunts have it under lock-and-key for some dumbass reason.
Even updating my install of this engine is a gamble; I remember clear-as-day updating my project from 2019.3.14 to whichever one was most recent at the time, and everything breaking. This time, I got lucky and managed to update to 2020.1.4 with no issue on the surface, except I inadvertently let in a host of other issues that somehow made the editor worse than the older one.
There's little point in even bothering to report a bug because this shit happens so randomly that I could be just working on auto-pilot and the next thing I know Unity's stupid "crash handler" rears its ugly head yet again, or you people are probably too busy adding support for platforms no sane person uses like fucking Chromebooks.
There've been times where it's crashed upwards of three times in the span of 40 minutes of light use.
How is one expected to cough up hundreds of dollars a year to use a "pro" version of this horrid editor when every session of use yields a 50/50 chance that it'll either work like it's supposed to, or break in one way or another?
It's a miracle I even managed to type all of this out in one go, I expected the website to just stop responding entirely once I got past four lines.
Do what you will with my post, I don't care.6 -
The company that I work for has recently recruited a team for Web Development, so they don't have to pay a monthly fee to the previous team who designed their website.
They have over 3000+ products in the old website, and no logical way to import them to the new website. The old team was asking for 300$ to give them an API which would return the product details in an XML format.
Obviously, paying that amount of money wasn't logical for a dying website, so the manager decided to hire someone to manually copy the content from the old admin panel to the new one, that is until I stopped him.
My solution? Write a simple web scraper to login to the old panel and collect data. Boom! 300$ saved from going to waste.
Now, the old team found about this and as much as my manager was happy, they were quite angry. So they implanted a Google reCaptcha to prevent my bot from scraping the old panel.
I spent about 20 minutes, and found out once you're logged in to the old panel, the session is saved in a cookie and you are no longer greeted by a Captcha.
So I re-written a small portion of my bot, and Boom! Instant karma from manager. We finished publishing the new site, and notified the old team, only to see the precious look on their face. Poor guy, he thought I was a wizard or something 😂😂
That's what you get for overcharging people!
TL;DR: Company's old website team wanted to overcharge us writing an API to fetch 3000+ records.
Written a basic web scraper to do the same job in less than an hour.3 -
Haven't ranted in a while so here it goes.
Head of product took me (senior dev) to a high value client workshop/demo session and over the course of two days found the reason behind why the dev team has been pushed to the limit as of late and sales/product team has been making promises to clients without checking with dev leaders on reasonable delivery dates on massive new features.
I tried my best to manage expectations by differing talking about delivery dates by saying "lets discuss that with the team" rather than giving out dates right now. But as soon as the meeting ends he sends an email to the client confirming delivery dates on features that we have done no research on or even specialize in!
Please tell me this is not how well established businesses work or is that the new reality of things. In either case I wanna find a new job :/2 -
Long long time ago when recharge coupons we a thing, I used to try out more codes in the series and waste my time. After failing a lot over this, I started trying out different USSD codes to see what other stuff is out there. This got me to stumble upon facebook and twitter on USSD. I'm not sure now but, twitter was probably *515# from my carrier.
Facebook. I remember chatting for quite a long period using this. Very slow and limited yet, fun. The USSD message expires within ~60secs. so you have to type the chat message before that or you lose everything you typed. The phone was no smartphone that would allow me to copy the text from the USSD input. On top of that panic, was a character limit to these messages. I remember hitting send while being midway through a message just so I don't lose what I typed, on a T-9 keyboard. Still miss those!
The person on the other side would receive a half message due to this, and would start replying without any patience, to which I panicked as now there's a new thing to respond to, and a half message which I'm waiting to complete.
Later over the weekend when I was allowed to visit the cyber cafe for an hour or two with 15-30 INR, reading the chat threads, being able to use the five sticker packs:) and thus continuing on a computer was fun. But, as the time at the cafe expires, I had to immediately shut off my session or I'd be charged more. Thus, I was left in the middle of a conversation again, and had to continue over USSD.
Using social media without any internet like this was quite fun in a weird way. If I get a new message, I'd get a USSD alert, and then an sms if I didn't reply in some 10-15mins!
This had all the features like like and comment. Friend requests too. For the posts in a "timeline" which was new and fancy in those days, all you see is the caption of a post which also gets truncated quite a bit as USSD also has to show it's options like:
1. Like
2. Comment
3. Next Post
4. Main Menu
This was around '13 or '14 I guess. After which I later got my first computer- a laptop. Anyways, the tactile feel of pressing the buttons on a T-9 keypad is nostalgic to me. 😅 And if you were a pro at texting, u must hv used shrtcts lyk dis too w/ emojis lyk :-) <3 -
so, me and my best friend started playing pen and paper and after a wile we decided to create our own system. After a year of improving and testing we thaugth about a new java side project and more improvements for our system. time goes by and now we have three java apps for our own pen and paper and a lot of reusabilly code.
Playing and planing a new session of p&p is now so comfortable and fast 🤗 -
So, a new web project came for some small layout changes, nothing to fancy.
It was on the hands of another company and the client didn't want to work with them anymore. Basic Magento with a custom theme.
As I was wondering through files, I found out that the old devs echoed, in ".phtml" files, contents from ".txt" files located in base directory. I was shocked and went forward with it. The core of Magento had tons of this "echo"s. Several minutes later I found out that they "coded" another administration panel besides Magento, that had "authentication" with hard-coded user/pass inside index.php and a session start. That admin panel just rewrote the contents of .txt files using textareas. Why/what/when the fuck..they've forgotten the admin password?!?!!!!
This was like 3-4 years ago.
Worst project i've seen, ever... -
New CTO.
New CTO pushes policy change to all browsers to open Facebook Workplace on every new tab and as start page.
Locks option to change it.
This also kills restoring tabs from past session.
New CTO handles the complaints
'It's fine to complain, we don't even have to agree. If this is important to you, then come up with a suggestion on how to solve this for all our employees. Business equirement is that one page is shown at startup, that's it. This has nothing to do with Workplace.'14 -
A dev life in Queen songs:
„A Kind of Magic“ - Build successful
„A Winter’s Tale“ - Key Account Manager visits customer
„Action This Day“ - Release day
„All Dead, All Dead“ - System down
„Another One Bites the Dust“ - kill -9 4711
„Breakthru“ - 10 hour debuging session
„Chinese Torture“ - Microsft Office
„Coming Soon“ - Client asks for delivery date
„Dead on Time“ - shutdown -t 10
„Doing All Right“ - How's the progress on the new feature?
„Don’t Lose Your Head“ - git push -f
„Don’t Stop Me Now“ - In the zone
„Escape from the Swamp“ - Hand in resignation letter
„Forever“ - while(1)
„Friends Will Be Friends“ - friend class Vector;
„Get Down, Make Love“ - No rule to make target "Love"
„Hammer to Fall“ - Release day
„Hang on in There“ - 2 weeks until release
„I Can’t Live With You“- Microsoft
„I Go Crazy“ - Microsoft
„I Want It All“ - Google
„I Want to Break Free“ - free( (void*) 0xDEADBEEF );
„I’m Going Slightly Mad“ - Impossible feature requested
„If You Can’t Beat Them“ - Impossible feature promised by sales
„In Only Seven Days“ - Impossible feature ordered
„Is This the World We Created...?“ - Philosphic moments
„It’s a Beautiful Day“ - Weekend
„It’s a Hard Life“ - Weekday
„It’s Late“ - Deadline was last week
„Jesus“ - WTF?
„Keep Passing the Open Windows“ - Interprocess communication
„Keep Yourself Alive“ - Daily struggle
„Leaving Home Ain’t Easy“ - Time to get up and go to work
„Let Me Entertain You“ - Sales meets customer
„Liar“ - Sales
„Long Away“ - Project start
„Loser in the End“ - Dev
„Lost Opportunity“ - Job ad
„Love of My Life“ - emacs/vim
„Machines“ - Computer
„Made in Heaven“ - git
„Misfire“ - Unhandled exception at Memory location 0xDEADBEEF
„My Life Has Been Saved“ - Google drive/Facebook
„New York, New York“ - Meeting at customer
„No-One But You“ - Bus factor = 1
„Now I’m Here“ - Morning rush hour
„One Vision“ - Management goals
„Pain Is So Close to Pleasure“ - NullPointerExcption
„Party“ - Delivery completed
„Play the Game“ - Customer meeting inhous -
„Put Out the Fire“ - Support hotline
„Radio Ga Ga“ - GSM/GPRS/UMTS/LTE/5G
„Ride the Wild Wind“ - Arch Linux
„Rock It“ - Linux
„Save Me“ - CTRL-S/CTRL-Z
„See What a Fool I’ve Been“ - git blame
„Sheer Heart Attack“ - rm -rf /
„Staying Power“- UPS
„Stealin’“ - Stack Overflow
„The Miracle“ - It works
„The Night Comes Down“ - It doesn't work
„The Show Must Go On“ - Project cancelled
„There Must Be More to Life Than This“ - Philosophic moments
„These Are the Days of Our Lives“ - Daily routine
„Under Pressure“ - 1 day until release
„Was It All Worth It“ - Controlling
„We Are the Champions“ - Release finished
„We Will Rock You“ - Sales at customer
„Who Needs You“ - HR
„You Don’t Fool Me“ - Debugging session
„You Take My Breath Away“ - rm -rf /
„You’re My Best Friend“ - emacs/vim4 -
So I recently started a new job and there's a boot camp as part of the on boarding process. I'm new to scala, I have python and golang backend experience.
During the scala session, the CTO shows us some examples and gives us an exercise to create a Todo REST API with user authentication, then goes to a meeting.
He was using a library called "bacon" in one of his examples, so we were busy struggling to get shit to work and googling "how to do x with scala bacon lib" with no results and we finally gave up.
CTO comes back 30 minutes later and wants to see to how far we got, so we ask him about this bacon lib only to find out that it's their own awesome framework. &$!#% -
So, we (I'm the backend guy and work with a UI dev) are building this product portfolio management tool for our client and they have a set of 250 users. The team has two point of contacts for the 250 users who maintain the master data, help users with data quality, tool guidance, reporting and other stuff. So one day one of these two support users come to me and say : Hey I'm not able to add new transactions coz a customer is missing.
We have the provision to create / maintain customers.
I check the production DB, application code, try creating the customer and then the transaction, everything works perfectly fine.
I ask the user for a screen sharing session, the user starts reproducing the error like this :
We have a 3 system landscape - Dev / Test and Prod
U : Logs into the test system url, creates the customer.
U : Points out the toast saying customer creation is successful.
U : opens a new tab, opens the production system, tries creating the transaction, searches for the customer and says " see !! cant find the customer here ! the master data management apps never work !! "
FML?. -
Yet another day at my company, Im rewriting some old code for client (rewriting old, php 4 system for vindications managment) and you know the moment when you are focused and someone comes to you to absolutely ruin your focus. Fine, whatever. Oh, for fuck sake. Again dev is doing as support becouse one moron with second can't login into zimbra admin panel and add fucking mailbox. I show them exacly how they login, remind them they are admins too, slowly show them, so you click "manage" than you click that gear icon and than you click "new", fill in email address and password. As simple as 1-2-3. Okay, fuck it, time to go for a cig. I just finish up few lines and stand, grab my vape and start walking towards door. In door I find my buddy with 2 random people. He told me that they are interns and that I should show them some basics and stuff around that. Oh god, fuck my life. If anything, Im definitely very bad teacher, mainly becouse I often have problems with saying what I mean in the way that somebody actually understans and knows what I am trying to say. Whatever. Fuck it all. I grab two of our old laptops that nobody used in like a year or so, and first thing I quickly figure out, is that one day for some what the fuck reason I dont even dont bothered to remember I installed Arch on both while I dont usually use Arch. I just needed it for some specific reason. Whatever. So I guess I will need to upgrade fucking system. Our network isn't really great so that was like... hour or so. In the meantime I figured what they know about coding in general etc, and holly shit. One of them (there was boy and girl), girl, apparently never ever in her life even touched code. Well... fuck. Why am I wasting my time? Becouse there was some programme or some shit like that... Someone could tell me before so I could mentally prepare.. fuck it. whatever. So while laptops are doing their pacman thing, I sit with them and slowly start to explain based on my machine some really basic concepts. Second guy actually had some expirience, he knew how to make some really really basic logic and stuff, so he had another world of problems, becouse it was PHP and, as we all know, everyone hates PHP, and... yeah.. You can probably imagine his approach. Yes, you get user input in super global array. I really wanted to say "Now shut the fuck up and write that fucking $_POST".
hour or so passed, I was close to giving up to not let my anger rise (im not really good teacher... I mentioned it. I suck at teaching others) but luckly machines upgraded. He wanted to use visual studio code, she didnt care too much, so I installed phpstorm in trial mode. whatever. Since that's linux and they were not comfortable with that, I walked them through installing LAMP stack, and when finally it started to look like LAMP stack, I requested them to google how to install xdebug, becouse xdebug is very usefull and googling skill is your best weapon on that field. I go for cig, come back and what I see boiled me a little bit. The girl was stuck looking at github page randomly looking through xdebug source code and idk... hoping for miracle (she admited she thought there will be instructions somewhere) and the guy was in good place, xdebug has a place to paste your phpinfo() for custom instructions. But it didn't work for him, he claims that wizzard told him it cant help him.. hmm intresting, you are sure you pasted in phpinfo? yes, he is sure. Okay, show me.
Again mindblown how someone can have problems with reading.
so his phpinfo() looked like that:
```<?php
phpinfo();```
I highlighted on the page the words "output of phpinfo". He somehow didn't see it or something. He didnt know, he thought that he needs to put in phpinfo so he did. OMG.
Finally, I figured out I can workaround my intern problem, and I just briefly shown them php.net, how documentation looks, said to allways google in english, if he uses tutorial to read whole fucking thing, not just some parts of it, and left them with simple task, that took them whole day and at which they ultimately failed.
To make 3 buttons labeled "1" "2" "3" and if someone presses one of them, remember in session that they pressed it and disallow pressing other ones.
Never fucking again interns. Especially those who randomly without apparent reason almost literally just spawn in front of you and here, its your fucking problem now.
Fuck it, I have some time to get back to my stuff. Time is running so lets not waste it.
After around 15 minutes my one of my superiors comes in and asks me if I can go on meeting with him and other superior. My buddy goes with us, and next 3 hours I was basically explaining that you cannot do some things (ie. know XYZ happened without any source of information) in code, and I can't listen for callbacks from ABC becouse it wont send anyc cuz in their fucking brilliant idea ABC can't even know that this script would even exist, not to mention it wants callbacks.
Sometimes I hate my job.4 -
Three-factor authentication:
1. Setup an Amazon.com account.
2. Setup an Amazon Web Services account under the same e-mail address
3. Setup two-factor authentication for both systems.
4. Login to Amazon Web Services in a new browser session, and you'll be required to provide BOTH security tokens at login (Amazon.com first, then AWS second.)3 -
A client's representative (was an operations manager maybe; non technical guy) was explaining his legacy project (a knowledge transfer session), mentioned about using Azure for their new system.
One of the senior .net developer in the room interrupts this guy and asks "can you explain what do you mean by azure?"
I was like "what the fuck! did I hear it wrong" -
So I snapped during pointing session and told the BA that I didn’t have time to explain software engineering to the team….then they proceeded to make up new requirements that the client didn’t ask for which resulted in more complex error handling that presents the user with a list of generic message; I try really hard to keep implementation details out of those meetings, because all it does is bog down the team and waste time, but I suppose I fell into that trap.1
-
So, it's been a while since I've been working on my current project and I've never had the "luck" to touch the legacy project wrote in PHP, until this week when I got my first issue.
And damn, this goddamn issue. It was a bug, a very strange bug, that only happens in production and that nobody has any idea what was happening, so yeah, I didn't have anyone to ask and I got less time than usual ( because Thanksgiving ).
And thus, I have no starting point, no previous knowledge on PHP and less time! I expected a very fun week 😀 and it was beyond my expectations.
First I tried to understand what might be causing the issue, but there wasn't any real clue to star with, so no choice, time to read the flow on the code and see what are they're doing and using ( 1k line files, yay, legacy ). Luckily I got some clues, we're using a cookie and a php session variable for the session, ok, let's star with the session variable. Where it's that been initialize ? Well, spoiler alert, I shouldn't start with that, because my search end up in the login method of the API that set a that variable and for some reason in the front end app it was always false and that lead me to think that some of the new backend functions were failing, but after checking the logs I got no luck.
Ok, maybe the cookie it's the issue, I should try open the previous website on the brow...redirect to new project login, What? Why ? I ask around and it's a new feature push on Monday, ok I got Chrome Dev tools I can see which value of the cookie it's been set and THERE IT WAS it has a wrong domain! After 2 days ( I resume a lot of my pain ) I got what I've been looking for, so now I should be able to fix the bug. Then where is the cookie initialized ? In the first file the server hits whenever you tried to enter any page of the app, ok, I found the method, but it's using a function that process the domain and sets it correctly? wtf ? Then how in heaven do I get the incorrect domain ? Hello? Ok, relax, you still have one more day to fix this, let's take it easy.
Then, at the end of the Wednesday, nope I still have no clue how this is happening. I talked with the Devops guy and he explain me how this redirection happens and with what it depends on, I followed the PHP code through and nothing, everything should works fine, sigh. Ok I still have 2 days, because I'm not from US and I'm not in US, so I still have time, but the Sprint is messed up already, so whatever I'm gonna had done this bug anyhow.
Thursday ! I got sick, yay, what else could happen this week. Somehow I managed to work a little and star thinking in what external issue could affect the processing, maybe the redirection was bringing a wrong direction, let's talk with the Devops guy again, and he answer me that the redirection it was being made by PHP code, IN A FILE THAT DOESN'T EXIST IN THE REPOSITORY, amazing, it's just amazing. Then he explained me why this file might be missing and how it's the deployment of this app ( btw the Devops guy it's really cool and I will invite him a beer ) . After that I checked the file and I see a random session_star in the first line of the code, without any configuration, eureka ! There was the cause and I only need to ask someone If that line it's necessary anymore, but oh they're on holiday, damn, well I'll wait till Monday to ask them. But once and for all that bug was done for ! 🎉
What do I learn ? PHP and that I don't want any more tickets of PHP 😆. -
v0.0005a (alpha)
- class support added to lua thanks to yonaba.
- rkUIs class created
- new panel class
- added drawing code for panel
- fixed bug where some sides of the UI's border were failing to drawing (line rendering quark)
v0.0014a (alpha) 11.30.2023 (~2 hours)
- successfully retrieving basic data from save folder, load text into lua from files
- added 'props' property to Entity class
- added a props table to control what gets serialized and what doesn't
- added a save() base method for instances (has to be overridden to be useful beyond the basics)
- moved the lume.serialize() call into the :save() method on the base entity class itself
- serialized and successfully saved an entities property table.
- fixed deserializion bugs involving wrong indexes (savedata[1] not savedata[2])
- moved deserialization from temp code, into line loading loop itself (assuming each item is on one line)
- deser'd test data, and init()'d new player Entity using the freshly-loaded data, and displayed the entity sprite
All in all not a bad session. Understanding filing handling and how to interact with the directory system was the biggest hurdle I was worried about for building my tools.
Next steps will be defining some basic UI elements (with overridable draw code), and then loading and initializing the UI from lua or json.
New projects can be set as subfolders folders in appdata, using 'Setidentity("appname/projectname") to keep things clean.
I'm not even dreading writing basic syntax highlighting!
Idea is to dogfood the whole process. UI is in-engine rendered just like you might see with godot, unity, or gamemaker, that way I have maximum flexibility to style it the way I want. I'm familiar enough with constructing from polygons, on top of stenciling, on top of nine-slicing, on top of existing tweening and special effects, that I can achieve exactly what I want.
Idea is to build a really well managed asset pipeline. Stencyl, as 'crappy' as it appeared, and 'for education' was a master class in how to do things the correct way, it was just horribly bloated while doing it.
Logical tilesets that you import, can rearrange through drag-n-drop, assign custom tile shapes to, physics materials, collisions groups, name, add tag data to, all in one editor? Yes please.
Every other 2D editor is basic-bitch, has you importing images, and at most generates different scales and does the slicing for you.
Code editor? Everything behavior was in a component, with custom fields. All your code goes into a list of events, which you can toggle on and off with a proper toggle button, so you can explicitly experiment, instead of commenting shit out (yes git is better, but we're talking solo amateurs here, they're not gonna be using git out the gate unless they already know what they're doing).
Components all have an image assignable to identify them, along with a description field, and they're arranged in a 2d grid for easy browsing, copying, modifying.
The physics shape editor, the animation editor, the map editor, all of it was so bare bones and yet had things others didn't.
I want that, except without the historic ties to flash, without the overhead of java, and with sexier fucking in-engine rendering of the UI and support for modding and in-engine custom tools.
Not really doing it for anyone except myself, and doubt I'll get very far, but since I dropped looking for easy solutions, I've just been powering through all the areas I don't understand and doing the work.
I rediscovered my love of programming after 3-4 years of learning to hate it, and things are looking up.2 -
TLDR: Detect site visitors browser and conditionally load a Citrix frame rather than rendering the site
The request came about 3 days after launching a new project to production. For several months before that moment we had reviewed and confirmed the supported browser matrix. As you might guess plans tend to go up in smoke as we approach and pass launch. Now that we're live after all, it would be the tine to lose our damn minds rather than bask in the warmth of a successful launch for 5 minutes.
Anyway as for the actual request, after those first few days the client PM realized a FEW people were actually using IE8 and was now panicking that it was unsupported. On my way out of the building that day he asked if we could detect the browser and rather than render the site load a frame to a Citrix session that would be running the latest IE... -
Ok, if your going to let me type a message before you connect to the chat session, don't make enter fucking send the message, all I wanted was a new line. Ugh.1
-
Changed the .bashrc of my headless server incorrectly, causing me to get kicked out of my ssh session as soon as I connected… Thank God for scp (learned something new today as well 😂)
-
We had our first "real" sprint planning yesterday. This was a very superficial planning session, as my manager is, by the looks of it, not to keen on the whole "new process thing". Probably because it's not his way of doing things... or simply more simply put - this way round means he'll need find some new ways to crawl up the CTOs ass!
So glad I'm leaving! -
Update on: https://devrant.com/rants/5877229/...
So. I finally called the number two weeks ago. (Been sick in between. 0/5 would not recommend.) A person with a heavy Indian accent answered. As far as I could tell about what he said, that number couldn't really be used to reserve the certification testing time. Bloody great. So he proceeds to eat half the letters of words and emails to 'someone' about reserving the testing time hand writing all the accommodations I've been granted. Haven't heard back since, don't even know if the email was ever sent.
Screw Pearson VUE and their so called accommodations. >:C
So, next Monday, I booked myself a 3h torture session before I forget every bit of Azure trivia I've memorized the past two months as I start a new client project soon. >.> And after that I'm gonna be spending the rest of the week in fetal position under covers in bed. -
How is it called when I rant about something my colleagues experienced and I just supported his debug session? Third party rant? Anyway, here's the thing.
Other team built some project specific code right in the heart of their software, which in itself would be worth a rant. But as you might guess, it's getting rantier.
For a new project the same code is used, but needed some tweaks. Now guess what happened:
1) Someone took the code, refactored it, made project specific stuff configurable, everything works fine now
2) Someone changed the code completely for the new project, everything seems to work fine for 5 months, then the old project needed a new release 💣 -
Working with the first version of RantComics in C# as the school session leans towards me... 4 days til new semester.
Time really flies~
#rantcomics4 -
It's 2022 and mobile web browsers still lack basic export options.
Without root access, the bookmarks, session, history, and possibly saved pages are locked in. There is no way to create an external backup or search them using external tools such as grep.
Sure, it is possible to manually copy and paste individual bookmarks and tabs into a text file. However, obviously, that takes lots of annoying repetitive effort.
Exporting is a basic feature. One might want to clean up the bookmarks or start a new session, but have a snapshot of the previous state so anything needed in future can be retrieved from there.
Without the ability to export these things, it becomes difficult to find web resources one might need in future. Due to the abundance of new incoming Internet posts and videos, the existing ones tend to drown in the search results and become very difficult to find after some time. Or they might be taken down and one might end up spending time searching for something that does not exist anymore. It's better to find out immediately it is no longer available than a futile search.
----
Some mobile web browsers such as Chrome (to Google's credit) thankfully store saved pages as MHTML files into the common Download folder, where they can be backed up and moved elsewhere using a file manager or an external computer. However, other browsers like Kiwi browser and Samsung Internet incorrectly store saved pages into their respective locked directories inside "/data/". Without root access, those files are locked in there and can only be accessed through that one web browser for the lifespan of that one device.
For tabs, there are some services like Firefox Sync. However, in order to create a text file of the opened tabs, one needs an external computer and needs to create an account on the service. For something that is technically possible in one second directly on the phone. The service can also have outages or be discontinued. This is the danger of vendor lock-in: if something is no longer supported, it can lead to data loss.
For Chrome, there is a "remote debugging" feature on the developer tools of the desktop edition that is supposedly able to get a list of the tabs ( https://android.stackexchange.com/q... ). However, I tried it and it did not work. No connection could be established. And it should not be necessary in first place.7 -
Screw Scrum, screw it very much. Is it a task or a story? Oh let's make it a story to track points. What are points, really? *20 minute grilling always follows* Well they're kind of a roundabout way of talking about time without talking about time, mkay? But last time 2 points took you a day, what gives now? What do you mean points are for internal use, but how will management plan ahead for next quarter? Ok, let's mix in all those new people, and propotionately bump the expectation for the sprint, mkay? Yeah, they did 34 points per sprint over there, we'll just add those in. Oh, and by the way, after the 4-day estimation session we had where everyone was seizuring, I scheduled us at 645 points for the coming quarter, mkay? Don't worry, I added 15% for the "unexpected dtuff" so you're safe. Fuck you scrum, scrum-fall, whatever you are. Lost a dev lead role once for being honest about it after a year with a team that loved me, and projects completed more or less on time. Been reconsidered for a dev lead role for being honest about it in another place. Somebody else peddle this kool-aid, this one prefers a walk-on role in the wall to a lead role in the cage.5
-
Hey guys (and girls (and people who dont identify as either of them)),
As some people here might know I am currently in the planning phase of an open source alternative for Thingiverse. After gathering information on multiple platforms Ive heard people really wanting it to be decentralized (a bit like Mastodon).
I really like that idea and thus want to implement it, does any of you have experience or knowledge of decentralized systems programming? I have trouble getting information on how this works. If someone is willing to help me explain a few things like "How does one instance retrieve data from other instances? How does it know a new instance is running somewhere?"
So if anyone knows a great source for information or can and wants to help me via a chat session please respond below6 -
Working on a new release. This release was tested locally and pronounced good. The release went to the QA environment. QA responds that a new feature is doing nothing. There are no errors reported, and work is being done on the UI, but is not get getting persisted to the database so all changes are lost when the session is lost. Do some investigating. I find that a web service had the code in two of its methods commented out. Why? No idea. No response yet from the developer who just had the two methods return a boolean denoting success while all other operations were commented out.
I need an appropriate punishment for this...3 -
Wonderful experience today
I'm scraping data from an old system, saving that data as json and my next step is transforming the data and pushing it to an api (thank god the new system has an api)
Now I stumbled upon an issue, I found it a bit hard to retrieve a file with the scraper library I'm using, it was also quite difficult to set specific headers to download the file I was looking for instead of navigating to the index of the website. Then I tried a built-in language function to retrieve the files that I needed during the scrape, no luck 'cause I had to login to the website first.
I didn't want to use a different library since I worked so hard and got so far.
My quick solution: Perform a get request to the website, borrow the session ID cookie and then use the built-in function's http headers functionality to retrieve the file.
Luckily this is a throwaway script so being dirty for this once is OK, it works now :) -
Decided to try something new, so enrolled in a karate class where my fiancé does her kick boxing after watching her get her black belt last weekend.
Have my first “proper” session tonight after having a free taster session on Tuesday.
Anyone else got hobbies, or recently started one which doesn’t involve computers?3 -
This is one of the weird moments that I have seen.
The company management decided to have a presentation session where they wanted to answer some questions and present some new ways of working (they emphasize about communication aspect).
I joined a couple of minutes before the meeting schedule and I was surprised to see a presentation going on and the meeting ended in 5 mn.
I get into self-doubt mode and I was checking if I have an issue with my calendar and discovered that the meeting schedule was updated but I didn't receive an update.
And the fun part, most of the new joiners didn't receive that update as well, so it's was a nice sign to show how inclusive the environment is, and how do they care about communication :D1 -
Hey ya'll back with another college boi question.
I want to develop a web server akin to that of jackbox/among us. Where each session has like an 'ABCXYZ' style code, and i assume are using TCP sockets on the back end.
I'll be writing in Go cause I <3 Go and its a chad language. Anywho, am i supposed to spin up a new websocket server each time someone wants to make a room? Or do i have one websocket server and some sort of map of rooms.
gameRooms := map['id_string']clients
Anyone have any suggestions for this?7 -
I spend fucking 6 hours of the birthday party of my girlfriends father fixing his M.2 SSD involving:
* driving through half of the city because the store nearby had closed half an hour ago... (and spending 30% more)
* cloning the drive back and forth (including several session of browsing to find the solutions to several errors)
* trying to repair bootloader (without success)
... Just to reinstall the old one because it wouldn't boot from the new one.
And tomorrow I'm going to a business trip and I all I wanted was to prepare some side projects for the 4 hour long ride.
Fuck you M.2 and mother fucking windows 7 for being such shitheads.5 -
Going to a local hackathon practice session today. We are going to participate in a larger hackathon later this year. This session is to get everyone up to speed on tools, workflow, etc. We have a lot of new developers in our group.
I have no idea what I will work on this evening. It is sponsored by a couple of businesses. So "free pizza"! -
I have an app idea, I need people here to tell me if this make sense.
In short I want to creat an app that supports forums and chat rooms but only for people close to you.
The reason being that whenever I move to a new place, I basically have no knowledge of what’s going on around me what so ever, so if there’s a forum that I ca easily navigate and see what people are talking about it will be great. There are certain buildings/managements that has their own app but doesn’t seem to be used at all, I think one reason being that it’s a new app for new neighborhood, and the range is too small, I’d rather see what people do around me but not within one single building
And the reason for chat room is because if I’m going some place for an event, first if there’s this forum it will be great because people can just post questions there, second if there’s any session then it really makes sense to have some time and location limited chat room for me to join, and I don’t have to worry about it once I’m out of that location or time has expired. Recently I was in a conference and people are straight up creating messenger groups.
I think it makes sense to combine the two, you have a forum where you post things that your neighbor may have answer to, and if you want to creat an event, you can create a chat room just for the event, which expires after certain time.
I need to know if this idea sounds plausible. Devrant do your best, thanks10 -
Being pretty much the only one who has some knowledge of how to code and get my way around tech (even if minimal, I'm too lazy for my own good) in my familiar household - and by extension, my family (Family extends FamiliarHousehold - LoL I'm sorry) - (my brother is on his first grade of a programming course in high school, I'm a 2nd grade uni student aiming to become a game dev) sometimes I wish I knew nothing of it.
Don't get me wrong, I do like working on code (if in Java. C is making me wanna tear my eyes out) but sometimes ignorant family members push me through the edge.
I worked on a business thing my family started this summer and one of the "jobs" was managing everything via a website.
Fair enough, I knew nothing of it when I started but I learn fast and just like that I knew my way around it. The problem came when I had to teach the person who started the project how it worked. This doesn't sound all that bad except he is kinda in the stone age regarding informatics.
He got a computer a few years ago and he pretty much only played poker in it, and he still had one of those old nokias you could throw to a wall and get a hole into it. The computer is like 9y and runs like crap.
To make things worse he bought a new phone, a smartphone, and pestered me to teach him. I swear trying to teach him is like repeating the same thing 1000x and pray he keeps it in his head. Spoiler: he doesn't. ( sanity--; )
So to try and easy my suffering I decided to make a manual for the website (which is outdated by now because the team behind the website did a 180 and some things looks different), but it acted as if I'd done nothing. ( sanity--; )
To top this off he keeps on saying I don't wanna help him. ( sanity--; )
This kept going for the whole damn summer, and meanwhile I had to go back to uni and in the first days I still got like 4-5 calls/day, half of those might about the smallest things because he's so panicky.
Like (both examples happened while I was still there but it kinda goes along those lines sometimes):
- (During the period they changed the website the first time since we're there; they were mostly doing changes back and forth and testing because it had a new layout for a day or 2 before going back; also the site was totally functional, except for a thing or 2)
Him: "They're changing the website, why are they doing that?"
Me: "Because it's their website and they can?"
Him: "WHY DIDN'T THEY LET US KNOW"
Me: "They don't have to, they don't work for you." ( sanity--; )
Or (during the same period; the pages have a menu on the left; one of the submenus has a counter that resets every time the session ends; during that maintenance time they must've "disabled" the function because the number kept growing even after the session ended):
Him: "WHY IS THE NUMBER GROWING?"
Me: "They're working on the code, relax, it's nothing."
Him: "But why." ( sanity--; )
The only quesion he pretty much hasn't asked me yet is why "Is the website's colour this one and not that one?".2 -
Can't believe I'm about to say this, but:
Systemd-container is a rather cool SysD extension.
It allows me (Root on most servers) to switch to a customer account in a completely new session, setting all the .profile and .bashrc stuff up, so I can do stuff like control their rootless docker, and no longer have to add my SSH key to their authorized_keys file then re-login under their user.
Nice.1 -
if anyone is familiar with immer js or immutable js:
if the producer copies the base state to nextState, and nextState is a const, doesnt that defeat the purpose?
I mean you're going for immutability, which is great for say an undo function, or for finding bugs, but what are you doing with all these immutable values now hanging around in memory?
I assume each new state returned is being pushed onto an array? (because you cant stuff it into nextState because nextState is immutable).
Wont this lead to memory usage increasing over a user session, the longer the session lasts?
I feel like I'm misunderstanding some core concept here.
edit: also what the hell is structural sharing?18 -
One of my teammates signed up for a day-long session on Angular 2, since he's been doing a lot with Angular 1 and wants to transition to the new version.
The instructor spent the first half of the day going through the w3schools tutorial on Angular 1, because "understanding the basics of Angular 1 will help understand Angular 2".
Btw, this was a paid workshop session. -
Pushed some changes to PROD today. Go to login and check changes .. noooooope!
Still a bit new to Symfony 5... but I'm just not a fan right now. The login screen just jumps back to itself. No login failed message and prod log had a size of 0 so that was no help.
Traced this thing way down into the CSRF Authentication functions. \is_callable(...namespace) just returning null so no go on getting a token for isTokenValid() =/
ugh! This is truly the most torturous junk I've ever seen. Nothing in the logs so I decided to just use the good old ECHO'HERE' debugger.
What was the issue you might ask?... effin' yaml file
Fix for now is to set the session handler_id back to null -
Storytime.
The Prometheus tales
Part IV - A new FUBAR.
A new and very fascinating problem emerged a few days, after feeding some node definitions to the new titan instance.
It's a storage fuck-up. A major one.
If I'm informed correctly, the latest prometheus should have the same (or even better) log compression algorithms for metrics, as the old one - because these fuckers are so damn good at what they are doing: compress some fucking logs.
The new instance is agregating metrics as planned. Grafana work's like a fucking charm.
Nethertheless, because of very fascinating but unknown reasons, the new instance creates 50GB of metrics in under 4 fucking hours.
Am I missing something here? Some magic parameter that has to be passed to the titan, that enables the hardcore compress-them-fuckers-feature?
Debugging session is tomorrow.
To be continued. -
Shit fuck. Shit. When you land back to earth, after having a nice prototyping session with a new api.2
-
part 5/n
me vs my job at mnc laggards
Do these laggards even know how virtual meetings work?
meeting 1: an induction meeting from 10am-1pm . one day ago, the supposed manager of me called to say that he will be in office after 10.30, so i should come after that. so ofcourse i missed the call from 10-11.30 as i was commuting. one would expect the meeting to be recorded but nope :/ .Also, the 1 hour session that i somewhat attended consisted of an old guy telling how he has been doing these inductions for last 10 years in this company and how company takes its code of conduct with utmost sincerity (wtf?? tell me the employee benefits you dinosaurs 🤬)
meeting 2 : a meeting describing the softwares, from 2.30-3.30 . no fucking person is leading the meeting and 10+ people are just sitting their with their mics off!!!
also sidenote: microsoft teams and outlook can go suck its own dick if it has one. one of the shittiest piece of shit i have ever worked with. People find them so complex that they instead have unofficial whatsapp groups for official communication.
And guess what : YOU CAN'T FUCKING CREATE THEIR ACCOUNTS IN ANYTHING BUT LAPTOP!!
And when whatsapp comes into the fucking work life, you can expect an RIP to the P of my life 😭😭
-----
previous rants:
https://devrant.com/rants/6543145/...2 -
Hey Everyone, first of all I’d like to start with my usual, hope all is well today as always! Today I’d like to post my first official rant.... so anyone that knows me in person or in general knows me as a good helpful young man, right now Milo is happy but has the urge to rant..
So... not naming anyone specifically from uni... one person specifically always on Facebook messaging me for my assessments, now me being me i try to say No, but the issue is i want people to do well, i put my heart into my work and people just want assignments handed to them on a gold platter, it takes me a lot longer to try and get concepts around my head , I usually always stay up late nights to get a better understanding of things. As you may see my work means a lot to me.
I always mention to my friends if they wish to do well, they must sacrifice going out clubbing or other social things for a later time. I spend my majority of the week learning new things related to programming Monday - Saturday, and on Sunday i have my free time , with the usual work out session thrown inbetween :-).
So anyways, thats it for my rant, I’d love to know if anyone has been through a similar instance? If so would love to hear about it!.
Thank you for taking the time to read my long rant once again :-)
Milo 🥂☺️5 -
!rant
I'm currently working on a little side project in Go and I want to create a web page with an OAuth2 based login. So far the OAuth2 login works, but I need something to track a session afterwards.
Any suggestions? I'm pretty new to web development, especially in Go :)1 -
Just wasted one hour on an employer info session. Can't understand why people ask stupid questions like "how is the work life balance?". Like those chosen representatives would tell the truth. Can't understand why those new grads working at the company would want to perpetuate the stupid interview process. "We want to hear how much you resent us while doing stupid white broad interview questions." Do they stream leetcode solving process to TikTok all day for work?
-
New question.
When debugging/troubleshooting, what does your desktop look like?
I have a total of 8 production environments to look after, each of which have their appropriate dev environments. Troubleshooting for me typically starts with VisualVM, 6-8 Putty sessions across the environments, at least one dbms session, WinSCP with at least 4 sessions, text editor with minimum of five open files and at least thirty tabs open in Chrome. Oh yeah, forgot outlook and Skype (typically with at least three team mates and usually a group chat).
All is well when I'm in the zone, but good forbid for someone to ask me to show them the article/bug report I just read that sent me down the rabbit hole.1 -
Windows RDP, multiple sessions per user are turned on..
I always fall into one of existing sessions with all the crap left opened by my coworkers.. I'm fuckin sick of this shit, noone closes things after they stop using servers.. // the rant part
Is there a way to force new session on connect? // the question part
I tried googling but either I'm blind or don't know what to google.. only managed to find how to connect to specific existing session.. :/6 -
Redoing our web apps to use SSO... Every single page within the app runs LDAP authentication. What is the point of signing in and having session cookies if you are reauthorization a logon on every page?!??? Now what seemed like a simple task of revamping the initial logon has turned into a hunting trip for LDAP queries and creating new sql tables
-
hey, so i have recently started learning about node js and express based backend development.
can you suggest some good github repositories that showcase real life backend systems which i can use as inspiration to learn about the tech?
like for eg, i want to create a general case solution for authentication and profile management : a piece of db+api end points + models to :
- authenticate user : login/signup , session expire, o auth 2 based login/signup, multi account login, role based access, forgot password , reset password, otp login , etc
- authorise user : jwt token authentication, ip whitelisting, ssl pinning , cors, certificate based authentication , etc (
- manage user : update user profile, delete user, map services , subscriptions and transactions to user , dynamic meta properties ( which can be added/removed for a single user and not exactly part of main user profile) , etc
followed by deployment and the assoc concepts involved : deployment, clusters, load balancers, sharding ,... etc
----
these are all the buzzwords that i have heard that goes into consideration when designing a secure authentication system for a particular large scale website like linkedin or youtube. am not even sure how many of these concepts would require actual codelines and how many would require something else.
so wanted inspiration from open source content to learn about it in depth, replicate and create new better stuff if possible .
apart from that, other backend architectures like video/images storage system, or just some server for movie, social media, blog website etc would also help.2