A devRant Update!

Hey everyone,

We thought now would be a great time for a devRant summer update on what we've added recently and what we've been working on.

Highlights since our last update:

- We launched devRant++, a supporter program for people who want to help us cover our costs while getting some cool extra features (a supporter badge on rants/comments/profile, reserved spot on our in-app supporter list, ability to edit rants/comments for up to 30 minutes instead of 5, and thanks to immediate user feedback, we also added the ability to post a rant every 1 hour instead of 2, and post comments that are up to 2,000 characters instead of 1,000!) We are extremely happy and thankful for the great response the program has gotten and we plan to continue to improve it using your feedback.

- We added the ability to subscribe to a user's rants. This makes it so you get a notification whenever that user posts a new rant!

- We added an "active discussions" feature (available in the "more" tab on the right). If you're looking to join a conversation happening in the moment, then this feature will help you discover those rants. It shows rants that have recently been commented on so if it's a topic that interests you, you can easily get in on the discussion!

Some stuff we have in the pipeline:

- More fun avatar stuff, including fun new OS/language-themed pets
- More perks for the devRant++ subscriber program - if you have anything you'd like to see, please let us know and we will try to make it happen!
- We will be testing some stuff to help classify rant types (rants, jokes, questions, etc.) in order to create a more personalized experience
- On that note, we're also going to take some more time to do some work on the algo as we haven't done much in terms of improvement since the initial smart algo launched
- Community projects page update - we've been slacking on updating the page and apologize for that. If you have created a devRant-related project and it's not on the community page, please resend it to david@hexicallabs.com (even if you sent it already) so we can make sure it gets added. Sorry about that!

A note on community etiquite regarding voting on content:

We've always believed that one of the most important and awesome experiences on devRant is getting your content noticed and appreciated by others. If you enjoy a piece of content, you should upvote it. If you enjoy 500 pieces of content, you should upvote them all. People really appreciate others enjoying their rants and comments so let them know if you do! If you don't like content, you can downvote it with the relevant reason. What we don't encourage is voting on content that you haven't actually looked at or spamming upvotes in mass for content you're not even actually reading/viewing. While we don't encourage that, it's not explicitly disallowed so we won't impose any penalty for it.

What is strictly prohibited and enforced is using scripts or automated procedures for voting on content. Anyone who is caught doing that will have their account deleted without warning. While very rare, we caught a couple of people doing that this week and both accounts in question were immediately deleted once discovered. To be clear, this is the practice of explicitly using a script or automation to mass vote on content. You will NEVER be banned/deleted for voting on a lot of content manually, even if you vote quickly and on lots of stuff. We just want to make that clear becuase this is not meant to discourage people from voting, it is only regarding votes not placed by humans. So if you're a human voting on content, you have nothing to worry about, we promise!

Please feel free to let us know if you have any questions or feedback on any of this. We love constructive feedback and in the past it has gone a very long way to improving and advancing the devRant community. And as always, thank you to everyone who contributed to the community in any way, we really appreciate it and want to keep making your experienfce better.

Happy ranting,
~David and Tim (Team devRant)
@dfox @trogus

The way 90% of the population wears their face masks really explains a lot about their approach to using software, apps & websites as well.

I feel like giving up.

I am not a developer for the salary, or just to solve analytical puzzles. Those are motivators, but my main drive is to make the world more comfortable and enjoyable, better optimized, build ethical services which bring happiness into people's lives. I want to improve society, even if it's just a tiny bit.

But if users invest absolutely zero percent of their limited brain capacity into understanding a product that already has a super-clean design and responds with helpful validation messages...

...why the fuck bother.

I used to think of the gap between technology and tech-incompetent people as an optimization problem.

As something which could be fixed by spending a fortune on UX research. Write tests, hire QA employees, decrease tech debt, create a bold but unified & simple design.

But the technologically incompetent just get more entitled with every small thing you simplify.

It's never fucking fool-proof enough.

Why can't I upload a 220MB PDF as profile picture? Why doesn't the app install on my 9 year old Android Froyo phone? Why can't I sign up if my phone number contains a  U+FFFC? Why does this page load so slowly from my rural concrete bunker in East Ukraine? WHY DO I HAVE PNEUMONIA, HOW DID I GET INFECTED EVEN THOUGH I WAS WEARING A MOUTH MASK ON MY FOREHEAD?

This is why I ran away from Frontend, to Backend, to DBA.

If I could remove myself further from the end user, I would.

At least I still have a full glass of tawny port and a huge database which needs to be normalized & migrated.

Fuck humans, I'm going to hug a server.

Hey everyone! As many of you have already seen, we just finished rolling out a new feature that allows you to subscribe to specific users! This feature sends you an in-app and push notification whenever anyone you subscribe to posts a new rant. You can subscribe to a user from the button in the top right of their profile or one of their rants.

Please let us know if you have any questions!

P.S. apologies to those who already subscribe to my rants and got a notif before for a test rant I created. I forgot we had subscribe now :)

Roughly 180 days, 5 months and 29 days, 4,320 hours, 259,200 minutes, I devoted myself to a client project. I missed family outings with my daughter and my wife. People started asking my wife if we had broken up. My daughter became accustomed to daddy not being around and playing with her. Sometimes only sleeping 4 hours, I would figure out solutions to problems in my sleep and force myself to wake and put them into action. My relationship with my wife became very fragile and unstable. I knew I had to change but I just needed a little bit more time to complete this client project.

Finally, the project was ending there was light at the end of the tunnel. I “git add –-all && git status” everything looked good. I then “git commit -m “v1.0 release candidate && git push beanstalk master”

I deployed the app to the staging server where I performed my deployment steps. Everything was good. I signed-up as a new user, I upload a bunch different files types with different sizes, completed my profile and logged out. I emailed the client to arrange a time to speak remotely.

“Hello” says the client “How are you” I replied. “Great, lets begin” urged the client. I recited the apps url out to the client. The client creates a new account and tries to upload a file. The app spews a bunch of error messages on the screen.

The client says

“Merlin – I do not think you really applied yourself to this project. The first test we do and it fails. If you do not have the time to do my project properly please just say so now, so I can find somebody else who can”

I FREAKED THE FUCKOUT on the client!!!!!!! and nearly hung up. My wife was right next to and she was absolutely gobsmacked. I sat back and thought to myself “These fuckers don’t get it”. All that suffering for nothing!

Thanks for reading my rant….

BTW: I did finish the project, the client was amazed on how the app worked and it is has become an indispensable tool for their employees.

Me: Hi, how can i help you today?
User: Sorry, i can't upload a picture for my profile. It shows a popup saying that i already uploaded it.
Me: it's because you uploaded.
User: Awesome man, thanks.

The GET /users endpoint will return a page of the first 13 users by default.

To request other pages, add |-separated querystring with the limit and offset, as roman numerals enclosed in double quotation marks. Response status is always equal to 200, plus the total count of the resource, or zero when there's an error.

You can include an array of friends of the user in the result by setting the request header "friends" to the base64-encoded value of the single white pixel png.

Other metadata is not included by default in responses, but can be requested by appending ?meta.json to any endpoint, which will return an xml response.

If you want to update the user's profile picture, you can request an OAuth token per fax machine, followed by a pigeon POST capsule containing a filename and a rolled up Polaroid picture. The status code attached to the return postal dove will be the decimal ASCII code for a happy smiley on success, and a sad smiley if any field fails form validation.

-- Every single external REST API I've ever worked with.

*creates a freelancer account on some website.
*builds portfolio and gets things running.
*meets his first client.

Client: Hello. so your profile says you are an experienced full stack developer. You are just the kind of person i've been looking for.

Me: Yep.

Client: Okay I have a project for you. I am looking at developing a simple website that has a few functions and the budget is 100$.

Me: Okay smooth. Hit me with the descriptions.

Client: it's going to be a dating website. Once a user signs up; the website would automatically take control of the user's media devices in his/her home; automatically playing something romantic. You get me?

Me: Em... Idk about that it seems a bit...

Client: it can be done! Develop the algorithm.

Me: Em... Ok.

Client: Well, next the website uses some complex sorting algorithm and sorts existing members based on their past real life relationships. It puts the best people above the messy ones.

Me: o.0

*client goes on with his bullshit in like another 10 lines of messages.

Me: -_-

Client: so what do you think? How soon can you begin and how soon can we be done?

Me: Do you also want a "butt scratcher" feature? Like a hand pops out of the monitor and asks to scratch the user's anus?

*client leaves the chat.

Me: Oh. I guess he a thing against family guy.

20+ years of experience and I hate where this industry is headed. Sure, we have second year grads telling us that they're "Full Stack" developers - but, imo... that's a "Full Stack of Bullshit".

I started developing online properties in 1989, at the ripe age of 17. Bulletin Board Systems. I knew the user experience before it was tagged onto some fuckwad's wonder-filled LinkedIn profile.

When I say, "Don't use that" - it's not the result of a control freak mechanism that seems to be built into every Facebitch/Twatter/SnatchChat fool in existence.

I do so, because I care enough to guide team members in the proper direction so they aren't driving themselves and others off a goddamn cliff, drooling onto mobile device like it's God's penis.

So, of course they do the complete opposite. Fail miserably. Finger point like the typical douche bags. And, slowly destroy the income of everyone around them.

At this point, I'd rather be homeless than to deal with anymore toxic bullshit. So, I'm done. Set up an exit strategy, and walked away from the highest paying position I ever had.

Fuck them and the full stack of bullshit they rode in on. Onward and upwards, fucktards. Enjoy finger-pointing into the mirror.

Back to Earth, in... 3 - 2 - 1.

(Takes a sip of coffee.)

So, how's everyone doing this fine morning?

App idea!

A normal social media app. But everytime a user taps on opposite gender's profile pic, it secretly records his face during that activity and then tweets that recording.
@his/her_username
@username_of_person_he_was_looking_at

As much as I love opensource I hate really hate some of its actvie community members (read this as "freetards" <-- see urbandictonary). As a .Net + web devloper with minimal C experience (I just started learning it) and literally no Python experience its not really easy to contribute for me to many (most) opensource software for linux. I am using some <unnamed software> and I found a <critical bug>, it was easy to reproduce and I wrote for list of possible solutions, found it in a code and linked and basically wrote a docummentation longer than any other I ever wrote for every single project I did ever, combined. This <software> was critical for my server and since owner of github repo and few other people there were really active, I hoped that this bug with pretty good documentation will be solved fast, I went to my bed with a heroic feeling of an open source community contributor that helped saving world. I was horribly wrong. Tomorrow, I got 3 passively agressive responses from owner and other 2 freetards that summed up said <other1>:"oh thats nice, fix i yourself and commit it", <other2>:"have a sex with yourself" in a nice way, and <owner>: "fix my softwate and create mrege request". After replying that I have no experience my Python skills are not on a level requied for such an action, he messaged me on twitter I have linked to my GitHub profile saying even less nicely that I am a "retarded c*nt" and that I should learn Python and fix it myself. This makes me stay with my Windows based Server for some time now, fuck this. I googled his github nickname and guess what. Our main freetard is admin on an <unnamed linux forum> and mebmber of many other "computer help" with literally half of his posts just slightly toxic posts about how everyone should use linux and how supreme it is ober anything other, the other hals was crying why linux has only 1% of market share. Oh boi I am not sure why but ITS MAYBE BECAUSE OF FREETARDS LIKE YOU.
And the funnies thing is, hes not only freetard, he is just fullstack retard. One of his posts is "helping" to some <noob windows user> installing Linux. tl:dr for this las part: Freetard basically wiped all data of that <noob>.

PS: Bless everyone who do not respond "oh nice, now you can do it yourself"

Auth Endpoint:

user name and password correct:
- response 200: with session key and profile info
user name and password incorrect:
- response 200: blank

smh

Allllllright. Time for another one of these. It's necessary.

We get it, you don't use/like/acknowledge Google. Please, kindly STFU already with it. The entirety of the smart internet has made your point.

Oh, because I use Google I'm a fucking idiot? No, you are for thinking that. I've used many engines and consistently have they given me worse results. "Oh, it's because they build a search profile for you, they're spying" Yeah, I get it already, fuck off.

Linux is NOT the thing that's going to solve every single human problem, so please stop treating it like a good and saying everything else is complete shit and nobody should use it.

Windows has issue, but so does Linux. At least I can (usually) comfortably update Windows, knowing what the update includes, without having to read the source code fhanges or be scared that there's a fucked up package update.

Just because something isn't open source doesn't mean it's the fucking devil. And just because I USE that closed source thing doesn't make me... Well, anything really, except for a guy who actually gets different programs. Please stop trying to tell me what I NEED TO DO to be a "good person" or user or anything like that, I'm going to do what I damn well please. If that means using Windows with Closed source things like Nvidia drivers and cards, the so be it. Got a problem? Go fuckyourself with it.

WHY ARE PEOPLE USING QUORA?? WHY AREN'T WE SWITCHING TO A GOOD ALTERNATIVE ALREADY??

• You can't browse it anonymously, they force you to sign in.
• You can't use it on web browser on phone, they force you to install mobile app.
• They don't let you put description to your questions.
• It's complicated to use and the UI isn't user friendly ( personal opinion )
• If you signed up with Google, Facebook etc.. They'll save your profile pic and won't update it ever.
My profile pic on quora is from 4 years ago and I can't change it yet.

Watch out for these fucking bug bounty idiots.

Some time back I got an email from one shortly after making a website live. Didn't find anything major and just ran a simple tool that can suggest security improvements simply loading the landing page for the site.

Might be useful for some people but not so much for me.

It's the same kind of security tool you can search for, run it and it mostly just checks things like HTTP headers. A harmless surface test. Was nice, polite and didn't demand anything but linked to their profile where you can give them some rep on a system that gamifies security bug hunting.

It's rendering services without being asked like when someone washes your windscreen while stopped at traffic but no demands and no real harm done. Spammed.

I had another one recently though that was a total disgrace.

"I'm a web security Analyst. My Job is to do penetration testing in websites to make them secure."
"While testing your site I found some critical vulnerabilities (bugs) in your site which need to be mitigated."
"If you have a bug bounty program, kindly let me know where I should report those issues."
"Waiting for response."

It immediately stands out that this person is asking for pay before disclosing vulnerabilities but this ends up being stupid on so many other levels.

The second thing that stands out is that he says he's doing a penetration test. This is illegal in most major countries. Even attempting to penetrate a system without consent is illegal.

In many cases if it's trivial or safe no harm no foul but in this case I take a look at what he's sending and he's really trying to hack the site. Sending all kinds of junk data and sending things to try to inject that if they did get through could cause damage or provide sensitive data such as trying SQL injects to get user data.

It doesn't matter the intent it's breaking criminal law and when there's the potential for damages that's serious.

It cannot be understated how unprofessional this is. Irrespective of intent, being a self proclaimed "whitehat" or "ethical hacker" if they test this on a site and some of the commands they sent my way had worked then that would have been a data breach.

These weren't commands to see if something was possible, they were commands to extract data. If some random person from Pakistan extracts sensitive data then that's a breach that has to be reported and disclosed to users with the potential for fines and other consequences.

The sad thing is looking at the logs he's doing it all manually. Copying and pasting extremely specific snippets into all the input boxes of hacked with nothing to do with the stack in use. He can't get that many hits that way.

I don't understand why people are making a fuss about Facebook.

It's free to use, the amount of users kept increasing (thus the cost of maintenance) yet the company kept getting bigger and bigger. Obviously they're not making all their money off the advertisements on Facebook's own website.

So why are people so surprised that they're "selling" user information?

This is really funny to me. Especially the media joining in saying that it makes all your information available to everybody when they're actually talking about the fact that the majority of Facebook users have their profile set to public and they can be easily found with a simple Google search.

People are so fucking hypocritical it makes me want to puke. If you don't want anybody to know what you posted, just don't fucking post it on a SOCIAL MEDIA in the first place.

Don't get me wrong, I'm not saying that facebook is all flowers and love, they clearly didn't handle this situation well. They could have done something about this whole situation when it started instead of waiting for things to blow out of proportion.

However, people are just being assholes now. I highly doubt that they're reading all chats nor are they sending it over, they're probably just sending out some words you mention often so that it is pertinent for advertisers (ex. If you use the word computer next to buy, then maybe that triggers something). I could talk extensively about it but I'm way too lazy, the point is, they most likely aren't sending the nudes you sent to advertisers because that does not provide any benefits.

If you don't like Facebook, don't fucking use it. Delete your account and shut the fuck up. When you screw up in real life, there's no takesies backsies, why the fuck do people think it doesn't apply online? The government gathers up quite a lot of information on you yet I don't see you crying your eyes out.

Why the fuck do you care so much if an advertisement is tailored to specifically? Yeah, you talked about dildos and now you see dildo ads from Amazon, not happy? Just download adblock and shut up. If you're gullible and the moment you see an ad about single women in your area you click on the ad because you want to get laid right now, that's your problem.

Don't want people knowing about some aspects of your private life? Don't share it online.

Stop acting like people are any better at keeping secrets, I'm sure you had some people leak your secrets at least once, yet I doubt you sued them and you brought them to court.

===========

I'm sorry about this, it's just that Facebook is all over the news and I'm getting sick of it.

Also, I hate facebook, I'm not necessarily defending it, I'm more pissed at the medias for blowing this situation out of proportion.

Today I learned in a cafe why (some) users think that Facebook doesn't allow them data control. Due to drunkness I'm paraphrasing here, but it went something like this:

- I don't trust Facebook, because my posts that I make are visible to people that I didn't want to have it be seen to.

> Audience controls. Use them.

- This guy in town sent me a friend request, why would he be able to??1!1

> He and you share hometown. So probably friend suggestions based on you both explicitly sharing location, or he just visited your profile on name and wanted to get in touch with you. Socializing on the internet, it exists.

That's the kind of user that's roaming the facebooks on the internets and the googles I guess? The type of user that's surprised that their Facebook games and nametests expose information that they explicitly consent to? Give me a break. I care deeply about privacy, but this is just ridiculous.

On a different note, why the fuck is not a single one of those very same fucking Facebook users worried about 25-ish% of websites running their JavaScript (which you can check and block using NoScript and co.), which is the *actual* privacy threat? But muh nametests!!!

Fuck ignorant users!!!

boss: *showing me the new platform*
me: "oh that looks like a good demo"
boss: "ah no that's the product! we're going to put this live"
me: "wh... there's no update nor delete function for anything! where is the user profile? where are the menus??"
boss: "that's ok, we'll take note when people start using it"

and now

boss: "we've concluded the product was bad and we're giving up on it"

So, what are you all working on right now? Let's get some screen-shots in here!

I'm working on my "BrowserBandit" software - it reads a firefox or chrome profile and extracts saved user/pass combos, history, and autocomplete entries.

Static HTML pages are better than "web apps".

Static HTML pages are more lightweight and destroy "web apps" in performance, and also have superior compatibility. I see pretty much no benefit in a "web app" over a static HTML page. "Web apps" appear like an overhyped trend that is empty inside.

During my web browsing experience, static HTML pages have consistently loaded faster and more reliably, since the browser is immediately served with content useful for consumption, whereas on JavaScript-based web "apps", the useful content comes in **last**, after the browser has worked its way through a pile of script.

For example, an average-sized Wikipedia article (30 KB wikitext) appears on screen in roughly two seconds, since MediaWiki uses static HTML. Everipedia, in comparison, is a ReactJS app. Guess how long that one needs. Upwards of three times as long!

Making a page JavaScript-based also makes it fragile. If an exception occurs in the JavaScript, the user might end up with a blank page or an endless splash screen, whereas static HTML-based pages still show useful content.

The legacy (2014-2020) HTML-based Twitter.com loaded a user profile in under four seconds. The new react-based web app not only takes twice as long, but sometimes fails to load at all, showing the error "Oops something went wrong! But don't fret – it's not your fault." to be displayed. This could not happen on a static HTML page.

The new JavaScript-based "polymer" YouTube front end that is default since August 2017 also loads slower. While the earlier HTML-based one was already playing the video, the new one has just reached its oh-so-fancy skeleton screen.

It would once have been unthinkable to have a website that does not work at all without JavaScript, but now, pretty much all popular social media sites are JavaScript-dependent. The last time one could view Twitter without JavaScript and tweet from devices with non-sophisticated browsers like Nintendo 3DS was December 2020, when they got rid of the lightweight "M2" mobile website.

Sometimes, web developers break a site in older browser versions by using a JavaScript feature that they do not support, or using a dependency (like Plyr.js) that breaks the site. Static HTML is immune against this failure.

Static HTML pages also let users maximize speed and battery life by deactivating JavaScript. This obviously will disable more sophisticated site features, but the core part, the text, is ready for consumption.

Not to mention, single-page sites and fancy animations can be implemented with JavaScript on top of static HTML, as GitHub.com and the 2018 Reddit redesign do, and Twitter's 2014-2020 desktop front end did.

From the beginning, JavaScript was intended as a tool to complement, not to replace HTML and CSS. It appears to me that the sole "benefit" of having a "web app" is that it appears slightly more "modern" and distinguished from classic web sites due to use of splash screens and lack of the browser's loading animation when navigating, while having oh-so-fancy loading animations and skeleton screens inside the website. Sorry, I prefer seeing content quickly over the app-like appearance of fancy loading screens.

Arguably, another supposed benefit of "web apps" is that there is no blank page when navigating between pages, but in pretty much all major browsers of the last five years, the last page observably remains on screen until the next navigated page is rendered sufficiently for viewing. This is also known as "paint holding".

On any site, whenever I am greeted with content, I feel pleased. Whenever I am greeted with a loading animation, splash screen, or skeleton screen, be it ever so fancy (e.g. fading in an out, moving gradient waves), I think "do they really believe they make me like their site more due to their fancy loading screens?! I am not here for the loading screens!".

To make a page dependent on JavaScript and sacrifice lots of performance for a slight visual benefit does not seem worthed it.

Quote:

> "Yeah, but I'm building a webapp, not a website" - I hear this a lot and it isn't an excuse. I challenge you to define the difference between a webapp and a website that isn't just a vague list of best practices that "apps" are for some reason allowed to disregard. Jeremy Keith makes this point brilliantly.
>
> For example, is Wikipedia an app? What about when I edit an article? What about when I search for an article?
>
> Whether you label your web page as a "site", "app", "microsite", whatever, it doesn't make it exempt from accessibility, performance, browser support and so on.
>
> If you need to excuse yourself from progressive enhancement, you need a better excuse.

– Jake Archibald, 2013

i want to get my own social network up and running.

so far ive got -
login 100% securely
register (1000% securely)
view someone’s profile (10^7% securely)

to add -
scrypt (maybe bcrypt, however scrypt looks like the better option)
friend a user
track their every move (ill use facebooks and googles apis for that)

to describe my product -
ai
blockchain
iot
big data
machine learning
secure
empower
analysis

call me when im a gazillionaire

but seriously, im making a social network and i hope its done by wk105 tbh

If a user ++ all your rants and they happen to delete their profile does that mean that all the ++ he/She gave you goes away as well? Or what?

Instagram returns 404 when profile is not found and no user is logged in but returns 200 for the same url when any user is logged in. WTF!
Took me so long to debug this shit

Social Captain (a service to increase a user's Instagram followers) has exposed thousands of Instagram account passwords. The company says it helps thousands of users to grow their Instagram follower counts by connecting their accounts to its platform. Users are asked to enter their Instagram username and password into the platform to get started.

According to TechCrunch : Social Captain was storing the passwords of linked Instagram accounts in unencrypted plaintext. Any user who viewed the web page source code on their Social Captain profile page could see their Instagram username and password in plain text, as they had connected their account to the platform. A website bug allowed anyone access to any Social Captain user's profile without having to log in ; simply plugging in a user's unique account ID into the company's web address would grant access to their Social Captain account and their Instagram login credentials. Because the user account IDs were for the most part sequential, it was possible to access any user's account and view their Instagram password and other account information easily. The security researcher who reported the vulnerability provided a spreadsheet of about 10,000 scraped user accounts to TechCrunch.

If you are a web developer, consider using proper page titles.

Page titles are one of the most basic elements of a web page and yet websites often fail to make proper use of them.

Without a proper page title, your user does not have an accurate idea of what page is in the tab without having to open the tab, which gets tedious if many tabs are open. With a proper page title, an instant glance on the tab does suffice.

Some sites only put in their site name or something like "Search - Site Name" without including the search query in the page title, or "User profile - Site Name".

An example of this is, disappointingly, archive.org. As thankful as I am for the Archive, they could make better use of page titles to make browsing their library more convenient. While they use proper page titles on item pages (including both title and author!), they use non-descriptive titles on their 2023 search feature (downgraded from lightweight static HTML+AJAX to a JavaScript app) and user profile pages.

The user name of a profile or a search query and ideally a page number should be in the page title so a browser tab with a search can be found faster and can also be seen on social media sites that auto-generate preview cards with page titles.

Descriptive page titles also improve your search engine ranking! You surely don't want to miss out on that, do you?

The whole app was a shitshow...
- Cancel order as a post request (the same post request used to save the order).
I demoed the client how with a couple of lines of code I could change his "Cancel order" button to "Mark my order as payed" button....
- List orders method took an user id as input...
- Update profile did not care about wich properties you should be able to change as a non admin...
And so on...

So yeah XML is still not solved in year 2018. Or so did I realize the last days.
I use jackson to serialize generic data to JSON.

Now I also want to provide serialization to XML. Easy right? Jackson also provides XML serialization facitlity similar to JAXB.

Works out of the box (more or less). Wait what? *rubbing eyes*

<User>
<pk>234235</pk>
<groups typeCode="usergroup">
<pk>6356679041773291286</pk>
</groups>
<groups typeCode="usergroup">
<pk>1095682275514732543</pk>
</groups>
</User>

Why is my groups property (java.util.Set) rendered as two separate elements? Who the fuck every though this is the way to go?

So OK *reading the docs* there is a way to create a collection wrapper. That must be it, I thought ...

<User typeCode="user">
<pk>2540591810712846915</pk>
<groups>
<groups typeCode="usergroup">
<pk>6356679041773291286</pk>
</groups>
<groups typeCode="usergroup">
<pk>1095682275514732543</pk>
</groups>
</groups>
</User>

What the fuck is this now? This is still not right!!!

I know XML offers a lot of flexibility on how to represent your data. But this is just wrong ...

The only logical way to display that data is:
<User typeCode="user">
<pk>2540591810712846915</pk>
<groups>
<groupsEntry typeCode="usergroup">
<pk>6356679041773291286</pk>
</groupsEntry>
<groupsEntry typeCode="usergroup">
<pk>1095682275514732543</pk>
</groupsEntry>
</groups>
</User>

It would be better if the individual entries would be just called "group" but I guess implementing such a logic would be pretty hard (finding a singular of an arbitrary word?).

So yeah theres a way for that * implementing a custom collection serializer* ... wait is that really the way to go? I mean common, am I the only one who just whants this fucking shit just work as expected, with the least amount of suprise?
Why do I have to customize that ...

So ok it renders fine now ... *writes test for it+
FUCK FUCK FUCK. why can't jackson not deserialize it properly anymore? The two groups are just not being picked up anymore ...

SO WHY, WHY WHY are you guys over at jackson, JAXB and the like not able to implement that in the right manner. AND NOT THERE IS ONLY ONE RIGHT WAY TO DO IT!

*looks at an apple PLIST file* *scratches head* OK, gues I'll stick to the jackson defaults, at least it's not as broken as the fucking apple XML:

<plist version="1.0">
<dict>
<key>PayloadOrganization</key>
<string>Example Inc.</string>
<key>PayloadDisplayName</key>
<string>Profile Service</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist

I really wonder who at apple has this briliant idea ...

Sitting in a board room with about 20 people all who have flown in from different parts of the world to discuss the project plan for a web app with an international user base.

We are discussing a web form with a dynamic layout based upon the users profile. Users enters a ton of information, calculations, are made, and info in stored into a db. Info can be updated and will be reported upon later.

One of the project leads representing Europe suggest that the form be exported into Excel so that the user can fill it out in Excel only to be imported via the application. WTH!!!! Later I found out this was that leads 2nd week with the company. Why were you even at the meeting and why did you have input?

I HATE SURFACES SO FRICKING MUCH. OK, sure they're decent when they work. But the problem is that half the time our Surfaces here DON'T work. From not connecting to the network, to only one external screen working when docked, to shutting down due to overheating because Microsoft didn't put fans in them, to the battery getting too hot and bulging.... So. Many. Problems. It finally culminated this past weekend when I had to set up a Laptop 3. It already had a local AD profile set up, so I needed to reset it and let it autoprovision. Should be easy. Generally a half-hour or so job. I perform the reset, and it begins reinstalling Windows. Halfway through, it BSOD's with a NO_BOOT_MEDIA error. Great, now it's stuck in a boot loop. Tried several things to fix it. Nothing worked. Oh well, I may as well just do a clean install of Windows. I plug a flash drive into my PC, download the Media Creation Tool, and try to create an image. It goes through the lengthy process of downloading Windows, then begins creating the media. At 68% it just errors out with no explanation. Hmm. Strange. I try again. Same issue. Well, it's 5:15 on a Friday evening. I'm not staying at work. But the user needs this laptop Monday morning. Fine, I'll take it home and work on it over the weekend. At home, I use my personal PC to create a bootable USB drive. No hitches this time. I plug it into the laptop and boot from it. However, once I hit the Windows installation screen the keyboard stops working. The trackpad doesn't work. The touchscreen doesn't work. Weird, none of the other Surfaces had this issue. Fine, I'll use an external keyboard. Except Microsoft is brilliant and only put one USB-A port on the machine. BRILLIANT. Fortunately I have a USB hub so I plug that in. Now I can use a USB keyboard to proceed through Windows installation. However, when I get to the network connection stage no wireless networks come up. At this point I'm beginning to realize that the drivers which work fine when navigating the UEFI somehow don't work during Windows installation. Oh well. I proceed through setup and then install the drivers. But of course the machine hasn't autoprovisioned because it had no internet connection during setup. OK fine, I decide to reset it again. Surely that BSOD was just a fluke. Nope. Happens again. I again proceed through Windows installation and install the drivers. I decide to try a fresh installation *without* resetting first, thinking maybe whatever bug is causing the BSOD is also deleting the drivers. No dice. OK, I go Googling. Turns out this is a common issue. The Laptop 3 uses wonky drivers and the generic Windows installation drivers won't work right. This is ridiculous. Windows is made by Microsoft. Surface is made by Microsoft. And I'm supposed to believe that I can't even install Windows on the machine properly? Oh well, I'll try it. Apparently I need to extract the Laptop 3 drivers, convert the ESD install file to a WIM file, inject the drivers, then split the WIM file since it's now too big to fit on a FAT32 drive. I honestly didn't even expect this to work, but it did. I ran into quite a few more problems with autoprovisioning which required two more reinstallations, but I won't go into detail on that. All in all, I totaled up 9 hours on that laptop over the weekend. Suffice to say our organization is now looking very hard at DELL for our next machines.

I guess the time has come finally. 🤔

I'm now thinking of how to trace a Facebook user's current location. At first I thought of touching Facebook.

But then I thought that I can just write a webpage which will trace the visitor IP. And send the url to the user.

Oh it's not for me. One of my friends who is also a partner and a client of mine is being harassed by his former business partner. He has sued him but the guy is in hiding but still posting bad news on his Facebook profile.

So my friend came to me for help. :3

I'm ashamed of it, but I want to share my tifu-story:
My colleague asked me if I could rename his windows user name because he married and changed his last name. I changed it in the Active Directory, but he got some problems when he wants to log on. On every startup his old name appears. Simpliest task. Let me google that.
Easy going, let me just change this registry entry. Reboot. Old behaviour. Okay, I changed some of the other entries. Reboot. Yeah, his new name appears. But wait a moment. Windows just nulled his entire user profile and deleted all the data. "oh, haha you have a backup, right?" - "no, I saved everything on the desktop, all my work is gone!"
But at the end, the boss was mad at HIM, because he doesn't used the file server or any backup system.

i am not a smart man

Younger brother wanted to know how to work with users in Windows using cmd. I showed him a few things, told him PS is better but he can fiddle and just use net /? For the options he can use.

Go out for an hour. Come back and my user profile is gone. So the Padawan net user rangarr023 /del
My profile.

Time for some quickfix takeown commands haha.

Note to self. Let brother try things on his own pc, and next time use a vm.

Stakeholder: Can you investigate the problem with this user profile? We made updates to system A, but user is saying it’s the wrong info on the website.

Me: Looks fine to me. Looks like your updates just needed time to trickle down. Though, you will need to clean up this user’s data because it can cause X problems. There’s not much I can do since the site just displays info from system A.

SH: Can you delete the user’s website account and we can ask user to create a new one?

Me: …Ok, let’s try this again. It’s not necessary to delete the account and make the user create a new one. It’s not going to resolve the X problems that I mentioned. The website really needs clean data from system A.

I checked out this new hybrid app that was released by some local senior developers.

Turns out that on my user profile, my user ID is set as the value of a hidden field and changing it to any other user ID and saving the form will update the profile of that user. Including changing the password.

The password reset form also allows me to change the user ID to reset that user's password.

Speaking of passwords, the value of the password field on the profile is my actual password in plain text.

Yes, I said this app was released by a couple of "senior developers". One has over 15 years of experience and the other works at an IT company that builds online banking systems. They appear to have outsourced this side project to some other development team but... Come on. At least take one quick look at the source code before releasing it, why don't you?

I don't even...

@dfox

Just a suggestion, when scrolling down on a user's profile, their user information should scroll up too along with the 'rants/+1's/comments' tabs and then those tabs stay fixed while the user information hides. Sort of like what Twitter does

There's not much room to view the actual content with all the user information in the way. Of course once we scroll back up, it will then reveal the user info again

:-)

!rant
Bug (or feature ?) report
I don't know if it's a bug, a feature, and something that just happens to me.. When I view someone's profile and I want to scroll down to see the rants, the "first scroll" stops at the end of the profile. Then I can scroll down more. And after, if I want to see the profile again I can't scroll up. I ended up finding out that tapping the username lets us see the profile again. I'd like to point this out because the behavior seems kinda weird to me, I don't know what others think about it

when viewing a profile and scrolled down enough to hide the avatar and the user description, it does not show up back again when scrolled up... is it a bug or a feature? 😂 @dfox

Me: You decided some records in system A should be obsolete, but the records are tied to active user accounts on the website. Now, I have users emailing and asking why their profile’s last name field says “shell record - do not use.”

Stakeholder: Oh…can’t you stop those profiles from loading? Or redirect the users to the right record in system A? In system A, we set up a relationship between the shell record and the active one.

Me: 😵 Um, no and no. If I stop a user’s profile from on the website, that’s just going to cause more confusion. And the only way to identify those shell record is to look at the last name field, a text field, for that shell record wording. Also, the website uses an API to query data from system A by user id. Whatever record relationship you established isn’t reflected in the vendor’s API. The website can’t get the right record from system A if it doesn’t have the right user id.

I once wrote an http interceptor for which was supposed to check the internal cache for user data and only do some work with it if they were (we manually controlled what and who was in cache). There were two methods on the service cGetUser and dGetUser I of course called d which it turned out loaded the user profile from the database which would be fine if it weren't done in an interceptor .. on a web service... With a little over 25000 requests per minute.. on each node..

Tldr. I accidentally wrote a database ddos tool into our app...

!rant

@dfox : it looks like that there might be a bug in viewing profiles with less than 5 rants.

Android version 6.0.1 Samsung s7

1.) Click on a user profile with a low number of rants
2.) Scroll to the bottom of the list
3.) The user is unable to scroll up.

Got the GitHub student developer pack in 10th grade (highschool)

I recently made an application for GitHub student developer pack which got accepted .
If you don't know what this pack is all about , let me tell you this pack gives you free access to various tools that world-class developers use. The pack currently contains 23 tools ranging from Data Science, Gaming, Virtual Reality, Augmented Reality, APIs, Integrated Development Environments, Version Control Systems, Cloud Hosting Platforms, Code tutorials, Bootcamps, integration platforms, payment platforms and lots more.

I thought my application wouldn't qualify because after reading the documentation , I thought that It was oriented more towards college and university students but nonetheless I applied and my application got accepted . Turns out all you need is a school -issued verifiable email address or proof of you current academic status (marksheets etc.)

After few minutes of the application I got the "pro" tag on my GitHub profile although I didn't receive any emails .

I tested it out and claimed the Canva Pro subscription for free after signing up with my GitHub account.

I definitely recommend , if you are currently enrolled in a degree or diploma granting course of study such as a high school, secondary school, college, university, homeschool, or similar educational institution
and have a verifiable school-issued email address or documents that prove your current student status, have a GitHub user account
and are at least 13 years old , PLEASE APPLY FOR THE PROGRAM .

Checkout the GitHub docs for more info..

Thanks !

My GitHub GitHub Username :
satvikDesktop

PS. I would have posted links to some sites and documentations for further reading but I can't post url's in a rant yet :(

I work for a particular tech company doing chat based support where I troubleshoot a certain email application.

And one of the most common phrases I get is: "Hey Mister IT Guy, I am suddenly missing all of my contacts and Calendars. This super sucks! I had to rebuild my email profile to make my email work again!".

I really wish when they teach computer literacy in school they drilled "Learn How To Back Up Your Junk" more so when stuff like this happens I can get them back up and running in 10 minutes instead of telling the user they are going to have spend hours rebuilding their calendar and contacts.

TLDR: I wanted to change email to new one, but I could not remember which one I have
currently. I found out an API in DevRant JS files for email verification and used
it to find it out.

So, I am moving from Gmail to Protonmail Pro, absolutely love their service.
I wanted to do same on Devrant but I could not figure out my current mail for
"I lost my password" form. My Password Manager have only login saved, and profile does
not show email address.

I thought that this user information is stored on server so it have to be some way to retrieve it. I dug
in source code and I've found:

`<div class="signup-title">Verify Your Email</div>`

Which has event assigned to function which uses jQuery.ajax (love it btw :D) to call:

`url: "/api/users/me/resend-confirm",`

This seems like worth a shot. Few copy-pastes and one ajax call later:

*Ding*

From: support@devrant.io
To: dawid@dawidgoslawski.pl
"Welcome to Devrant"

Got it :) So I have already changed in march when DevRant on previous layout.

This is what I love in this profession - problem solving. AI will not replace human
in any way, we will just stop coding array iterations and data manipulation - we will focus
on real problem solving and human touch (like design, convincing management for changes).

So the avatars of people never load in my devRant app. Except for the user profile screen. Post and comment screens just show Colors circlez. I’m curious. (Yeah my app is updated to latest version)

Literally facepalm when seeing my company coding used Email as an identity to retrieve profile data etc. Yet the profile is allow user to interchange their email.

What is this kind sorcery is this? Why don't just plainly use the UID to retrieve profile instead, as simple as that. Is UNIQUE!!!

😒😒😒 F

Our site has a feature where if a user changes some parameters in his profile, his plans on the site are updated in accordance with the change.

It took me a 2 weeks to implement a proper queue based updating mechanism.

My manager : "What's taking so long? Why not implement it in a recursive loop of all the users in the database?"

I could only stare with my mouth open.

Let's see:

No archival of data on a database server with over 5000 high profile customers using no encryption whatsoever with telnet open on LAN, every user on the same account in the office using the companies name as the password... But hey there are security cameras!

So I sign up for this fancy pants website were developers rant about shit. They ask me bunch of data mining personal questions upfront like a marketing bitch so I go through and fill out my profile. Ok it's a social site, whatever and nobody gives a fuck about me anyway. I hit save, continue and go to click the email that injects my lies into their database. But I figure I might go back and fix some of the lies I wrote about myself just in case Google craws it and somebody I meet in the future calls me liar. So I spend 10 minutes trying to navigate the whole website to find a way to get back there to edit the lies or even perhaps find some site help relating to profiles. Of course the profile page itself does not do this profile edit stuff and bugger me if there is no help at all on how to use this website. So I did the only thing I could and wrote this rant in the hope somebody knows how the fuck I cover my tracks on devrant.com

Windows bites. brand new gaming rig and only a few days of using it when it now won’t log in because of a corrupted user profile. Even completely wiping the machine and starting over doesn’t fix the issue. WTF?

I once had to write an http interceptor for a distributed api. The interceptor needed to use the request context and the user profile to work out if a particular type of content had previously been accessed. Anyway there were two methods to get the user profile getUserC and getUserD, turns out C stood for cache D stood for database. Of course I called getUserD I effectively wrote a database distributed denial of service tool into our app 😬 we got a call from our customer complaining that their exadata servers where grinding to a complete halt

Same user. One profile was loaded, one was not. Look and see. A reload of the rant fixed it. Idk if it's a bug. I'm reporting it anyway.

Can't believe I'm about to say this, but:

Systemd-container is a rather cool SysD extension.

It allows me (Root on most servers) to switch to a customer account in a completely new session, setting all the .profile and .bashrc stuff up, so I can do stuff like control their rootless docker, and no longer have to add my SSH key to their authorized_keys file then re-login under their user.

Nice.

Years ago there was a booom with counter-strike portals and I wanted to have one by myself. I uploaded php-fusion on ftp, download a free template and fill content. But, basic profile was not so interesting as on other sites. So I found a dev, sgo wrote me better profile (for free). I wanted to show user id but didn't want ask him, so I tried (echo in html) 4 hours of trying print a simple variable. When I already done it, that feeling was beautiful and I realized, that I can do changes by myself and try other things. Next was basic VIP plugin (with sql injections etc.) which I sell to other people and that was the moment I know I will be dev

Hey errrbody!!!

I'm banging out a couple "showcase" mobile apps for practice, portfolio, and/or as potential templating tools.

I have no issue writing the code, I just wanted to see if I could get a couple pointers as far as user databases go. I'd like to have some "user profile" features generated from a FB...vlike profile images, name, address, contact, yadda yadda yadda. I usually use Firebase, but I am still having a little trouble with the more advanced stuff when it comes to integrating users profile data. I can get values from Google and whatnot, but I'd like to see what my other options are on the smaller scale.

I am currently writing code in Flutter/Dart, ReactJS( not native!), Vanilla Js, Python, and CPP.

I know there's options for client side storage like Shared Prefs, Sqflite, etc, as well as server/DB side stuff like Firebase, Aws, Mongo, Node, SQL, etc- you get the idea.
I just want something with decent documentation that's reliable, not a massive undertaking (at least not for all this little stuff, anyways) and could potentially be a go-to platform configuration in the future. It'd be cool to wire in my Flutter and js shit of possible, bit honestly I'm cool with having separate setups for the time being. Any extra input regarding the use of python and/or cpp as well (either separately or with mobile) would be rad as fuck!!!
I do realize it's a pretty vast area to cover, but I figured it couldn't hurt to see what everyone likes to use for full-stack setups.
Thanks!!!!

A better profile page would be nice, preferably with a picture and collapsible header area for more view room for rants that the user has posted.

Just had the worst time ever. Tried to register to a web portal of my ISP. Couldn't even get to the dashboard. It randomly redirects back to login page. Doesn't save info. Asks for info already given in the profile when I try to add my connection and then says info doesn't match with what's in the profile.. WTF!!! I just copy pasted it from the profiles info page. :/ just gave up after trying for the 50th time. I just can't understand how someone could design something with this level of shitty user experiance.
I would just like to say fuck you to the assholes who designed that worthless portal. :/

What is the efficient way of querying database and fetch paginated posts AND also checking if the user viewing that post has liked it?

Just like on instagram or twitter, you can just like/unlike post.

Entities:
- user
- post
- user_post_like

Ive implemented fetching posts for 1 user profile and also liking unliking each post. Thats fine

But now how do i know which post has been liked by which user?

One way i can think of is:
1. Query paginated posts (e.g. 10)
2. Loop through each post and query in user_post_like table to check if this post has been liked and if it is then set flag liked to true. That way on the frontend i can easily set liked or unliked post via ui

But this means I'd have to query database 10 times all the time, aside from querying 10 paginated posts. This doesnt seem efficient... Or am i wrong? Is this normal?

How would you model this?

Does anyone know how to fix my current issue, because this seems to be a very obscure case.

current situation: user is logged in on our app and wants to add a link to their "instagram" profile.
The user presses "add profile" button and has to fill in their username.
Issue: users dont know their username, or misspell them(this causes users to lose interest)

What we want it to be:
already logged in user presses "add" and gets directed to the social media in question to authorize our app which then returns a link to the users profile

I have a question about modeling a UI to code

Lets say you have a UI finished

Now you need to model it to code

For simplicity ignore functionality just focus on designing the model classes

For further simplicity Imagine that the UI is grouped into material cards.

Lets say the UI of the User Profile Page looks like this:

1) HEADER
- user profile banner
- user profile image
- username
- first and last name
- total posts
- total likes
- button to add to favorites
- dropdown to report user
- button to share profile

2) BIO
- short description
- user birthday
- location

3) ANNOYNCEMENTS
- "X% off on Y"
- "going live at X:YZ"
- etc

4) GALLERY
- group of images posted on profile timeline

5) TIMELINE
- text/video/audio
- number of likes on post
- user profile image
- username
- user first and last name
- post date
- etc

---

Now im having a mixed feeling what is right thing to do. In my User model i have a date of birth field among other fields as well as profile image url to s3 bucket. This means that i already have half the information for HEADER card from User model, but now i would need to create a Profile model to fill in the remaining fields.

Especially for BIO card:
- short description (Profile model)
- user birthday (User model)
- location (Profile model)

Is this weird? Mixing data with 2 models on 1 page on 1 or multiple card sections?

This feels messy to me and as if im gonna hit a wall if i continue long enough like this. A better solution to me is to have a Profile model handle everything on the Profile page and be able to cover all cards and fields on each card. But this doesnt seem like a realistic or possible way to do it since specific fields are required for User model.

Am i overcomplicating and overthinking this shit?

Tell me is it normal to mix 2 or more different models to show data in 1 card on 1 page or how would you suggest doing it better?

How do i show a profile pic from s3 bucket?

One way is to fetch it from backend and send it to frontend as a huge blob string. This is how i made it currently and it works.

.... what if i want to frequently get the profile image? Am i supposed to send a separate API request to the backend every time? What if I need to show the profile picture 100 times then that means I will have to send 100 requests to the backend API?

...... or even worse, what if I need to fetch a list of images from the S3 bucket for example, a list of posts that contain images or a card with the list of profile images of multiple users? If I need to display 100 posts, each post containing one image, That means I would have to separately call 100 API request to fetch 100 images…

That is fucking absurd.

Of course I can make it so that it saves that URL to that image as a public setting but the problem is the URL will be the exact URL to the S3 bucket, including the bucket name, the path and the file name as well as the user information such as the user ID. this feels like it is a huge security risk

What the fuck am I supposed to do and how am I supposed to properly handle display images which are supposed to be viewed publicly?

This is a repost of an original rant posted on a request for "Community Feedback" from Atlassian. You know, Atlassian? Those beloved people behind such products as :

• Thing I Love™
• Other Thing You Used One Time™
• Platform Often Mentioned in Suicide Notes, Probably™*

Now this rant was written in early 2022 while I was working in an Azure Cloud Engineer role that transformed into me being the company's main Sysadmin/Project Manager/Hiring Manager/Network Admin/Graphic Designer.

While trying to simultaneously put out over 9000 fires with one hand, and jangling keys in the face of the Owner/Arsonist with the other, I was also desperately implementing Jira Service Desk. Normally this wouldn't have been as much of a priority as it was, but the software our support team was using had gone past 15 years old, then past extended support, then the lone developer died, then it didn't work on Windows 10, then only functioned thanks to a dev cohort long past creating a keygen....which was now broken. So we needed a solution *now*.

The previous solution was shit of a different tier. The sight of it would make a walking talking anthropomorphised sentient puddle of dogshit (who both eats and produces further dookie derivatives) blush with embarrassment. The CD-ROM/Cereal Box this software came in probably listed features like "Stores Your Customer's First AND (or) Last Name!" or "Windows ME Downgrade Disk Included!" and "NEW: Less(-ish) Genocide(s)"!

Despite this, our brain/fearless leader decided this would be a great time to have me test, implement, deploy, and train everyone up on a new solution that would suck your toes, sound your shaft, and that he hadn't reminded me that I was a lazy sack enough lately.

One day, during preliminary user testing I received an email letting me know that the support team was having issues with a Customer's profile on our new support desk. Thanks to our Owner/Firestarter/Real World Micheal Scott being deep in his latest project (fixing our "All 5 devs quit in the last 12 months and I can't seem to hire any new ones" issue (by buying a ping pong table)), I had a bit of fortuitous time on my hands to investigate this issue. I had spent many hours of overtime working on this project, writing custom integrations and automations, so what I found out was crushing.

Below is the (digitally) physical manifestation of my rage after realising I would have to create / find / deal with a whole new method for support to manage customer contacts.

I'm linking to the original forum thread because you kind of need to have the pictures embedded in said reply to get really inhale the "Jira-Rant" ambiance. The part where I use several consecutive words as anchor links to tickets with other people screaming into the void gets a bit sweet n' savoury too - having those hyperlinks does improve the je ne say what of it all.

bit.ly/JIRANT (Case Sensitive)

--------------------------

There is some good news at the end of this brown n' squirty rainbow though!
Nice try silly little Jira button, you can't ruin *my* 2022!

• I was able to forget all about Jira a month later when I received a surprise vacation home! (To be there while my Mom passed away).
• Eventually work stress did catch up to me - but my boss thoughtfully gave me a nice long vacation! (By assaulting *while* firing me (for emailing in a vacation request while he was a having a bad (see:normal) day))

Profile (1, 1) --- (1, 1) User

Right?

- A single user *must* have *exactly* 1 profile.
- A single profile *must* belong to *exactly* 1 user.

Makes sense?

I did this because i moved user profile image and user banner image into Profile entity

So now i can easily join tables and fetch user profile image based on username or user ID

By deeply thinking like an asshole and overengineering, i stumbled upon a confusion

If i can join tables and get ALL fields (assuming its a left or full outer join) from both entities...

What is the difference between choosing which entity to fetch on the frontend?

For example if i want to fetch users, inversely, i can fetch Profile entity, which has User entity as a nested object, and that way access users. Now i have access to each user's profile image, banner image, bio etc aside from the entire user object

If the user navigates to a profile page, inversely, i can fetch User entity which will have a Profile entity as a nested object, and that way show the remaining necessary fields that the profile page needs to show

I gave these inverse examples because if i want to fetch users, surely enough i can simply fetch from User entity, and if i want to fetch someones profile data i can fetch from Profile entity directly

So if this is the case, when am i supposed to fetch one over the other?

You tell me. For simplicity lets focus on these two examples. Consider this as an exam question:

1) user navigates to home page. Now paginated users with role X need to be shown, but also their profile image. Do you fetch from User or Profile entity? If you use joins which ones and why?

2) user navigates to their or someone elses profile page. Now profile-based data needs to be shown, but also the user's username and full name need to be shown. Do you fetch from User or Profile entity? If you use joins which ones and why?

Following some new nextjs tutorial to learn how to efficiently build a web chat app, the guy built it very solid, but is it efficient?

Im having mixed feelings about this approach. The way he did it is, for example when you click on a user (imagine it as a list of users from your contacts), it actually calls a route, which stores that in database, and once its done Then the route triggers lets say socket.io event to notify the frontend to update the UI.

Not only that but each new message that gets sent it actually calls a route which stores that message in database and once that's successful Then it emits a socket.io event to the frontend to fetch that message.

As you can imagine constantly calling routes like this Does induce small delays. Creating conversations, navigating, opening someones profile and especially sending messages, is NOT instantaneous. When you do it theres a small delay, giving the impression as if the app is SO large that it lags

But it doesnt lag, it just needs a few ms to store that in db so it can return the socket.io bidirectional message event. Which does make sense because what if the internet broke and the user immediately gets sent a message, but the message fails to get stored in database? Or db storage gets fucked or something else fails but socket.io works while db doesnt? The data then may be inconsistent. This approach fulfulls the single source of truth principle

So thats why im having mixed feelings about this approach particularly because of small delays. It is not instantaneous like whatsapp discord telegram signal viber etc the input UI freezes until the message is successfully sent

---

Of course this can be a UI/UX decision and can be handled differently even if the backend works like that.

My concern is is this approach valid?

My question is... I had an idea what if i emit socket.io event to send the message while in the background also call the route to store that message in db? This way not only would it work asynchronously but the message gets sent instantaneously, and if the backend fucks up to store it in db then the UI gets updated with message failed to get delivered, switching the socket.io into polling state. Is this a good (proper, efficient, better) way to do it or not?

Anybody use LinkedIn? I have created my LinkedIn account probably 3-4 years ago. but since then, I probably have logged in there maximum 10-20 times :/
Not that the account is needed but still curious to know what people actually look for, in a LinkedIn profile, how to get recognized, etc etc. Care to share any tips? or anything helpful for a Noob-LinkedIn user?

Does DEVRANT posts/user profile crawled by google?

!rant

Looking for help starting with DevOps.

Does anyone know of a site or forum where you can talk about general coding/scripting patterns rather than just asking specific questions?

Bear with me, this may be a bit longer than most posts here.

I'm a self-taught admin/tech working with one colleague (who's also mostly self taught) at a high school, managing both clients and servers.
We've been doing most things manually bit I'm looking into converting as much work as possible into more of a DevOps setup, with Powershell-scripts for multi step tasks.
I want to do this for a number of reasons. Having a script doing a number of steps would cut down on time spent on individual tasks and minimize the risk that a step is missed or, perhaps even worse, mistyped. Also it's important that I actually learn what I'm doing, why something works and why something fails.

As and example, I have a powershell-script which moves a student from one year to another (basically they have user names with a two-digit prefix based on the year they started and a suffix with two letters from their first names and four from their last names) if they need to repeat a grade.
It basically renames the account in the AD with the correct year-prefix, changes the samAccountName, renames Home and Profile-directories on disk and changes paths on the profile-tab in AD, moves the user into a new OU and security group etc.
It works as intended if the user account to be renamed exists and there's no name conflict with the new name. But I'd like for the script to validate that there's no problem with user names, source and target security groups and OUs etc. and eventually split the script up into smaller clearly defined functions for better readability.
However, I don't want someone to just write the script for me, I'd prefer to be able to discuss script flow and come to my own conclusions and solutions.

TL;DR warning!

Please help me out on this, fellow ranters:

I have a js app, a sandbox for musicians, which everyone is checking out once, then after fiddling around, they never really come back.

What can I do, to make an app more desirable, so that musicians would incorporate my tool into their musical repertoir?

One advice I've got from a friend is to save the session, like jsfiddle, so that the user can continue his/her work later and don't have to start all over.

If you want to check out my app, then the link is in my profile.

which is the best cloud provider for a complete beginner (user/dev) in terms of community support, employer preference and user-friendliness?

i know that understanding the tech and concepts behind it matters more than getting familiarized with a specific platform, but i'm looking to build a more diverse profile and have noticed many positions asking for AWS/Azure experience.

since i'll be starting from scratch, any provider with easy-to-follow documentation, online help and certifications that don't leave you broke (would have to pay myself, earn very less as a student from a third-world country, parents/current employer can't support) would work.

#Suphle Rant 1: Laravel closing the gap

This is the first of a series of long overdue rants regarding Suphle, because I have had so so much to grumble about over the last ~2 years building it. A bit of introduction: I compiled a list of all the challenges I faced in my time as a salaried PHP developer. I also gathered issues complained about by other developers in a laravel group I'm part of, and decided to solve them at the framework level since they're avoidable. I also borrowed impressive features encountered in my time working with other languages and invented a new one, as well. I quit my job last July, still haven't get a new one yet cuz office workload kept conflicting with Suphle development. I concluded all work and testing on it back in August/September but it's yet to be officially released since the docs is still in progress.

Anyway, yesterday, I stumbled upon what is IMO the most progressive /tangible update I've seen in all my time following Laravel updates. It's called [precognition](don't have enough rep to post the PR link but you can search on their repo), and contains features that are actually beneficial to both developer and end user. It also turns out to be functionality that was part of Suphle's bragging rights. Their DX is still tacky but I'm devastated cuz it's a matter of time before they work it out. Makes me wonder what the quality of all I've built would be in a year if it doesn't become big enough to attract frequent contribution. I guess there's only so much one can do against a community.

Later that evening, I found a developer from my country on twitter who claims to be making a decent living. A little snooping around his profile informed me he's building his own back end framework but in NodeJS. I know with every degree of certainty that what he'll eventually do can't hold a candle against Suphle in overall functionality or thoroughness. Not a dick measuring contest but when your motive isn't significant innovation, you'll neither plan properly nor even know what exactly to build. You'll just reinvent the wheel as an academic exercise

Yet, I can't help but have that sinking feeling he's winging it, while making a windfall with his dozens of freelance projects. It kind of feels like I shortchanged myself, and Suphle's shelf life will suffer the same fate as a hobby project for 10 stars (which I don't even have yet!!). I reached out to him to rub minds together but he ignored. More pain.

I'll get over this and return to work on the docs, but from the look of things, the end isn't an appealing or expected /deserved one

Sometimes I have to connect to production database and alter my dev environment so I can “log in” as a user and see what’s wrong with their account. Once in a while there is a legitimate website issue that is unique to that user’s profile. Other times it’s user error, like the user not understanding that they have to connect their membership to their online account (they think signing up for an account will connect it automatically).

I don’t like circumventing the user’s log in like this, but sometimes it’s necessary since the website is so confusing. I inherited this website, so many of the problems were formed way before I took over.

My stakeholders want a log in as user feature for website admins to use. My manager and PM don’t think that’s a good idea right now since there are over two dozen people with admin access and admin access means access to everything in the admin (there aren’t options to give permissions as needed).

hey, so i have recently started learning about node js and express based backend development.

can you suggest some good github repositories that showcase real life backend systems which i can use as inspiration to learn about the tech?

like for eg, i want to create a general case solution for authentication and profile management : a piece of db+api end points + models to :

- authenticate user : login/signup , session expire, o auth 2 based login/signup, multi account login, role based access, forgot password , reset password, otp login , etc

- authorise user : jwt token authentication, ip whitelisting, ssl pinning , cors, certificate based authentication , etc (

- manage user : update user profile, delete user, map services , subscriptions and transactions to user , dynamic meta properties ( which can be added/removed for a single user and not exactly part of main user profile) , etc

followed by deployment and the assoc concepts involved : deployment, clusters, load balancers, sharding ,... etc

----

these are all the buzzwords that i have heard that goes into consideration when designing a secure authentication system for a particular large scale website like linkedin or youtube. am not even sure how many of these concepts would require actual codelines and how many would require something else.

so wanted inspiration from open source content to learn about it in depth, replicate and create new better stuff if possible .

apart from that, other backend architectures like video/images storage system, or just some server for movie, social media, blog website etc would also help.

Despite already having a few years of professional experience dealing with Linux servers, I still, to this day, confuse, which environment file gets sourced and when...

There's /etc/profile, /etc/bashrc, ~/.bash_profile, ~/.profile, ~/.bashrc

I think it's... Bashrc for interactive shells, profile for login shells.

But then I have examples like "ssh user@server 'echo $var'" that... Don't source any of the files!

You can enable user environment files for SSH that get sourced whenever a user logs on through SSH (~/.ssh/environment / environment specified for a key in ~/.ssh/authorized_keys)

Is there some sort of master environment file that gets sourced *every* time, no matter what kind of shell starts?