Got an email from a stakeholder about a $0 transaction for an item that was not meant to be $0. Found someone put a condition in the code to set the price to $0 if it couldn’t be queried from the database. Wut…that is…not logical 😵‍💫😵

oh, well ok then.

I used to work for a company that had a main website and a lightweight app. LW app was distributed to partners and added to other sites using an iframe.

Someone decided a requirement was to retain the shopping cart for anonymous users. Some dev thought the best way to do that was to issue auth cookies to anonymous users.

The auth cookie issued by the LW app was actually for the main site. A few users for LW app decided to just come to main site to make a purchase. Since they already had an auth cookie (issued from LW app), they were never prompted to log in, create an account, or use guest checkout on the main site. They were still able to complete their order and we had their shipping address, but we didn’t have their email address so we couldn’t contact them about their order.

Customer service had no way to email customers if something went out of stock or if there was a product recall. CS would have to call these customers and ask for email addresses. Good luck getting anyone to answer or return a call nowadays. Customers were asking where their confirmation email was. The admin website was polluted with “users” that had the placeholder email for non-logged in users.

This happened because of a combination of an understaffed and overextended engineering department. Of course when something goes bad it’s going to be bad.

Both Conservancy and the Git project are aware that the initial branch name, ‘master’, is offensive to some people and we empathize with those hurt by the use of that term.

Offensive my butt. It's not like any developer alive today had experienced the life of a slave. It's all in the past. Should I get offended by imperial Japanese flag?

Other staff: I’m having trouble logging in to website A. My password doesn’t work.

[Me thinking: That’s weird. When I set up your account, the password worked. I told you to change it. So maybe you forgot your new password. We haven’t changed anything to about the login process.]

Me: I reset your password. [sends new password]

Other Staff: The new password doesn’t work. But I can log in with Google.

Me: 😶 Website A does not have sign in with Google. What website are you actually on???

Been getting a lot of troll / clown / clueless (?) comments on my posts recently. Select favorites include:

"Why do you have a login form on your website?" wut
"Why didn't you throw away that API key?" wut
"Why do you even need to access your apps' servers?" wut

There are just SO many amazing devs here who have NEVER had do any of those things, I'm quite literally an idiot and don't know what I'm doing, sorry for my ignorance. I'd forgotten that there is only exactly one way to build software, I wish I'd done it "that" way sooner! Foolish me.

Really not sure if trolls, clowns, or clueless. Don't care. 🤡🤡🤡

I just experienced a new level of wut at my job. Web Engineering has a Google group email. This morning someone at work sent us an email about canceling a work order (and he didn’t know how to cancel it)…for a plumbing issue 😑Wrong engineering department, my dude. And you can cancel your work order by going to the request system where you submitted it or the email receipt of you request, which was certainly not to this Google group email. You have the work order number, so you must have an email somewhere about your request. And how’d he get this email?? I’m seriously wondering if this is a weird phishing attempt.

Explain to me why CORS isn't the dumbest thing I've ever heard of?

I can make requests from outside the browser but not from within? Hah?