Worst Peice of Code in the World
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible
That looks icky all right. But I have seen worse. Much worse. Ever had to maintain C code that was converted from really really old fortran? Space padded fixed length strings to null terminated strings - fun! Generated code is so pretty. Not. :) - Phil
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible
-
Hmmm at first glance it's madness, but at second glance perhaps they were debugging or something and looking at it in a debugger ....ahh forget it, no excuse. Probably copied out of a visual designer of some kind.
Hi! Yes I agree with your assumptions, I bet the programmer copied the string from a sql editor and used an utility akin to the StringBuilder add-in to produce a formatted string from the clipboard contents... :~ Anyways, I really wouldn't like to be the one maintaining such code! ;P
An interesting form of object-oriented programming: You suggest a novel approach, and watch as the rest of your team objects!
-
Not even close. If I had some snippets from when I was a TA in Java your eyes would leap from your skulls and run to the nearest pit of lava.
On two occasions I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. - Charles Babbage
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible
A few years ago I had the pleasure X| to read a legacy Cobol source code; after many, many pages of interesting code :zzz: :zzz: :zzz: I found this masterpiece:
IF PIPPO = 8 OR PIPPO = 8 PERFOM R-A.Looks like it is more obscure and clearer than your SQL code, at the same time! Of course the programmer who wrote this was not in the firm anymore (I'm not sure he was even in this life anymore): after a short briefing we decided the programmer was an insecure guy and wanted to be REALLY sure the variable equalled 8 (of course this code had been in production for several years when I read it). It's been my first experience with fuzzy logic. A few pages later I found another masterpieceIF X = ZERO PERFORM R-CALC ELSE IF X = 1 PERFORM R-CALC ELSE IF X = 2 PERFORM R-CALC ELSE IF X = 3 PERFORM R-CALC ... ELSE IF X = 50 PERFORM R-CALC ENDIF.Variable X could assume only values from 1 (default) to 50, but code tested for value ZERO, and in any case, tested each value and for each value performed routine R-CALC. I thought the programmer was paid by lines of code, but I don't understand why she/he didn't write fifty identical routines R-CALC00, R-CALC01... R-CALC50 to call: I hope she/he had been fired before having the time to do this.Marco Turrini
-
Colin Angus Mackay wrote:
* there is are a bunch of string literals that contains lots of newline, line feed and tab characters in escaped form that will eventaully be sent to a SQL parser which will just ignore them.
It replaces those with empty strings. I can only presume this was generated with some sort of SQL generator, and the original developer wasn't capable of manually removing all the escape chars himself :~
-- Help me! I'm turning into a grapefruit! Buzzwords!
Uhm... guys... It's calld to Obfuscate... taken from website: "converts the JavaScript source code into scrambled and completely unreadable form, preventing it from analysing and theft" www.javascipt-source.com Have no idea about the SQL injections.. Don't have any experience on obfuscating, but i'd expect the source before obfuscation used injection. Atli:)
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible
Hmmm, If you replace the CR/LF/TAB as required you get INSERT INTO Policy ( ProductID, schemeGroupID, CreatedBy ) VALUES ( ", num1, ", ", this.QuoteSelected.SchemeGroupID, ", '", this.CreatedBy, "' ); SELECT @@IDENTITY;" which means it is just an unusual form of 'cut and paste' from a nicely formatted screen layout and applied in a creative way that I had not imagined before (and then compacted in code to make the string simpler for the parser to handle)! Some times the shorter way to do things actually takes longer in its final form.
-
Hmmm, If you replace the CR/LF/TAB as required you get INSERT INTO Policy ( ProductID, schemeGroupID, CreatedBy ) VALUES ( ", num1, ", ", this.QuoteSelected.SchemeGroupID, ", '", this.CreatedBy, "' ); SELECT @@IDENTITY;" which means it is just an unusual form of 'cut and paste' from a nicely formatted screen layout and applied in a creative way that I had not imagined before (and then compacted in code to make the string simpler for the parser to handle)! Some times the shorter way to do things actually takes longer in its final form.
-
Not while someone else was paying for my code. -- modified at 9:18 Monday 21st August, 2006
Look where you want to go not where you don't want to crash. Bikers Bible
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible
That's pretty awful. My gold standard for vomit-inducing code was a render function written for a game (no names). It was a single function, 3000 lines long, and had "goto" statements jumping into loop and if statement bodies. Nobody but the writer understood it. The game shipped and was moderately successfully, but I could never look at it without thinking of the festering cancer of code lurking at it's heart. -- modified at 11:39 Tuesday 22nd August, 2006: Emphasis added to 'into'. I still can't believe that. I can understand (but not condone) jumping -out- of a loop or if statement... but into one? beggared belief, that did.
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible
The only really bad thing about this code is using the incorrect insert ID...everything else can be rationally explained (e.g., debug output (as mentioned above)). Generally, those variable names aren't that bad, as they are rarely, if ever, used much after their initial declaration. But I guess it's pretty l33t to make fun of other people's code! I dare say I've seen much worse code...hell, I've written worse myself. :) :sigh:
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible
That kind-of looks like a piece of code that might have been auto-generated by a GUI tool of some kind.
-
I found this small nugget of code buried in a sea obsurity. I was speachless and could not figure out why someone would ever write such a piece nonsense. Whats worse :omg: is this is currently running live. ########################### string text1 = string.Concat(new object[] { "INSERT INTO Policy \r\n\t\t\t\t(\r\n\t\t\t\t\tProductID, \r\n\t\t\t\t\tschemeGroupID, \r\n\t\t\t\t\tCreatedBy\r\n\t\t\t\t) \r\n\t\t\t\tVALUES \r\n\t\t\t\t(\r\n\t\t\t\t\t", num1, ", \r\n\t\t\t\t\t", this.QuoteSelected.SchemeGroupID, ", \r\n\t\t\t\t\t'", this.CreatedBy, "'\r\n\t\t\t\t);\r\n\t\t\t\tSELECT @@IDENTITY;" }); text1 = text1.Replace("\n", ""); text1 = text1.Replace("\t", ""); text1 = text1.Replace("\r", ""); SqlConnection connection1 = new SqlConnection(Config.ConnectionString); SqlCommand command1 = new SqlCommand(text1, connection1); ###########################
Look where you want to go not where you don't want to crash. Bikers Bible