RSS LJ

March 23, 2004

Mitigating bullshit ()

by fluffy at 6:57 PM
So, I went ahead and just worked with the existing codebase. Every time something was braindead or fugly I "refactored" it. Within two hours I'd rewritten all of the shit which had taken this other guy two weeks to do.

The old code was utterly horriffic. For example, instead of using sessions (which takes all of one line of code in PHP4) it used hidden form elements everywhere to pass session data around. Of course, for normal links this wouldn't work so all links were done as Javascript hacks which would treat a link like POSTing a hidden form.

Not to mention that the things being passed around were trivially-mangled forms of the username and password, and it was essentially doing a login for each pageview.

Most absurdly was how many SQL injection holes I saw, and how easy it would have been to spoof a session or to grab someone else's password. (Especially since the passwords are stored in plaintext on the server.)

So, when John asked me how it was going, I told him that I went ahead and used the old code, but while I was cleaning it up I ended up accidentally rewriting everything and made it way cleaner and modular while I was at it.

Comments

#2165 ucblockhead 03/23/2004 07:54 pm That's what I would have done
When code is bad enough, rewriting is faster than fixing. I don't know how many times I've done that. When I used to work for id^h^hless technical managers, I'd "forget" to tell them.
#2166 fluffy 03/23/2004 08:01 pm
Yeah, but this boss is extremely technical... I just don't think he ever got around to looking at the utter dreck which the previous temp wrote. I mean, seriously, it looked like it was written by a first-year CS who had never coded a web service before, and knew just enough CSS and Javascript to be dangerous.
#2167 ucblockhead 03/23/2004 08:27 pm Technical bosses
I swear, I'll never work for a nontechnical boss again. It is so amazing being able to talk through issues to someone who actually knows what the fuck you are talking about and who can actually make decisions based on facts.

Anyway, the nice thing about crappy code is that you can come in, rewrite it and work wonders. I had one company I was contracting for thinking I was a complete and utter genius because I simply threw out the horrendous crap that performed horrible and replaced it with the sort of thing any decent coder would have done in the first place.
Log in/Register Post a comment (forum view)
Comments powered by phpBB (how to do this)