Representative Line: Greater Than False
Today's anonymous submitter passes us a single line of JavaScript, and it's a doozy. This line works, but that's through no fault of the developer behind it.
{arr?.length && shouldNotShow === false > 0 (...)}Pedantically, this is JSX, not pure JavaScript, but the rules still apply.
So, fun fact in JavaScript: true > 0 is true, and false > 0 is false. Which generally makes sense, but why would you use that here? But this code is worse than it looks, thanks to operator precedence.
The highest precedence operation is the optional chain- arr?.length. The second highest operation? >. So the first part of the comparison that evaluates is false > 0. Which is false. Do you know what's next? ===. So we compare shouldNotShow to false. Then we && that with the potentially falsy value from our arr?.length.
It's all a mess, and it's all so we can compare against false, which we could have just done with a ! operator. !(arr?.length && shouldNotShow).
Our submitter credits this to an offshore team, and this does have the vibe of throwing characters at the problem until it passes the test. Less LLM-guided and more "manually executed Markov chain". That's also an accurate description of the rest of the code in this code base: hand crafted Markov chain generation.
[Advertisement] Plan Your .NET 9 Migration with ConfidenceYour journey to .NET 9 is more than just one decision.Avoid migration migraines with the advice in this free guide. Download Free Guide Now!
CodeSOD: Poly Means Many, After All
Capybara James sends us some code which is totally designed to be modular.
This particular software accepts many kinds of requests which it then converts into a request for a ListView. This is a perfect example of where to use polymorphism, so you can write one transform method that operates on any kind of request.
Let's see how they did it:
@Component public class ListViewTableRequestTransformer implements Function<TableExportRequest, ListViewRequest> { @Override public ListViewRequest apply(TableExportRequest request) { return new ListViewRequest(request.getFilters(), request.getRangeFilters(), request.getSearch(), request.getSort()); } } @Component public class ListViewFormulaRequestTransformer implements Function<FormulaExportRequest, ListViewRequest> { @Override public ListViewRequest apply(FormulaExportRequest request) { return new ListViewRequest(request.getFilters(), request.getRangeFilters(), request.getSearch(), request.getSort()); } }Now admittedly, my first instinct for letting generics just handle this wouldn't work in Java thanks to type erasure. My excuse is that I've been using C++ templates for too long. But what's not pictured in this code is that TableExportRequest and FormulaExportRequest both implement the same base interface, which means polymorphism could still condense this down into a single function: ListViewRequest apply(RequestInterface request).
Duplicated code like this is like cockroaches. You've seen two, which means there are many many more lurking in the codebase. All of the various request types get their own identical method, differing only in signature.
All my explanation doesn't sum this up as pithily as Capybara James did, however:
There was an attempt to make the code modular and scalable. An attempt I say.
CodeSOD: A Little Twisted
Dana sends us a WTF that'll turn your head. She was shopping for new hard drives, and was doing it from her phone, a fairly reasonable tool to use for online shopping these days. She opened the website of one vendor, and it was rotated 90 degrees. Or half-pi radians, for those of us that are more used to sensible units.
This was irrespective of any rotation settings on her phone, the website insisted on showing itself in landscape mode. This created quite the unusual appearance when she held her phone in portrait orientation: the browser chrome surrounding the content was in portrait mode, but the page itself was in landscape.
Obviously, this is a terrible design choice. But Dana wanted to know more. So she started digging in. There was no sign of this behavior on a desktop, which sure, I'd hope not. Attempting to use wget to download the page caused a 403. Using curl downloaded a JavaScript challenge. Fine, they didn't want bots, but Dana wasn't a bot.
Poking around in the network tab of the desktop browser's debugging tools helped Dana learn a few things. First: the line endings in the files were all CRLF, implying that all development happened on Windows machines. Maybe that's not interesting, but in 2026, it feels unusual. Second, the page is setting a PHPSESSID cookie, so clearly the backend is written in PHP. But most important, Dana is able to piece together what she needs to successfully use curl to download the page, once pretending to be a desktop browser, and once pretending to be a mobile browser. With that, she ran a diff to see what changed.
The desktop version started with 42 blank lines. The mobile version started with 41. The rest of the pages were substantially the same, with two exceptions. First, the mobile page also added a stylesheet called stylesheet-responsive.css. I assume that name was chosen because irony is dead; nothing about this site is responsive. Second, there was a subtle difference in the body tags.
You see, both pages had a body tag like this:
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">But the mobile page, continued from there:
<!-- header //--> <body id="landscape_mode_only" marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">Yes, the mobile version has two body tags.
Dana writes:
Even though I don't have access to the real PHP source-code, I can imagine what it looks like.
Somewhere in that PHP source-code there is browser-detection (or rather browser-sniffing) and that toggles if it should serve a slightly different HTML code to the user. I do not want to work for that website, I do not want to look at that backend source-code. And I have to feel sorry and respect for the browser developers, as they have to write software that can handle completely broken HTML.
While I hate the results, the fact that the HTML specification originally required clients to render even the most broken HTML is arguably a really good design choice. Expecting people to do the right thing never works out for you.
Let's not forget their "responsive" CSS, which is obviously worth looking at, even if it's obvious what it must be:
@media only screen and (orientation:portrait) { #landscape_mode_only { height:98vw; -webkit-transform:rotate(90deg); -moz-transform:rotate(90deg); -o-transform:rotate(90deg); -ms-transform:rotate(90deg); transform:rotate(90deg) } }This forces everything in the body to rotate sideways.
Look, actually responsive design is hard. But "just force the page into landscape mode no matter what the user does" is definitely not the solution.
And Dana points out one last thing:
As a cherry on the top, observe how the comment that marks the end of the header is placed after the <body> starts. Which is wrong already, but also stupid, because </head> already marks the end of the head. And the head is not really the header.
Error'd: @#$%^!!
Here's a weird email but IMO the erorr is just the odd strikethrough. Bill T. explains: "From my Comcast email spam folder. It was smart enough to detect it was spam, but... spam from a trusted sender? And either the delivery truck is an emoji (possible), an embedded image (maybe?), or Comcast is not actually blocking external images." I'd like to see the actual email, could you forward it to us? My guess is that we're seeing a rare embedded image. Since embedding images was the whole point of MIME in the first place, I have found it odd that they're so so hard to construct with typical marketing mass mailers, and I almost never receive them.
The WTFs are heating up for Peter G. . Or cooling off. It's one or the other. "Fiji seems to be experiencing a run of temperature inversions. Must be something to do with climate change. "
Back with a followup, dragoncoder047 has a plan to rule the world. "I was looking up some closed-loop stepper motors for a robotics project when StepperOnline gave me this error message. Evidently they don't think my project is a good idea. "
"My %@ package is missing!" ranted Orion S. "After spending the day restoring my system, I can offer alternatives such as the "@&*% you!" package."
Soon-to-be journalist Marc Würth buries the lede: "Not really looking for a job but that is certainly a rare opening." Okay, but what I really want to know is what that Slashdot article is about. Do I even have a Slashdot account still? Why, yes I do.
CodeSOD: Awaiting A Reaction
Today's Anonymous submitter sends us some React code. We'll look at the code and then talk about the WTF:
// inside a function for updating checkboxes on a page if (!e.target.checked) { const removeIndex = await checkedlist.findIndex( (sel) => sel.Id == selected.Id, ) const removeRowIndex = await RowValue.findIndex( (sel) => sel == Index, ) // checkedlist and RowValue are both useState instances.... they should never be modified directly await checkedlist.splice(removeIndex, 1) await RowValue.splice(removeRowIndex, 1) // so instead of doing above logic in the set state, they dont setCheckedlist(checkedlist) setRow(RowValue) } else { if (checkedlist.findIndex((sel) => sel.Id == selected.Id) == -1) { await checkedlist.push(selected) } // same, instead of just doing a set state call, we do awaits and self updates await RowValue.push(Index) setCheckedlist(checkedlist) setRow(RowValue) }Comments were added by our submitter.
This code works. It's the wrong approach for doing things in React: modifying objects controlled by react, instead of using the provided methods, it's doing asynchronous push calls. Without the broader context, it's hard to point out all the other ways to do this, but honestly, that's not the interesting part.
I'll let our submitter explain:
This code is black magic, because if I update it, it breaks everything. Somehow, this is working in perfect tandem with the rest of the horrible page, but if I clean it up, it breaks the checkboxes; they're no longer able to be clicked. Its forcing React somehow to update asynchronously so it can use these updated values correctly, but thats the neat part, they aren't even being used anywhere else, but somehow the re-rendering page only accepts awaits. I've tried refactoring it 5 different ways to no avail
That's what makes truly bad code. Code so bad that you can't even fix it without breaking a thousand other things. Code that you have to carefully, slowly, pick through and gently refactor, discovering all sorts of random side-effects that are hidden. The code so bad that you actually have to live with it, at least for awhile.
CodeSOD: All Docked Up
Aankhen has a peer who loves writing Python scripts to automate repetitive tasks. We'll call this person Ernest.
Ernest was pretty proud of some helpers he wrote to help him manage his Docker containers. For example, when he wanted to stop and remove all his running Docker containers, he wrote this script:
#!/usr/bin/env python import subprocess subprocess.run("docker kill $(docker ps -q)", shell=True) subprocess.run("docker rm $(docker ps -a -q)", shell=True)He aliased this script to docker-stop, so that with one command he could… run two.
"Ernest," Aankhen asked, "couldn't this just be a bash script?"
"I don't really know bash," Ernest replied. "If I just do it in bash, if the first command fails, the second command doesn't run."
Aankhen pointed out that you could make bash not do that, but Ernest replied: "Yeah, but I always forget to. This way, it handles errors!"
"It explicitly doesn't handle errors," Aankhen said.
"Exactly! I don't need to know when there are no containers to kill or remove."
"Okay, but why not use the Docker library for Python?"
"What, and make the software more complicated? This has no dependencies!"
Aankhen was left with a sinking feeling: Ernest was either the worst developer he was working with, or one of the best.
CodeSOD: To Shutdown You Must First Shutdown
Every once in awhile, we get a bit of terrible code, and our submitter also shares, "this isn't called anywhere," which is good, but also bad. Ernesto sends us a function which is called in only one place:
/// /// Shutdown server /// private void shutdownServer() { shutdownServer(); }The "one place", obviously, is within itself. This is the Google Search definition of recursion, where each recursive call is just the original call, over and over again.
This is part of a C# service, and this method shuts down the server, presumably by triggering a stack overflow. Unless C# has added tail calls, anyway.
Anti-Simplification
Our anonymous submitter relates a tale of simplification gone bad. As this nightmare unfolds, imagine the scenario of a new developer coming aboard at this company. Imagine being the one who has to explain this setup to said newcomer.
Imagine being the newcomer who inherits it.
David's job should have been an easy one. His company's sales data was stored in a database, and every day the reporting system would query a SQL view to get the numbers for the daily key performance indicators (KPIs). Until the company's CTO, who was proudly self-taught, decided that SQL views are hard to maintain, and the system should get the data from one of those new-fangled APIs instead.
But how does one call an API? The reporting system didn't have that option, so the logical choice was Azure Data Factory to call the API, then output the data to a file that the reporting system could read. The only issue was that nobody on the team spoke Azure Data Factory, or for that matter SQL. But no problem, one of David's colleagues assured, they could do all the work in the best and most multifunctional language ever: C#.
But you can't just write C# in a data factory directly, that would be silly. What you can do is have the data factory pipeline call an Azure function, which calls a DLL that contains the bytecode from C#. Oh, and a scheduler outside of the data factory to run the pipeline. To read multiple tables, the pipeline calls a separate function for each table. Each function would be based on a separate source project in C#, with 3 classes each for the HTTP header, content, and response; and a separate factory class for each of the actual classes.
After all, each table had a different set of columns, so you can't just re-use classes for that.
There was one little issue: the reporting system required an XML file, whereas the API would export data in JSON. It would be silly to expect a data factory, of all things, to convert this. So the CTO's solution was to have another C# program (in a DLL called by a function from a pipeline from an external scheduler) that reads the JSON document saved by the earlier program, uses foreach to go over each element, then saves the result as XML. A distinct program for each table, of course, requiring distinct classes for header, content, response, and factories thereof.
Now here's the genius part: to the C# class representing the output data, David's colleague decided to attach one different object for each input table required. The data class would use reflection to iterate over the attached objects, and for each object, use a big switch block to decide which source file to read. This allows the data class to perform joins and calculations before saving to XML.
To make testing easier, each calculation would be a separate function call. For example, calculating a customer's age was a function taking struct CustomerWithBirthDate as input, use a foreach loop to copy all the data except replacing one field, and return a CustomerWithAge struct to pass to the next function. The code performed a bit slowly, but that was an issue for a later year.
So basically, the scheduler calls the data factory, which calls a set of Azure functions, which call a C# function, which calls a set of factory classes to call the API and write the data to a text file. Then, the second scheduler calls a data factory, which calls Azure functions, which call C#, which calls reflection to check attachment classes, which read the text files, then call a series of functions for each join or calculation, then call another set of factory classes to write the data to an XML file, then call the reporting system to update.
Easy as pie, right? So where David's job could have been maintaining a couple hundred lines of SQL views, he instead inherited some 50,000 lines of heavily-duplicated C# code, where adding a new table to the process would easily take a month.
Or as the song goes, Somebody Told Me the User Provider should use an Adaptor to Proxy the Query Factory Builder ...
Error'd: That's What I Want
First up with the money quote, Peter G. remarks "Hi first_name euro euro euro, look how professional our marketing services are! "
"It takes real talent to mispell error" jokes Mike S. They must have done it on purpose.
I long wondered where the TikTok profits came from, and now I know. It's Daniel D. "I had issues with some incorrectly documented TikTok Commercial Content API endpoints. So I reached out to the support. I was delighted to know that it worked and my reference number was . PS: 7 days later I still have not been contacted by anyone from TikTok. You can see their support is also . "
Fortune favors the prepared, and Michael R. is very fortunate. "I know us Germans are known for planning ahead so enjoy the training on Friday, February 2nd 2029. "
Someone other than dragoncoder047 might have shared this earlier, but this time dragoncoder047 definitely did. "Digital Extremes (the developers of Warframe) were making many announcements of problems with the new update that rolled out today [February 11]. They didn’t mention this one!"
[Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.
CodeSOD: Qaudruple Negative
We mostly don't pick on bad SQL queries here, because mostly the query optimizer is going to fix whatever is wrong, and the sad reality is that databases are hard to change once they're running; especially legacy databases. But sometimes the code is just so hamster-bowling-backwards that it's worth looking into.
Jim J has been working on a codebase for about 18 months. It's a big, sprawling, messy project, and it has code like this:
AND CASE WHEN @c_usergroup = 50 AND NOT EXISTS(SELECT 1 FROM l_appl_client lac WHERE lac.f_application = fa.f_application AND lac.c_linktype = 840 AND lac.stat = 0 AND CASE WHEN ISNULL(lac.f_client,0) <> @f_client_user AND ISNULL(lac.f_c_f_client,0) <> @f_client_user THEN 0 ELSE 1 END = 1 ) THEN 0 ELSE 1 END = 1 -- 07.09.2022We'll come back to what it's doing, but let's start with a little backstory.
This code is part of a two-tier application: all the logic lives in SQL Server stored procedures, and the UI is a PowerBuilder application. It's been under development for a long time, and in that time has accrued about a million lines of code between the front end and back end, and has never had more than 5 developers working on it at any given time. The backlog of feature requests is nearly as long as the backlog of bugs.
You may notice the little date comment in the code above. That's because until Jim joined the company, they used Visual Source Safe for version control. Visual Source Safe went out of support in 2005, and let's be honest: even when it was in support it barely worked as a source control system. And that's just the Power Builder side- the database side just didn't use source control. The source of truth was the database itself. When going from development to test to prod, you'd manually export object definitions and run the scripts in the target environment. Manually. Yes, even in production. And yes, environments did drift and assumptions made in the scripts would frequently break things.
You may also notice the fields above use a lot of Hungarian notation. Hungarian, in the best case, makes it harder to read and reason about your code. In this case, it's honestly fully obfuscatory. c_ stands for a codetable, f_ for entities. l_ is for a many-to-many linking table. z_ is for temporary tables. So is x_. And t_. Except not all of those "temporary" tables are truly temporary, a lesson Jim learned when trying to clean up some "junk" tables which were not actually junk.
I'll let Jim add some more detail around these prefixes:
an "application" may have a link to a "client", so there is an f_client field; but also it references an "agent" (which is also in the f_client table, surpise!) - this is how you get an f_c_f_client field. I have no clue why the prefix is f_c_ - but I also found c_c_c_channel and fc4_contact columns. The latter was a shorthand for f_c_f_c_f_c_f_contact, I guess.
"f_c_f_c_f_c_f_c" is also the sound I'd make if I saw this in a codebase I was responsible for. It certainly makes me want to change the c_c_c_channel.
With all this context, let's turn it back over to Jim to explain the code above:
And now, with all this background in mind, let's have a look at the logic in this condition. On the deepest level we check that both f_client and f_c_f_client are NOT equal to @f_client_user, and if this is the case, we return 0 which is NOT equal to 1 so it's effectively a negation of the condition. Then we check that records matching this condition do NOT EXIST, and when this is true - also return 0 negating the condition once more.
Honestly, the logic couldn't be clearer, when you put it that way. I jest, I've read that twelve times and I still don't understand what this is for or why it's here. I just want to know who we can prosecute for this disaster. The whole thing is a quadruple negative and frankly, I can't handle that kind of negativity.
.comment { border: none; }CodeSOD: Repeating Your Existence
Today's snippet from Rich D is short and sweet, and admittedly, not the most TFs of WTFs out there. But it made me chuckle, and sometimes that's all we need. This Java snippet shows us how to delete a file:
if (Files.exists(filePath)) { Files.deleteIfExists(filePath); }If the file exists, then if it exists, delete it.
This commit was clearly submitted by the Department of Redundancy Department. One might be tempted to hypothesize that there's some race condition or something that they're trying to route around, but if they are, this isn't the way to do it, per the docs: "Consequently this method may not be atomic with respect to other file system operations." But also, I fail to see how this would do that anyway.
The only thing we can say for certain about using deleteIfExists instead of delete is that deleteIfExists will never throw a NoSuchFileException.
[Advertisement] Plan Your .NET 9 Migration with ConfidenceYour journey to .NET 9 is more than just one decision.Avoid migration migraines with the advice in this free guide. Download Free Guide Now!
CodeSOD: Blocked Up
Agatha has inherited some Windows Forms code. This particular batch of such code falls into that delightful category of code that's wrong in multiple ways, multiple times. The task here is to disable a few panels worth of controls, based on a condition. Or, since this is in Spanish, "bloquear controles". Let's see how they did it.
private void BloquearControles() { bool bolBloquear = SomeConditionTM; // SomeConditionTM = a bunch of stuff. Replaced for clarity. // Some code. Removed for clarity. // private System.Windows.Forms.Panel pnlPrincipal; foreach (Control C in this.pnlPrincipal.Controls) { if (C.GetType() == typeof(System.Windows.Forms.TextBox)) { C.Enabled = bolBloquear; } if (C.GetType() == typeof(System.Windows.Forms.ComboBox)) { C.Enabled = bolBloquear; } if (C.GetType() == typeof(System.Windows.Forms.CheckBox)) { C.Enabled = bolBloquear; } if (C.GetType() == typeof(System.Windows.Forms.DateTimePicker)) { C.Enabled = bolBloquear; } if (C.GetType() == typeof(System.Windows.Forms.NumericUpDown)) { C.Enabled = bolBloquear; } } // private System.Windows.Forms.GroupBox grpProveedor; foreach (Control C1 in this.grpProveedor.Controls) { if (C1.GetType() == typeof(System.Windows.Forms.TextBox)) { C1.Enabled = bolBloquear; } if (C1.GetType() == typeof(System.Windows.Forms.ComboBox)) { C1.Enabled = bolBloquear; } if (C1.GetType() == typeof(System.Windows.Forms.CheckBox)) { C1.Enabled = bolBloquear; } if (C1.GetType() == typeof(System.Windows.Forms.DateTimePicker)) { C1.Enabled = bolBloquear; } if (C1.GetType() == typeof(System.Windows.Forms.NumericUpDown)) { C1.Enabled = bolBloquear; } } // private System.Windows.Forms.GroupBox grpDescuentoGeneral; foreach (Control C2 in this.grpDescuentoGeneral.Controls) { if (C2.GetType() == typeof(System.Windows.Forms.TextBox)) { C2.Enabled = bolBloquear; } if (C2.GetType() == typeof(System.Windows.Forms.ComboBox)) { C2.Enabled = bolBloquear; } if (C2.GetType() == typeof(System.Windows.Forms.CheckBox)) { C2.Enabled = bolBloquear; } if (C2.GetType() == typeof(System.Windows.Forms.DateTimePicker)) { C2.Enabled = bolBloquear; } if (C2.GetType() == typeof(System.Windows.Forms.NumericUpDown)) { C2.Enabled = bolBloquear; } } // Some more code. Removed for clarity. }This manages two group boxes and a panel. It checks a condition, then iterates across every control beneath it, and sets their enabled property on the control. In order to do this, it checks the type of the control for some reason.
Now, a few things: every control inherits from the base Control class, which has an Enabled property, so we're not doing this check to make sure the property exists. And every built-in container control automatically passes its enabled/disabled state to its child controls. So there's a four line version of this function where we just set the enabled property on each container.
This leaves us with two possible explanations. The first, and most likely, is that the developer responsible just didn't understand how these controls worked, and how inheritance worked, and wrote this abomination as an expression of that ignorance. This is extremely plausible, extremely likely, and honestly, our best case scenario.
Because our worse case scenario is that this code's job isn't to disable all of the controls. The reason they're doing type checking is that there are some controls used in these containers that don't match the types listed. The purpose of this code, then, is to disable some of the controls, leaving others enabled. Doing this by type would be a terrible way to manage that, and is endlessly confusing. Worse, I can't imagine how this behavior is interpreted by the end users; the enabling/disabling of controls following no intuitive pattern, just filtered based on the kind of control in use.
The good news is that Agatha can point us towards the first option. She adds:
They decided to not only disable the child controls one by one but to check their type and only disable those five types, some of which aren't event present in the containers. And to make sure this was WTF-worthy the didn't even bother to use else-if so every type is checked for every child control
She also adds:
At this point I'm not going to bother commenting on the use of GetType() == typeof() instead of is to do the type checking.
Bad news, Agatha: you did bother commenting. And even if you didn't, don't worry, someone would have.
.comment { border: none; } [Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.CodeSOD: Popping Off
Python is (in)famous for its "batteries included" approach to a standard library, but it's not that notable that it has plenty of standard data structures, like dicts. Nor is in surprising that dicts have all sorts of useful methods, like pop, which removes a key from the dict and returns its value.
Because you're here, reading this site, you'll also be unsurprised that this doesn't stop developers from re-implementing that built-in function, badly. Karen sends us this:
def parse_message(message): def pop(key): if key in data: result = data[key] del data[key] return result return '' data = json.loads(message) some_value = pop("some_key") # <snip>...multiple uses of pop()...</snip>Here, they create an inner method, and they exploit variable hoisting. While pop appears in the code before data is declared, all variable declarations are "hoisted" to the top. When pop references data, it's getting that from the enclosing scope. Which while this isn't a global variable, it's still letting a variable cross between two scopes, which is always messy.
Also, this pop returns a default value, which is also something the built-in method can do. It's just the built-in version requires you to explicitly pass the value, e.g.: some_value = data.pop("some_key", "")
Karen briefly wondered if this was a result of the Python 2 to 3 conversion, but no, pop has been part of dict for a long time. I wondered if this was just an exercise in code golf, writing a shorthand function, but even then- you could just wrap the built-in pop with your shorthand version (not that I'd recommend such a thing). No, I think the developer responsible simply didn't know the function was there, and just reimplemented a built-in method badly, as so often happens.
.comment { border: none;} [Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.Error'd: Perverse Perseveration
Pike pike pike pike Pike pike pike.
Lincoln KC repeated "I never knew Bank of America Bank of America Bank of America was among the major partners of Bank of America."
"Extra tokens, or just a stutter?" asks Joel "An errant alt-tab caused a needless google search, but thankfully Gemini's AI summary got straight-to-the-point(less) info. It is nice to see the world's supply of Oxford commas all in once place. "
Alessandro M. isn't the first one to call us out on our WTFs. "It’s adorable how the site proudly supports GitHub OAuth right up until the moment you actually try to use it. It’s like a door with a ‘Welcome’ sign that opens onto a brick wall." Meep meep.
Float follies found Daniel W. doubly-precise. "Had to go check on something in M365 Admin Center, and when I was on the OneDrive tab, I noticed Microsoft was calculating back past the bit. We're in quantum space at this point."
Weinliebhaber Michael R. sagt "Our German linguists here will spot the WTF immediately where my local wine shop has not. Weiẞer != WEIBER. Those words mean really different things." Is that 20 euro per kilo, or per the piece?
CodeSOD: The Counting Machine
Industrial machines are generally accompanied by "Human Machine Interfaces", HMIs. This is industrial slang for a little computerized box you use to control the industrial machine. All the key logic and core functionality and especially the safety functionality is handled at a deeper computer layer in the system. The HMI is just buttons users can push to interact with the machine.
Purchasers of those pieces of industrial equipment often want to customize that user interface. They want to guide users away from functions they don't need, or make their specific workflow clear, or even just brand the UI. This means that the vendor needs to publish an API for their HMI.
Which brings us to Wendy. She works for a manufacturing company which wants to customize the HMI on a piece of industrial equipment in a factory. That means Wendy has been reading the docs and poking at the open-sourced portions of the code, and these raise more questions than they answer.
For example, the HMI's API provides its own set of collection types, in C#. We can wonder why they'd do such a thing, which is certainly a WTF in itself, but this representative line raises even more questions than that:
Int32 Count { get; set; }What happens if you use the public set operation on the count of items in a collection? I don't know. Wendy doesn't either, as she writes:
I'm really tempted to set the count but I fear the consequences.
All I can hear in my head when I think about "setting the Count" is: "One! One null reference exception! Two! TWO null reference exceptions! HA HA HA HA!"
By http://muppet.wikia.com/wiki/Count_von_Count
CodeSOD: Safegaurd Your Comments
I've had the misfortune of working in places which did source-control via comments. Like one place which required that, with each section of code changed, you needed to add a comment with your name, the ticket number, and the reason the change was made. You know, the kind of thing you can just get from your source control service.
In their defense, that policy was invented for mainframe developers and then extended to everyone else, and their source control system was in Visual Source Safe. VSS was a) terrible, and b) a perennial destroyer of history, so maybe they weren't entirely wrong and VSS was the real WTF. I still hated it.
In any case, Alice's team uses more modern source control than that, which is why she's able to explain to us the story of this function:
public function calculateMassGrossPay(array $employees, Payroll $payroll): array { // it shouldn't enter here, but if it does by any change, do nth return []; }Once upon a time, this function actually contained logic, a big pile of fairly complicated logic. Eventually, a different method was created which streamlined the functionality, but had a different signature and logic. All the callers were updated to use that method instead- by commenting out the line which called this one. This function had a comment added to the top: // it shouldn't enter here.
Then, the body of this function got commented out, and the return was turned into an empty array. The comment was expanded to what you see above. Then, eventually, the commented-out callers were all deleted. Years after that, the commented out body of this function was also deleted, leaving behind the skeleton you see here.
This function is not referenced anywhere else, not even in a comment. It's truly impossible for code to "enter here".
Alice writes: "Version control by commented out code does not work very well."
Indeed, it does not.
.comment { border: none; }Representative Line: Years Go By
Henrik H's employer thought they could save money by hiring offshore, and save even more money by hiring offshore junior developers, and save even more money by basically not supervising them at all.
Henrik sends us just one representative line:
if (System.DateTime.Now.AddDays(-365) <= f.ReleaseDate) // 365 days means one yearI appreciate the comment, that certainly "helps" explain the magic number. There's of course, just one little problem: It's wrong. I mean, ~75% of the time, it works every time, but it happily disregards leap years. Which may or may not be a problem in this case, but if they got so far as learning about the AddDays method, they were inches from using AddYears.
I guess it's true what they say: you can lead a dev to docs, but you can't make them think.
[Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.WTF: Home Edition
The utility closet Ellis had inherited and lived with for 17 years had been a cesspool of hazards to life and limb, a collection of tangible WTFs that had everyone asking an uncaring god, "What were they thinking?"
Every contractor who'd ever had to perform any amount of work in there had come away appalled. Many had even called over their buddies to come and see the stunning mess for themselves:
- All of the electrical components, dating from the 1980s, were scarily underpowered for what they were supposed to be powering.
- To get to the circuit breaker box—which was unlabeled, of course—one had to contort themselves around a water heater almost as tall as Ellis herself.
- As the house had no basement, the utility closet was on the first floor in an open house plan. A serious failure with said water heater would've sent 40 gallons (150 liters) of scalding-hot tsunami surging through the living room and kitchen.
- The furnace's return air vent had been screwed into crumbling drywall, and only prayers held it in place. Should it have fallen off, it would never have been replaceable. And Ellis' cat would've darted right in there for the adventure of a lifetime.
- To replace the furnace filter, Ellis had to put on work gloves, unscrew a sharp sheet-metal panel from the side of the furnace, pull the old filter out from behind a brick (the only thing holding it in place), manipulate the filter around a mess of water and natural gas pipes to get it out, thread the new filter in the same way, and then secure it in place with the brick before screwing the panel back on. Ellis always pretended to be an art thief in a museum, slipping priceless paintings around security-system lasers.
- Between the water tank, furnace, water conditioning unit, fiber optical network terminal, and router, there was barely room to breathe, much less enough air to power ignition for the gas appliances. Some genius had solved this by cutting random holes in several walls to admit air from outside. One of these holes was at floor-level. Once, Ellis opened the closet door to find a huge puddle on the floor, making her fear her hot water heater was leaking. As it turned out, a power-washing service had come over earlier that day. When they'd power-washed the exterior of her home, some of that water shot straight through one of those holes she hadn't known about, giving her utility closet a bonus bath.
- If air intake was a problem, venting the appliances' exhaust was an even worse issue. The sheet-metal vents had calcified and rusted over time. If left unaddressed, holes could've formed that would've leaked carbon monoxide into Ellis' house.
Considering all the above, plus the fact that the furnace and air conditioner were coming up on 20 years of service, Ellis couldn't put off corrective action any longer. Last week, over a span of 3 days, contractors came in to exorcise the demons:
- Upgrading electricals that hadn't already been dealt with.
- Replacing the hot water tank with a wall-mounted tankless heater.
- Replacing the furnace and AC with a heat pump and backup furnace, controlled by a new thermostat.
- Creating new pipes for intake and venting (no more reliance on indoor air for ignition).
- Replacing the furnace return air vent with a sturdier one.
- Putting a special hinged door on the side of the furnace, allowing the filter to be replaced in a matter of seconds (RIP furnace brick).
With that much work to be done, there were bound to be hiccups. For instance, when the Internet router was moved, an outage occurred: for no good reason, the optical network terminal refused to talk to Ellis' Wifi router after powering back up. A technician came out a couple days later, reset the Internet router, and everything was fine again.
All in all, it was an amazing and welcome transformation. As each new update came online, Ellis was gratefully satisfied. It seemed as though the demons were finally gone.
Unbeknownst to them all, there was one last vengeful spirit to quell, one final WTF that it was hell-bent on doling out.
It was late Friday afternoon. Despite the installers' best efforts, the new thermostat still wasn't communicating with the new heat pump. Given the timing, they couldn't contact the company rep to troubleshoot. However, the thermostat was properly communicating with the furnace. And so, Ellis was left with the furnace for the weekend. She was told not to mess with the thermostat at all except to adjust the set point as desired. They would follow back up with her on Monday.
For Ellis, that was perfectly fine. With the historically cold winter they'd been enduring in her neck of the woods, heat was all she cared about. She asked whom to contact in case of any issues, and was told to call the main number. With all that squared away, she looked forward to a couple of quiet, stress-free days before diving back into HVAC troubleshooting.
Everything was fine, until it wasn't. Around 11AM on Saturday, Ellis noticed that the thermostat displayed the word "Heating" while the furnace wasn't actually running. Maybe it was about to turn on? 15 minutes went by, then half an hour. Nothing had changed except for the temperature in her house steadily decreasing.
Panic set in at the thought of losing heat in her home indefinitely. That fell on top of a psyche that was already stressed out and emotionally exhausted from the last several days' effort. Struggling for calm, Ellis first tried to call that main number line for help as directed. She noticed right away that it wasn't a real person on the other end asking for her personal information, but an AI agent. The agent informed her that the on-call technician had no availablity that weekend. It would pencil her in for a service appointment on Monday. How did that sound?
"Not good enough!" Ellis cried. "I wanna speak to a representative!"
"I understand!" replied the blithe chatbot. "Hold on, let me transfer you!"
For a moment, Ellis was buoyed with hope. She'd gotten past the automated system. Soon, she'd be talking with a live person who might even be able to walk her through troubleshooting over the phone.
The new agent answered. Ellis began pouring her heart out—then stopped dead when she realized it was another AI agent, this time with a male voice instead of a female one. This one proceeded through nearly the same spiel as the first. It also scheduled her for a Monday service appointment even though the other chatbot had already claimed to have done so.
This was the first time an AI had ever pulled such a trick on Ellis. It was not a good time for it. Ellis hung up and called the only other person she could think to contact: her sales rep. When he didn't answer, she left a voicemail and texts: no heat all weekend was unacceptable. She would really appreciate a call back.
While playing the horrible waiting game, Ellis tried to think about what she could do to fix this. They had told her not to mess with the thermostat. Well, from what she could see, the thermostat was sending a signal to the furnace that the furnace wasn't responding to for whatever reason. It was time to look at the docs. Fortunately, the new furnace's manual was resting right on top of it. She spread it open on her kitchen table.
OK, Ellis thought, this newfangled furnace has an LED display which displays status codes. Her old furnace had lacked such a thing. Lemme find that.
Inside her newly remodeled utility closet, she located the blinking display, knelt, and spied the code: 1dL. Looking that up in the doc's troubleshooting section, she found ... Normal Operation. No action.
The furnace was OK, then? Now what?
Aside from documentation, another thing Ellis knew pretty well was tech support. She decided to break out the ol' turn-it-off-and-on-again. She shut off power to both the furnace and thermostat, waited a few minutes, then switched everything back on, crossing her fingers.
No change. The indoor temperature kept dropping.
Her phone rang: the sales rep. He connected her with the on-call technician for that weekend, who fortunately was able to arrive at her house within the hour.
One tiny thermostat adjustment later, and Ellis was enjoying a warm house once more.
What had happened?
This is where an understanding of heat pumps comes into play. In this configuration, the heat pump is used for cooling and for heating, unless the outside temperature gets very cold. At that point, the furnace kicks in, which is more efficient. (Technology Connections has some cool videos about this if you're curious.)
Everything had been running fine for Ellis while the temperatures had remained below freezing. The problem came when, for the first time in approximately 12 years, the temperature rose above 40F (4C). At that point, the new thermostat decided, without telling Ellis, I'm gonna tell the HEAT PUMP to heat the joint!
... which couldn't do anything just then.
Workaround: the on-call technician switched the thermostat to an emergency heat mode that used the furnace no matter what.
Ellis had been told not to goof around with the thermostat. Even if she had, as a heat pump neophyte, she wouldn't have known to go looking for such a setting. She might've dug it up in a manual. Someone could've walked her through it over the phone. Oh, well. There is heat again, which is all that matters.
They will attempt to bring the heat pump online soon. We shall see if the story ends here, or if this becomes The WTF That Wouldn't Die.
P.S. When Ellis explained the AI answering service's deceptive behavior, she was told that the agent had been universally complained about ever since they switched to it. Fed up, they told Ellis they're getting rid of it. She feels pretty chuffed about more people seeing the light concerning garbage AI that creates far more problems than it solves.
ul { list-style-type:disc; line-height:150%; margin-left: 3em; }Error'd: Three Blinded Mice
...sent us five wtfs. And so on anon.
Item the first, an anon is "definitely not qualified" for this job. "These years of experience requirements are getting ridiculous."
Item the second unearthed by a farmanon has a loco logo. "After reading about the high quality spam emails which are indistinguishable from the company's emails, I got one from the spammer just starting his first day."
In thrid place, anon has only good things to say: "I'm liking their newsletter recommendations so far."
"A choice so noice, they gave it twoice," quipped somebody.
And foinally, a tdwtfer asks "I've seen this mixmastered calendering on several web sites. Is there an OSS package that is doing this? Or is it a Wordpress plugin?" I have a sneaking suspicion I posted this before. Call me on it.
CodeSOD: Terned Backwards
Antonio has an acquaintance has been seeking career advancement by proactively hunting down and fixing bugs. For example, in one project they were working on, there was a bug where it would incorrectly use MiB for storage sizes instead of MB, and vice-versa.
We can set aside conspiracy theories about HDD and RAM manufacturers lying to us about sizes by using MiB in marketing. It isn't relevant, and besides, its not like anyone can afford RAM anymore, with crazy datacenter buildouts. Regardless, which size to use, the base 1024 or base 1000, was configurable by the user, so obviously there was a bug handling that flag. Said acquaintance dug through, and found this:
const baseValue = useSI ? 1000 : 1024;I know I have a "reputation" when it comes to hating ternaries, but this is a perfectly fine block of code. It is also correct: if you're using SI notation, you should do base 1000.
Now, given that this code is correct, you or I might say, "Well, I guess that isn't the bug, it must be somewhere else." Not this intrepid developer, who decided that they could fix it.
// const baseValue = useSI ? 1000 : 1024; baseValue = 1024 if (useSI === false) { baseValue = 1000; } if (useSI === true) { baseValue = 1024; }It's rather amazing to see a single, correct line, replaced with ten incorrect lines, and I'm counting commenting out the correct line as one of them.
First, this doesn't correctly declare baseValue, which JavaScript is pretty forgiving about, but it also discards constness. Of course, you have to discard constness now that you've gotten rid of the ternary.
Then, our if statement compares a boolean value against a boolean literal, instead of simply if(!useSI). We don't use an else, despite an else being absolutely correct. Or actually, since we defaulted baseValue, we don't even need an else!
But of course, all of that is just glitter on a child's hand-made holiday card. The glue holding it all together is that this code just flips the logic. If we're not using SI, we set baseValue to 1000, and if we are using SI, we set it to 1024. This is wrong. This is the opposite of what the code says we should do, what words mean, and how units work.