CodeSOD: Classic WTF: Pure Eval
We close out our week with something evil. Someting... eval. Original. --Remy
When Jeff saw a line like this one, he knew there was something terribly wrong in the code he had inherited.
eval(Application("buildCommon").toString());
He wasn't sure what was more troubling- the way the Application variable was being used, or the fact that C#, as a compiled language, doesn't have an eval statement.
A brief trip to the Googles informed him that yes, some people did in fact wrap eval around the compiler. There were a depressing number of samples demonstrating how it could be done. Someplace, buried in his codebase, there was a function much like that.
Which was bad, but what was worse was how every other function in the application was built and maintained. By storing all of their class definitions as strings and compiling them at runtime, they could have an application that was more "flexible".
[Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!Application("commonFunctions") = openConnObj.toString() + "\xFF" + /***snip about 100 functions***/ closeConnObj.toString();Application("buildCommon") = "if (typeof(openConnObj) == 'undefined') {"+ "a = Application('commonFunctions').split('\xff');"+ "for (var nCnt = 0;nCnt < a.length;nCnt++)eval(a[nCnt]);};";