Article 5BNVM CodeSOD: Drop into the Deep End

CodeSOD: Drop into the Deep End

by
Remy Porter
from The Daily WTF on (#5BNVM)

Would you like to guarantee your project ends up on this site? Antoon's employer has a surefire technique. First, hire a freshly graduated architect with no programming experience. Second, chuck them into a project in a programming language they don't know. Third, give them absolutely no supervision and no guidance or support, and watch what happens.

<?phpfunction copy_tables($table1, $table2, $copy, $size, $link, $action, $testOper){global $link; //global so we can retrieve it in the fuction "update"global $result;global $timezone;$result[1] = $copy;if ($size = 'EXIST'){$queryz0 = "drop table if exists $table1";$requestz0 = db_query($queryz0, $link) or error_log("copy_tables *** $table1 : Error in the execution of request z0", db_error() , $action, $testOper) . "\n";if ($result[1] == "error"){exit;}$queryz1 = "create table $table1 LIKE $table2";$requestz1 = db_query($queryz1, $link) or error_log("copy_tables *** $table1 : Error in the execution of request z1", db_error() , $action, $testOper) . "\n";if ($result[1] == "error"){exit;}}elseif ($size = 'NOTEXIST'){$queryz2 = "create table if not exists $table1 LIKE $table2";$requestz2 = db_query($queryz2, $link) or error_log("copy_tables *** $table1 : Error in the execution of request z2", db_error() , $action, $testOper) . "\n";if ($result[1] == "error"){exit;}}$queryz3 = "insert $table1 select * from $table2";$requestz3 = db_query($queryz3, $link) or error_log("copy_tables *** $table1 : Error in the execution of request z3", db_error() , $action, $testOper) . "\n";if ($result[1] == "error"){exit;}}?>

The WTF, of course, is less the code itself, and more the process which lead to it, but there are things in this code which terrify me. I never want to see a DROP TABLE just sorta chucked into the middle of a SQL injection vulnerability. Having the connection string in a global $link variable doesn't bother me, but why is $result an array? What is $copy? Why might it be "error", and why do we drop the table before checking if that's an error? And why is the variable that can be either "EXIST" or "NOTEXIST" called $size? Wait, let's go back to $result, because I just realized that db_query must be a wrapper and it also uses the $result global variable to store anything that happens. But also it returns a value if it succeeds or fails and...

Sorry. The more time I spend looking at this code, the worse I feel about the experience. Again, I don't fault the underqualified developer, I fault the organization which put them in a position they were guaranteed to fail. If anything, they should be proud that they failed in such a stomach-churning way. Better that than being boring.

buildmaster-icon.png [Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how! TheDailyWtf?d=yIl2AUoC8zA4lUA6FlYC-A
External Content
Source RSS or Atom Feed
Feed Location http://syndication.thedailywtf.com/TheDailyWtf
Feed Title The Daily WTF
Feed Link http://thedailywtf.com/
Reply 0 comments