Article 6N4NV CodeSOD: A Serial Offender

CodeSOD: A Serial Offender

by
Remy Porter
from The Daily WTF on (#6N4NV)

Michael has a confession. Once upon a time, a very long time ago, he needed to write some JavaScript to serialize data and send it as part of a request. The challenge for Michael is that he didn't actually know JavaScript or what its built in functions could do and the task was already past the deadline by the time it got assigned to him.

function objectPrepareSave(){ for(var _a = 0; _a < aEditfields.length; _a++) { try { tinyMCE.execCommand('mceRemoveControl', false, aEditfields[_a]); } catch(err) { } } /* Basic Data */ var _out = "DATA:{"; _out += 'online="'+escape(getElementById("objOnline").checked)+'"'; _out += ';;ref="'+escape(getElementById("objRefnum").value)+'"'; _out += ';;name="'+escape(getElementById("objName").value)+'"'; //_out += ';;parent="'+escape(getElementById("objParent").value)+'"'; //_out += ';;rubric1="'+escape(getElementById("objRubric1").value)+'"'; //_out += ';;rubric2="'+escape(getElementById("objRubric2").value)+'"'; //_out += ';;rubric3="'+escape(getElementById("objRubric3").value)+'"'; _out += ';;category="'+escape(getElementById("objCat").value)+'"'; _out += ';;stars="'+escape(getElementById("objStars").value)+'"'; //_out += ';;isle="'+escape(getElementById("objIsle").value)+'"'; _out += ';;municipio="'+escape(getElementById("objMuni").value)+'"'; _out += ';;city="'+escape(getElementById("objCity").value)+'"'; //_out += ';;desc="'+escape(getElementById("objDesc").value)+'"'; _out += ';;sDesc="'+escape(getElementById("objSDesc").value)+'"'; //_out += ';;extra="'+escape(getElementById("objXtra").value)+'"'; _out += ';;addition="'+escape(getElementById("objAdd").value)+'"'; _out += ';;gifs="'+escape(getElementById("objPicList").innerHTML)+'"'; _out += '}'; /* Detail Data */ _out += "::DETAILS:{"; _out += 'null="null"'; var _tbl = getElementById("detailTable"); for(var _i = 1; _i < (_tbl.rows.length-1); _i++) { var _row = _tbl.rows[_i]; _out += ';;' + (_i - 1) + '="' + escape(_row.cells[1].textContent + ';' + _row.cells[2].lastChild.value) + '"'; } _out += '}'; /* Price Data */ _out += '::PRICE:{'; _out += 'null="null"'; _tbl = getElementById("priceTable"); for(var _i = 0; _i < _tbl.rows.length; _i++) { var _row = _tbl.rows[_i]; if(_row.cells.length == 1) { _out += ';;' + _i + '="' + escape(_row.cells[0].textContent) + '"'; } else { _out += ';;' + _i + '="'; var _o = ""; for(var _h = 0; _h < _row.cells.length; _h++) { _o += _row.cells[_h].textContent + ';'; } _o = substr(_o, 0, strlen(_o) - 1); _out += escape(_o) + '"'; } } _out += '}'; _out += '::TPL:{'; _out += 'null="null"'; _tbl = getElementById("tplTable"); var _index = 0; for(var _i = 0; _i < _tbl.rows.length; _i++) { var _row =_tbl.rows[_i]; if(_row.cells.length == 1) { _out += ';;' + _index + '_' + _row.id + '="'; } else { var _o = '<'+escape(_row.cells[0].textContent)+'>=<'; if(_row.cells[1].childNodes[0].tagName) { if(_row.cells[1].childNodes[0].tagName == "INPUT" || _row.cells[1].childNodes[0].tagName == "TEXTAREA") { _o += escape(_row.cells[1].childNodes[0].value); } } else { _o += escape(_row.cells[1].childNodes[0].nodeValue); } _o += '>'; _out += escape(escape(_o)); } _index++; } _out += '"}'; aEditfields = new Array(); return _out;}

The code is fairly simple, as such things go: iterate across a bunch of form fields and concatenate together a string that contains the serialized version. Performance is terrible, the data format is... unusual, and nobody wants to support this code.

Which means we don't need to punish Michael for writing it- he still supports it, which is punishment enough.

proget-icon.png [Advertisement] ProGet's got you covered with security and access controls on your NuGet feeds. Learn more.
External Content
Source RSS or Atom Feed
Feed Location http://syndication.thedailywtf.com/TheDailyWtf
Feed Title The Daily WTF
Feed Link http://thedailywtf.com/
Reply 0 comments