O the irony
Today I've actually been doing a code review, so looking over these WTFs has not just been entertaining but educational and enlightening, as well. Indeed.
Check out the code. If you aren't technical, I will explain it below.
public void Authenticate( string username, string passhash )Ahem. Similar to the idiocy in this code, I actually once observed a programmer looping through a 100 entry array looking for a specific entry, but not exiting the loop once the desired entry was found. Sure, you get consistency--consistently slow.
{
SqlDataReader source = _Database.Query("SELECT * FROM users;");
while ( source.Read() )
{
if ( source["user"].ToString() == username
&& source["pass"].ToString() == passhash )
{
this.authenticated = true;
}
else
{
this.authenticated = false;
}
}
}
This code (as promised, I am explaining) reads the entire contents of a table, looking for the user/password combination in order to validate the user. If the table is small ... say 1 record ... then it's not too bad. Put a very large number of records in it and this routine slows to a crawl. Specifically, a table crawl, as these things are called.
Well, the fun doesn't end there. Once the desired entry is found he does not end the loop. He just keeps looking. So if the user isn't the last one, this routine always fails. Of course it's possible to just read 1 record from the database.
Reminds me of the old joke: Why do you always find something in the last place you look? Because only an idiot (or a programmer) would ever think to keep looking.
posted by Coogan @ 5:29 PM
1 comments
1 Comments:
This code is so pathetic in so many ways but the worst part is that you could just select the user you care about directly. SQL has had WHERE clauses since the 80s, I believe.
Then the rest of the code would work (although the while loop would be superfluous).
Where have all the good programmers gone?
Post a Comment
<< Home