i'm getting headaches right now...

Hey it ain't that bad...

... Could be code from my company ;))

@010001111 worst thing is: this ain't legacy code... This is new stuff written NOW ... In 2019 ... In bloody joomla!!!!

Gilfoyle hits again

@scroach I can't even...
My first thought was 'lol you're stuck with legacy shit too, I'm not the only one, yay..'
Then I saw your comment.. is the person responsible by any chance a new hire? Might be my ex coworker, he loved to copy paste shit without fixing the variable namings and stuff.. o.O also not checking exactly what the copy pasted stuff did..

Well, the good thing is that this should be easy to coach him about and make him better!

@sladuled Nah ... Worse. It's from a project partner who is actually teacher at the university where I studied... And no I don't have any idea how that happened cause normally they should know and teach better... My eyes started bleeding when I saw this.

Looks easy to fix! Have a code review. Discuss what your standards are. Done. A lot better than code that doesn’t run.

@sheriffderek code with severe security vulnerabilities is worse than code that doesn't run.

@ItsNotMyFault having your hand cut off hurts.

Lol, kinda looks like a legacy project I've had to work on in the past

I had the same reaction as you did 😂 good luck and power through it man, bad code everywhere better get used to it and try to refactor when you have extra time

Also pay extra attention to documentation and update/create where necessary, your colleagues/future you will love you for it 😉

nits - hilarious. I am gonna name my pet nits.:)

I love how the doc comment for the function is demonstrating its uselessness by restating whats already there and failing to be up to date with the param name.

@dUcKtYpEd joooooomla

Why u shame my underscore, sirrrrr? 😢#underscore_all_the_shit

It's possible that "$input->get()" already prevents SQL injection, isn't it?

@Skayo No it doesn't. It won't. And even if it would TRY to. DONT trust it. Never trust any input and just use prepare statements!

@dUcKtYpEd don't ask me... Stupid people? My coworker prototyped that thing with symfony... Was fully working and nicely coded. Then the project partner decidee: hey let's use fucking joomla... Because... It has bugs... And can easily be hacked... I dunno.
This thing isn't even going to be a fucking CMS .. it's a fucking backend with a REST API!

Chef Golden Ramsey’s hell code! 👨‍🍳

Honestly these things are easily corrected. I worked with some who wrote 20 line string queries that wouldnt execute in a database manager but somehow worked in production.

He lasted two months but the damage was done. You can't delete one of them without causing days of work because of injected variables like $TypeType

Be thankful you have classes.
I’ve got shit with is just require(“thisFile.php”) in the middle of a code block.

This then injects this other file and makes use of variables initialised in the parent file.

So much time wasted trying to trace code, when a child has a variable initialised in another child file 😔

Sometimes I want to stab people, one day... one day I might just loose it.

I love SQL Injection' too..

Looks like I could have written this...

@scroach Wait. What? This is new stuff? How. Is. This. Even. Possible.

Code style is personal preference I believe.
If they want to use tabs, they can do it, as long as the code is readable.
If they want to use underscores, they can do it.
Just: don't mix underscores and CamelCase for no reason
Out of your rant, only two points were reasonable I believe.

I see Joomla!