Floats for currency in a payments platform.

The system will happily take a transaction for $121.765, and every so often there’s a dispute because one report ran it through round() and another through floor().

Had a coding firm costing 1k+ euros which was unfamiliar with django select all() from DB just to cast that into a list each time a user opens the tool. That got real funny real fast when the customer started adding the announced 50k objects per day. They did that buried in about 50-60 api endpoints conveniently coded by hand instead of using genetic api endpoints available from django rest framework.

When the loading times hit 50s per click, the company took the money and ran. My colleagues and me spent 2 years and half that to fix that shit.

My current favorite is in ruby with the unless keyword:

tax = 0.00
unless not_taxed(billing)
  tax = billing.zipcode.blank? ? estimated_tax_from_ip(account) : billing.tax
  tax = (tax.nil? ? 0.00 : tax)
end

To me, anything payments related you want to be really super clear as to what you’re doing because the consequences of getting it wrong are your income. Instead we have this abomination of a double negative, several turnaries, and no comments.

Disclaimer: this is not really about code, but about using IT in my non-IT workplace and I realized this just yesterday. A rant.

I work in the social sector. Our boss seems to have slipped into position sideways (they did not do our work for a significant amount of time before).

I got zero onboarding when I started working there; everything I know about the organisational ins and outs I learned by asking my colleagues.

The boss seems to actively want to not inform me of things, i.e. even if I ask about something they reply in the most cursory manner or immediately refer me to somebody else. I have no idea why they do it, my guess is that they sense that they’re woefully inadequate for the job, plus me being much older triggers insecurities?

For example, when I could not log into an app to see my future shifts, I asked the boss about it first but they immediately refered me to tech support. Calling them, after a while we found out that the boss had mistyped my name. Then I could log in.

Last week I was sick and waited til Sunday noon to check this week’s shifts - but again I couldn’t log in. The boss answered neither phone nor email. Fair enough I guess, on a sunday. Thankfully tech support was working and after a long while we found out that the app for checking my shifts only allows log-ins from within the workplace network, not the open web.

I almost missed my monday shift because of that. Boss calls me, enraged. I explained the situation. They clearly did not know that the app only allows log-ins from within the workplace network.

All my coleagues tentatively/silently agree that this boss is useless. How do we keep the workplace running, and why is it me who is left in the dark? Turns out they have a Whatsapp group. I don’t use Whatsapp. They asked me repeatedly and urgently to join.

tl;dr: this workplace would fall apart if people wouldn’t communicate through Whatsapp instead of official channels

One time, I had to request firewall access for a machine we were deploying to, and they had an Excel sheet to fill in your request. Not great, I figured, but whatever.

Then I asked who to send the Excel file to and they told me to open a pull request against a Git repo.
And then, with full pride, the guy tells me that they have an Ansible script, which reads the Excel files during deployment and rolls out the firewall rules as specified.

In effect, this meant:

1. Of course, I had specified the values in the wrong format. It was just plaintext fields in that Excel, with no hint as to how to format them.
2. We did have to go back and forth a few times, because their deployment would fail from the wrong format.
3. Every time I changed something, they had to check that I’m not giving myself overly broad access. And because it’s an Excel, they can’t really look at the diff. Every time, they have to open it and then maybe use the Excel version history to know what changed? I have no idea how they actually made that workable.

Yeah, the whole time I was thinking, please just let me edit an Ansible inventory file instead. I get that they have non-technical users, but believe it or not, it does not actually make it simpler, if you expose the same technical fields in a spreadsheet and then still use a pull request workflow and everything…

Oh, I’ve seen some doozies… The one I remember the most, and I’ve seen this twice, is this:

myClass.TheProperty = myClass.TheProperty;

When I asked about it, the developer said that, well yes, because it reads from one place and sets in another! Not at all difficult to read!

The script I vibe coded to automate part of my job. It’s sloppy and unrefined, but it works, and saves me a ton of effort.

So, this is completely off topic, but some of the comments here reminded me of it:

An elderly family friend was spending a lot of her time using Photoshop to make whimsy collages and stuff to give as gifts to friends and family.
I discovered that when she wanted to add text to an image, she would type it out in Microsoft Word, print it, scan the printed page, then overlay the resulting image over the background with a 50% opacity.
I showed her the type tool in Photoshop and it blew her mind.

1. Take from index 10 of the buffer, AND it with some hard-coded hex value.

2. Bit shift it by a hard-coded amount of 2

3. Do the first two steps, but with a different hard-coded index, hex value, and bit shift.

4. OR the two results.

5. Shove the result back into a buffer.

All of this is one line with no commenting or references to what the fuck this process comes from or why it is applicable. Then there was a second copy of the line, but with different hard-coded values.

I wrote an algorithm that should be recursive but in expediency I wrote a loop that iterates 10 times.

It’s fine but I’m still mad 3 weeks later

I found code that calculated a single column in an HTML table. It was “last record created on”.

The algorithm was basically:

foreach account group
  foreach account in each account group
    foreach record in account.records
      if record.date > maxdate
        max = maxdate

It basically loaded every database record (the basic unit of record in this DATA COLLECTION SYSTEM) to find the newest one.

Customers couldn’t understand why the page took a minute to load.

It was easily replaced with a SQL query to get the max and it dropped down to a few ms.

The code was so hilariously stupid I left it commented out in the code so future developers could understand who built what they are maintaining.

Long time ago, but by far the worst for me was when I inherited some code that a previous programmer had done. Every variable was a breakfast item. So if biscuit>bacon then scrambledeggs=10. Shit like that. It was a nightmare and luckily I only had to deal with it infrequently.

VB.NET app that was installed on every employees computer to capture time sheets. Required VPN access so it could talk to the accounting DB using raw queries, zero input validation, and it used a pirated library for the time input grid control.

The IT staff who would install the program on all new machines (it didn’t work with their imaging system) had a script to suppress the message requesting a paid license. There was nothing special about this control, it was basically a rip off of built in winforms controls.

Source code was long lost, but reverse engineering and decompiling CIL/MSIL code is thankfully relatively straightforward.

I’ve had legacy systems that would encrypt user passwords, but also save the password confirmation field in plain text. There was a multitenent application that would allow front end clients to query across any table for any tenant, if you knew how to change a header. Oh and an API I discovered that would validate using “contains” for a pre-shared secret key. Basically if the secret key was “azh+37ukg”, you could send any single individual character like “z” and it would accept the request.

Shits focked out here, mate.

I’ll consider myself lucky that the worst I’ve had to deal with was a 8K LOC C file that implemented image processing for a cancer detection algorithm. Nothing terribly tricky but just poorly organized. Almost no documentation at all. The only test was running this code against a data set of patient images and eyeballing the output. No version control other than cloning the project onto their NAS and naming it “v2” etc.

Research code can be really scary.