|
 Hope their customers data isn't left out on display for all to see. Also hoped someone else may get a giggle.
I'd be happy to attribute it to anon if you'd prefer.
I've found your posts to be both intelligent and helpful - the quote is also a good maxim - just one I'd never been clever enough to condense.
It's how things are often done - a good example is one that uses per-pixel manipulation. At first, it's a million times easier to just use SetPixel/GetPixel - with time after the algo is working one will often alter such ungainly access to something much harder to read and similarly quicker to execute.
I saw the quote in a post of yours and just HAD to steal it - (unquoted, hence the attributation to you) 
Make it work. Then do it better - Andrei Straut
|
|
|
|
|
Well, what can I say, thanks!
Full-fledged Java/.NET lover, full-fledged PHP hater.
Full-fledged Google/Microsoft lover, full-fledged Apple hater.
Full-fledged Skype lover, full-fledged YM hater.
|
|
|
|
|
Dear Sir/Madam,
It has recently been brought to our attention that your IP address has been viewing orders placed by customers with different IP addresses. This is a federal crime and you will be prosecuted if you do not cease and desist.
Sincerely,
Alcatraz Tours Security Official
|
|
|
|
|
Nice 
I'll see your taunt and raise you another..
Dear Mr Agent,
As with all police issued notices I receive reporting to be from the US, I will again take the time to remind you that I'm 12,650 kms away - that's 7,860 miles to the metrically challenged.
You've obviously been told by fellow scammers colleagues that you'l get better response rates when you claim to be US law enforcement than you'd enjoy with the old "We are related, I just need to use your bank account to wire $50,000,000 out of this country, you will receive a generous 5%"
Think I'll file this with my IRS note, my LAPD issued traffic infringement and my New York issued demand to attend the courthouse.
If only you realized I've never had a passpport, let alone left this country.
Why don't you head back into the capital city, Abuja? I hear there are many opportunities for those willing to work for them.. 
Make it work. Then do it better - Andrei Straut
modified 13-Aug-12 12:22pm.
|
|
|
|
|
enhzflep wrote: I just need to use your bank account to wire $50,000,000 out of this country, you will receive a generous 5%
There was a report not too long ago that studied why Nigerian scammers always say they are from Nigeria rather than some place not so famous for scamming. The reason was that if somebody is gullible enough to believe a scam that says it is from Nigaria, they are the most likely people to actually believe the scam. Essentially, being so obvious about their scam is their method to avoid talking to smart people, which would waste their time and cost them money. 
And I just found it: http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf
|
|
|
|
|
And that my friend, is the most interesting piece of literature I've read all month.
Have a +5 for the article link.
Makes me wonder how much too little credit I've apportioned the writers of such emails.
It makes perfect sense.
Cheers, and thanks.
Make it work. Then do it better - Andrei Straut
|
|
|
|
|
Even worse. It is open to SQL injection attacks. A few days ago, someone asked in Q&A how a "UNION SELECT ALL null..." attack works, and someone pointed to Evil SQL[^]. Just tried a https://www.alcatraztrips.com/Confirmation.asp?order=179000%20having%201=1--[^]
which results in
Microsoft OLE DB Provider for SQL Server error '80040e14'
Column 'orders.OrderNumber' is invalid in the select list because it is not contained in either an aggregate function or the GROUP BY clause.
/Confirmation.asp, line 13
and some more bad injections... So easy to get the name of their db user etc.
But: please do not destroy their web site, just have fun!
It is such a great place to demonstrate the vulnerabilities of badly written code to our students here at CP.
|
|
|
|
|
     
Bill Gates is a very rich man today... and do you want to know why? The answer is one word: versions.
Dave Barry
Read more at BrainyQuote[ ^]
|
|
|
|
|
Can anyone tell me what this code does? I found it in a project I inherited:
public static string ConvertToReadableNumber(decimal num)
{
bool isNegative = num<0;
num = Math.Floor(num);
string numTxt = Math.Abs(num).ToString();
string numReadable = "";
int counter =0;
for (int i = numTxt.Length-1; i >=0; i--)
{
if (counter > 0 && counter % 3 == 0)
numReadable = "," + numReadable;
numReadable = numTxt[i] + numReadable;
counter++;
}
if(isNegative)
numReadable = "-"+numReadable;
return numReadable;
}
I'm guessing that a ToString() would have done the job.
|
|
|
|
|
A blind programmer who reinvented the wheel (in a pretty much bad manner) without ever looking at the rich API the underlying framework has to offer. The best thing about using framework provided APIs is that we can safely assume (to some extent) that the code is tried and tested for all scenarios.
Reminds me of this[^], had the programmer used Date.AddYears() method, it would have saved a lot of headaches for Microsoft's customers, lot of customers to Microsoft and most importantly, would not have cost him/her job. At least, the programmer could have done a sanity check on the resultant date to ensure that it is valid.
|
|
|
|
|
Its an abomination, for which the author should be sumarily executed.
It takes a decimal, floors it, and outputs it with commas as the thousand saparator:
http://rextester.com/CAYFY90912[^]
It boils down to this one-liner:
var result = Math.Floor(num).ToString("#,#");
|
|
|
|
|
Cool site! And I agree!
Bill Gates is a very rich man today... and do you want to know why? The answer is one word: versions.
Dave Barry
Read more at BrainyQuote[ ^]
|
|
|
|
|
If you really want to be precise and duplicate his function, it's actually this:
var result = Math.Floor(num).ToString("#,#", System.Globalization.CultureInfo.InvariantCulture);
Perhaps the author hard coded the thousand separator for some reason...
|
|
|
|
|
The real wtf is the enormous variation in the paramters of the conversion function. When you know how to do it correctly with VB6, it won't work with C++, C#, Oracle SQL, MySQL, Microsoft SQL Server, ...
I guess the guy who wrote the code was a victim of that diversity, and wrote it after switching to C# from something else.
|
|
|
|
|
ToString would have done a better job as it's not depending on the culture.
Lot's of companies that have utility-functions like this in their "toobox", often rebuilding what's already there.
To me, that proves that most of these companies are too rich. If they had to be careful on what they'd spend, sh*t like this would be gone.
Bastard Programmer from Hell 
if you can't read my code, try converting it here[^]
|
|
|
|
|
Arpikusz wrote: numReadable = "," + numReadable;
What happens if the culture is one that uses . instead of , for the separator? Not only is this bad code, it's lazy bad code because it's not taking localisation into account.
Also, as I look over the code, what happens if num is 3000.27? I can't see anywhere in this code that actually adds the portion after the decimal on to numReadable.
|
|
|
|
|
And that's why it is a readable number. Use whole numbers to avoid confusions like '.' or ','.
"Fear no factor", Prime Numbers.
|
|
|
|
|
Agreed, clearly the assumption here is that a decimal number is not readable
|
|
|
|
|
Um, isn't Math.Floor(-12.45) == -13?
|
|
|
|
|
Speechless .
|
|
|
|
|
if its C#, how about the standard .net formatting codes:
Math.Floor(num).ToString("N0")
|
|
|
|
|
So, I got an interesting link from one of our suppliers. At the end of it there's a feed containing product prices and stocks, which need to be parsed and inserted into our ERP.
The link was the following (username and password changed to protect the innocent):
https://services.it4profit.com/product/ro/705/ProductList.xml?USERNAME=[username]&PASSWORD=[password]
I know that (usually) no data (including the GET parameters) is sent before the SSL connection is established, and from an outside point-of-view, the only visible information is the server and the port. Now, what we're receiving isn't that private anyway (we're talking about some product prices that are customized per-company, within certain limits).
But I really don't wanna know how many sites are out there that do the same thing. And if someone opens something like that from a browser, it sticks within the history. Also, not to mention the server logs.
Some people just need to be smacked over their heads every once in a while.
Full-fledged Java/.NET lover, full-fledged PHP hater.
Full-fledged Google/Microsoft lover, full-fledged Apple hater.
Full-fledged Skype lover, full-fledged YM hater.
|
|
|
|
|
 I actually saw a website on internet security do that!
Bill Gates is a very rich man today... and do you want to know why? The answer is one word: versions.
Dave Barry
Read more at BrainyQuote[ ^]
|
|
|
|
|
POST is far too complicated. GET is so much easier.
|
|
|
|
|
[Sarcasm start]
Yes, and on the client side especially. Even if you use jQuery.Ajax, POST is soooo much more complicated than GET. You have to type an extra letter, which is much more effort than should be required for anyone. For instance, this is a jQuery GET call:
$.ajax({
type : 'GET',
url : "url.jsp",
data: {
id: client_id,
action_code: 2,
action_data: $('#content').val()
},
success: function(result) {
$('#list-content').html(result);
},
error: function(result) {
alert(result);
},
});
compared to...this abomination:
$.ajax({
type : 'POST',
url : "url.jsp",
data: {
id: client_id,
action_code: 2,
action_data: $('#content').val()
},
success: function(result) {
$('#list-content').html(result);
},
error: function(result) {
alert(result);
},
});
Notice the difference? It's soooooomuch easier to simply GET instead of POST-ing, isn't it?
[/Sarcasm end]
On the other hand, I'm having fun now with LINQ parsing the list of products from suppliers (didn't get to play with LINQ so far, but I'm quite liking it. Heard it's pretty slow compared to the other alternatives, but in my case speed is not that much of an issue)
Full-fledged Java/.NET lover, full-fledged PHP hater.
Full-fledged Google/Microsoft lover, full-fledged Apple hater.
Full-fledged Skype lover, full-fledged YM hater.
modified 9-Aug-12 5:22am.
|
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
