this post was submitted on 25 Nov 2025
328 points (99.4% liked)

Programmer Humor

27506 readers
1495 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
anzo@programming.dev
Feyter@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
328
What are some of the worst code you have seen in a production environment? (programming.dev)
submitted 2 days ago by vrek@programming.dev to c/programmer_humor@programming.dev
212 comments fedilink hide all child comments
 

I'll give an example. At my previous company there was a program where you basically select a start date, select an end date, select the system and press a button and it reaches out to a database and pulls all the data following that matches those parameters. The horrors of this were 1. The queries were hard coded.

  1. They were stored in a configuration file, in xml format.

  2. The queries were not 1 entry. It was 4, a start, the part between start date and end date, the part between end date and system and then the end part. All of these were then concatenated in the program intermixed with variables.

  3. This was then sent to the server as pure sql, no orm.

  4. Here's my favorite part. You obviously don't want anyone modifying the configuration file so they encrypted it. Now I know what you're thinking at some point you probably will need to modify or add to the configuration so you store an unencrypted version in a secure location. Nope! The program had the ability to encrypt and decrypt but there were no visible buttons to access those functions. The program was written in winforms. You had to open the program in visual studio, manually expand the size of the window(locked size in regular use) and that shows the buttons. Now run the program in debug. Press the decrypt button. DO NOT EXIT THE PROGRAM! Edit the file in a text editor. Save file. Press the encrypt button. Copy the encrypted file to any other location on your computer. Close the program. Manually email the encrypted file to anybody using the file.

you are viewing a single comment's thread
view the rest of the comments
[–] CaptDust@sh.itjust.works 49 points 2 days ago (2 children)

Why do people do stuff like this, is the logic not difficult enough to follow on it's own without a secondary definition table to consult!? Fucking hell.

[–] A_norny_mousse@feddit.org 32 points 1 day ago

secondary definition breakfast table

[–] bjoern_tantau@swg-empire.de 14 points 1 day ago

Had a programmer like this when I was still an apprentice. He was so full of himself. Was originally a Java programmer but had to program in PHP because that was what ran on the server. I never found out why he couldn't just put Java on the server. We had full control.

All his variables were first names. Like $klaus and $grobi. Because he was afraid of clashing with reserved keywords. The thing is, in PHP all variables begin with $ exactly to prevent this issue. So he brought that habit over from Java which was far superior and not such a "Mickey Mouse language".

I mean, he wasn't totally wrong, especially back then PHP was awful. But he surrounded every function with <?php and ?> (PHP was designed to be combined with HTML output outside of these tags) and had plenty of whitespace between them and couldn't fathom why all his html files had huge swaths of whitespace at the start.

His way of preventing SQL injection was to look for SQL keywords in user input and then throwing an error in the log files.