this post was submitted on 25 Nov 2025
331 points (99.4% liked)

Programmer Humor

27506 readers
1518 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
anzo@programming.dev
Feyter@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
331
What are some of the worst code you have seen in a production environment? (programming.dev)
submitted 2 days ago by vrek@programming.dev to c/programmer_humor@programming.dev
214 comments fedilink hide all child comments
 

I'll give an example. At my previous company there was a program where you basically select a start date, select an end date, select the system and press a button and it reaches out to a database and pulls all the data following that matches those parameters. The horrors of this were 1. The queries were hard coded.

  1. They were stored in a configuration file, in xml format.

  2. The queries were not 1 entry. It was 4, a start, the part between start date and end date, the part between end date and system and then the end part. All of these were then concatenated in the program intermixed with variables.

  3. This was then sent to the server as pure sql, no orm.

  4. Here's my favorite part. You obviously don't want anyone modifying the configuration file so they encrypted it. Now I know what you're thinking at some point you probably will need to modify or add to the configuration so you store an unencrypted version in a secure location. Nope! The program had the ability to encrypt and decrypt but there were no visible buttons to access those functions. The program was written in winforms. You had to open the program in visual studio, manually expand the size of the window(locked size in regular use) and that shows the buttons. Now run the program in debug. Press the decrypt button. DO NOT EXIT THE PROGRAM! Edit the file in a text editor. Save file. Press the encrypt button. Copy the encrypted file to any other location on your computer. Close the program. Manually email the encrypted file to anybody using the file.

you are viewing a single comment's thread
view the rest of the comments
[–] kryptonianCodeMonkey@lemmy.world 4 points 1 day ago (1 children)

Joined a new team and one of my first tasks was a refactor on a shared code file (Java) that was littered with data validations like if ("".equals(id) || id == null) { throw new IllegalArgumentException() }

The dev who wrote it clearly was trying to make sure the string values were populated but they apparently A) didn't think to just put the null check first so they didnt have to write their string comparison so terribly or else didnt understand short circuiting and B) didn't know any other null-safe way to check for an empty string, like, say StringUtils.isEmpty()

[–] vrek@programming.dev 5 points 1 day ago (1 children)

I mean... That's bad but not on the same scale of some of these other issues.

[–] kryptonianCodeMonkey@lemmy.world 2 points 1 day ago* (last edited 1 day ago) (1 children)

Sure. There were worse problems to. SQL injection vulnerabilities, dense functions with hundreds of lines of spaghetti code, absolutely zero test coverage on any project, etc. That's just the easiest to show an example of and it's also the one that made me flinch every time I saw it.

"".equals() 😨

[–] vrek@programming.dev 6 points 1 day ago (1 children)

If it makes you feel better at my last company I asked the "senior validation specialist" what the validation path would be for a program which incorporated unit tests.

The answer I got was "what's a unit test?"