Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "hoping i don't mess up"
-
Well... I had in over 15 years of programming a lot of PHP / HTML projects where I asked myself: What psychopath could have written this?
(PHP haters: Just go trolling somewhere else...)
In my current project I've "inherited" a project which was running around ~ 15 years. Code Base looked solid to me... (Article system for ERP, huge company / branches system, lot of other modules for internal use... All in all: Not small.)
The original goal was to port to PHP 7 and to give it a fresh layout. Seemed doable...
The first days passed by - porting to an asset system, cleaning up the base system (login / logout / session & cookies... you know the drill).
And that was where it all went haywire.
I really have no clue how someone could have been so ignorant to not even think twice before setting cookies or doing other "header related" stuff without at least checking the result codes...
Basically the authentication / permission system was fully fucked up. It relied on redirecting the user via header modification to the login page with an error set in a GET variable...
Uh boy. That ain't funny.
Ported to session flash messages, checked if headers were sent, hard exit otherwise - redirect.
But then I got to the first layers of the whole "OOP class" related shit...
It's basically "whack a mole".
Whoever wrote this, was as dumb and as ignorant to build up a daisy chain of commands for fixing corner cases of corner cases of the regular command... If you don't understand what I mean, take the following example:
Permissions are based on group (accumulation of single permissions) and single permissions - to get all permissions from a user, you need to fetch both and build a unique array.
Well... The "names" for permissions are not unique. I'd never expected to be someone to be so stupid. Yes. You could have two permissions name "article_search" - while relying on uniqueness.
All in all all permissions are fetched once for lifetime of script and stored to a cache...
To fix this corner case… There is another function that fetches the results from the cache and returns simply "one" of the rights (getting permission array).
In case you need to get the ID of the other (yes... two identifiers used in the project for permissions - name and ID (auto increment key))...
Let's write another function on top of the function on top of the function.
My brain is seriously in deep fried mode.
Untangling this mess is basically like getting pumped up with pain killers and trying to solve logic riddles - it just doesn't work....
So... From redesigning and porting from PHP 7 I'm basically rewriting the whole base system to MVC, porting and touching every script, untangling this dumb shit of "functions" / "OOP" [or whatever you call this garbage] and then hoping everything works...
A huge thanks to AURA. http://auraphp.com/
It's incredibily useful in this case, as it has no dependencies and makes it very easy to get a solid ground without writing a whole framework by myself.
Amen.2 -
I'm out of my mind bored. I'm an unemployed person with a great job. You'd think this would be awesome. It's torture.
I work for a consulting company. I get paid whether or not they have work for me. They haven't for several months. I'm not hearing anything. I don't know when it will change.
I'm a skilled developer in a few very popular languages - nothing remotely in the ballpark of old or obsolete. I hear that's in demand. I spend most of my time answering questions on Stack Overflow. I really like to help people, but it boggles my mind that the people struggling with the stuff I help them with all have actual work to do and I don't.
I like to learn about new stuff, but I'm just not interested in learning another framework or anything else to add to the giant pile of stuff I'm already not using. It's not fun anymore.
I don't want to do another side project, either. I have a job as a software developer. That should, at some point, involve developing some software.
This is sucking the life out of me. It's harder and harder to get out of bed and come to work. I've held off looking for another job because I'm hoping this will change. The people here are great. I could go somewhere else and it could suck for completely different reasons.
Ironically, this is close to the reason why I left my last job. Ten years ago I went through a spell where I just gave up and stopped coming to work for over a month. No one noticed. Other people were stressed about getting laid off. Some of them were. Not me.
Am I part of some weird experiment to see how insane someone can go in this totally screwed-up circumstance? Are people following me around with cameras?
I'd love to find something else, but by all outward appearances I had already found an awesome place to work. There's only one thing missing - the work.
Thanks for listening. I'm just going to put my head on my desk for a while and despair. What is wrong with this industry? We're a mess on so many levels.12 -
let RANT = $state(true);
Don't even get me started on frontend engineering right now. It's like the wild wild west out here, with no rules or regulations.
I mean seriously, what is going on with frontend engineering these days? It's like we're stuck in some sort of weird limbo state where nothing seems to make sense and everything is a struggle. And to top it all off, the project I've been working on for the past two years has the same damn issues as an existing codebase that I was hoping to leave behind.
For some reason the npm build runs when container starts. Are you kidding me? Every time I have to restart the app, I have to wait for 30+ minutes just for the damn thing to build. And what's worse, it's not even a complex app. It's a simple frontend for a research website. So why the heck does it take so long to build?
I'll tell you why, because some genius thought it would be a good idea to build the entire codebase every time the container starts. And I have no doubt that this same genius probably thought it would be efficient and time-saving. Well let me tell you, it's neither efficient nor time-saving. It's just plain infuriating.
And don't even get me started on the codebase itself. It's like a labyrinth of tangled and convoluted code (multiple versions of React and now rewriting on Nextjs). Trying to make even the simplest changes feels like unraveling a giant knot (every freaking component have it's only style and everything from React is being used - hooks, Redux, whatever else is popular). And heaven forbid you make a mistake, because then you have to wait another 30 minutes for the whole thing to build and see if your change even worked.
And let's not forget about the old codebase that is still being used, because the new one wasn't ready in time. So we're constantly having to switch back and forth between two different codebases, trying to remember which one has which functionality, and hoping that we don't break anything in the process.
Don't get me wrong, I'm not against rewrites. In fact, sometimes they are necessary for a project to move forward. But when frontend engineers can't seem to make up their mind and constantly want to rewrite the code, it's a recipe for disaster.
And don't even get me started on the experience level of the frontend engineers who started this project. Most of them only had 2-3 years of experience (at the time of inception some of them has less than 1 year of experience), and yet they managed to convince management to approve this mess. It's like the blind leading the blind.
But hey, who needs experience and expertise when you have shiny new technologies and frameworks to play with, right? Isn't that what matters most in frontend engineering these days? Keeping up with the latest trends and constantly jumping on the "hype train" without any real understanding of how it will impact the project in the long run.
As a backend engineer (so I kinda don't give a flying freak about frontend) with almost two decades of experience and who was doing frontend with jQuery back in 2005 - that's frustrating and all the inconsistency is literally killing people (a couple of clients literally dropped the contract because of frontend quality).
RANT = false;
PS: why I used Svelte runes? Because some freaking genius suggested to port new (unreleased, only beta version) frontend UI to Svelte 5 because of runes.6 -
Trying to use authenticate a JWT token from an Azure service, which apparently needs to use Azure AD Identity services (Microsoft Entra ID, Azure AD B2C, pick your poison). I sent a request to our Azure admin. Two days later, I follow up, "Sorry, I forgot...here you go..."
Sends me a (small) screenshot of the some of the properties+GUIDs I need, hoping I don't mess up, still missing a few values.
Me: "I need the instance url, domain, and client secret."
<hour later>
T: "Sorry, I don't understand what those are."
Me: "The login URL. I assume it's the default, but I can't see what you see. Any shot you can give me at least read permissions so I can see the various properties without having to bother you?"
T: "I don't see any URLs, I'll send you the config json, the values you need should be in there."
<10 minutes later, I get a json file, nothing I needed>
<find screenshots of what I'm looking for, send em to T>
Me: "The Endpoints, what URLs do you see when you click Endpoints?"
<20 minutes later, sends me the list of endpoints, exactly what I'm looking for, but still not authenticating the JWT>
Me: "Still not working. Not getting an error, just that the authentication is failing. Don't know if it's the JWT, am I missing a slash, or what. Any way I can get at least read permissions so I don't have to keep bugging you to see certain values?"
T: "What do you need, exactly?"
Me: "I don't know. I don't know if I'm using the right secret key, I can't verify if I'm using the right client id. I feel like I'm guessing trying to make this work."
T: "What exactly are you trying to get working?"
<explain, again, what I'm trying to do>
T: "That's probably not going to work. We don't allow AD authentication from the outside world."
Me: "Yes we do. Microsoft Teams, Outlook, the remote access services. I can log into those services from home using my AD credentials."
T: "Oh yea, I guess we do. I meant what you are trying to do. Azure doesn't allow outside services to authenticate using a JWT. Sorry."
FRACK FRACK FRACK!!
Whew! Putting the flamethrower away.
Thanks devrant for letting me rant.3 -
Long post, TLDR: Given a large team building large enterprise apps with many parts (mini-projects/processes), how do you reduce the bus-factor and the # of Brent's (Phoenix Project)?
# The detailed version #
We have a lot of people making changes, building in new processes to support new flows or changes in the requirements and data.
But we also have to support these except when it gets into Production there is little information to quickly understand:
- how it works
- what it does/supposed to do
- what the inputs and dependencies are
So often times, if there's an issue, I have to reverse engineer whatever logic I can find out of a huge mess.
I guess the saying goes: the only people that know how it works is whoever wrote it and God.
I'm a senior dev but i spend a lot of time digging thru source code and PROD issues to figure out why ... is broken and how to maybe fix it.
I think in Agile there's supposed to be artifacts during development but never seen em.
Personally whenever i work on a new project, I write down notes and create design diagrams so i can confirm things and have easy to use references while working.
I don't think anyone else does that. And afterwards, I don't have anywhere to put it/share it. There is no central repo for this stuff other than our Wiki but for the most part, is like a dumping ground. You have to dig for information and hoping there's something useful.
And when people leave, information is lost forever and well... we hire a lot of monkeys... so again I feel a lot of times i m trying to recover information from a corrupted hard drive...
The only way real information is transferred is thru word of mouth, special knowledge transfer sessions.
Ideally I would like anything that goes into PROD to have design docs as well as usage instructions in order for anyone to be able to quickly pick it up as needed but I'm not sure if that's realistic.
Even unit tests don't seem to help much as they just test specific functions but don't give much detail about how a whole process is supposed to work.9