Poor programming practices

When will it stop. These amateur programmers that simply cut/paste code really affect those good programmers in the ecosystem trying to make a decent living. I was reviewing a developed (but incomplete) PHP/MySQL system using a common framework (which in itself is irrelevant for this post).

In one source file there were 12 repetitions of the following code:

   //permissions
    $this->security_model->setUserPermissions($id);
    if (!array_key_exists($id,$this->session->userdata['permissions']) OR
	!array_key_exists('id', $this->session->userdata['permissions'][$id]) OR
	!array_key_exists('scope', $this->session->userdata['permissions'][$id]['name'])){
      $this->session->set_flashdata('alert', 'You are not authorized to go there.');
      redirect($this->agent->referrer());
    }

It’s bad enough when code is repeated and not put in a simple re factored function. When it’s repeated 12 times in one file, and OMG over 100 times in the product, that is a recipe for bugs, and high maintenance codes due to extremely poor coding practice.

Carbonite Online Backup is a fraud

Do not listen to the hype or the advertising. Carbonite backup solution is a fraud. I never realized the extent of the failures of the software until I had a problem, which is when you expect and demand commercial software you pay for to work.

Ironically, looking now via Google search for Carbonite restore problems there are plenty of horror stories. And just to add to the experience, the definition of Carbonite in the dictionary is “Explosive”.

Here is the first red flag. You logon to the website, and if you click on “View Files”, or under the “Backup” tab with a nice cloud icon you click “Access Files”, there is no information available. You will receive the error “We are unable to access your files on this computer right now. Please contact Customer Support at http://www.carbonite.com/support for further assistance.”. What is really means is “Until your computer is online and your Carbonite software is working, you have no access to the details of your files that are apparently backed up.”

When you contact customer support, they have no idea what that message means, and after wasting your time (for me in a chat session), a ticket was opened with technical support. The problem is there is no way to track your ticket online, get updates, post information etc. I minimized the window, and now my chat session is closed (most likely by the rather ill informed customer representative). Guess what? There is no information about the ticket number in your account. So I may as not every had that conversation, any evidence of it is now lost.

I was told that until a technical support person could access my computer there was no way I could access my files. WTF? If there is no centralized list or log of my files on your backup solution, and no way to see this, how do I know you ever backed up my files. A fancy progress bar that flashes and says backing up files. Any 2 year old can write that faux display. Red flag number 2. It seems the only way to see my files is to install this software on yet another system to restore files. That is as Google Searching indicates, a likely lesson in extreme frustration

The ultimate cause of the problem was my system crashed, and when it restarted, Cabonite software was in this stuck state of “Registering”. I was told to just re-install the software, that’s not an answer in my books. That is red flag number 3.

I have definitely removed my credit card from their site to stop any automatic renewal of this crap software.

For the record, my home office backup solution includes important files on a Drobo. Backups of Documents to DropBox and then sync’d to another system. Backup of all files on several machines to a central external USB, and then regular backups of that which are taken offsite.

You cannot be too careful with important things like photos. Unfortunately this solution lacks a central catalog, and versioning of files (I.e. I overwrote an important presentation and did not realize for a few months, when I looked at all my backups of this, 3 or 4 copies, they were all the overwritten file, not the original. It took about a day to actually find a copied version, not a backed up version)

Truemors, Tumors, Dribble

I was sent this email.


http://blog.guykawasaki.com/2007/06/by_the_numbers_.html

By the Numbers: How I built a Web 2.0, User-Generated Content, Citizen – Journalism, Long-Tail, Social Media Site for $12,107.09

I have had my flatmate talk about it a lot in the past day. So I checked it out. Here is my view.

My Review

I’ve heard the name “Guy Kawasaki” but never read his stuff, or followed him. My first impression was the 2007 MySQL Conference and I was suitably impressed. See MySQL Conference – The next keynote with Guy Kawasaki

So some of my comments following this site — Truemors.

$1,115.05. I spent $1,115.05 registering domains. I could have used GoDaddy and done it a lot cheaper, but I was too stupid and lazy.

55. I registered 55 domains (for example, truemors.net, .de, .biz, truemours, etc, etc). I had no idea that one had to buy so many domains to truly “surround” the one you use. Yes, I could have registered fewer and spent less, but who cares about saving a few hundred bucks compared to the cost of legal action to get a domain away from a squatter if Truemors is successful?

Me: Your an idiot, and I don’t use the term lightly. I had great respect after one presentation, I even referred to his talk last night at a meeting for people to improve their presentations, but you paid 3 times the price for one domain, ok, but for 55, and then he hasn’t covered the name to well. A few quick typos and people have already registered names and stuck up google ads.

4. I learned four lessons launching Truemors:
There’s really no such thing as bad PR.
$12,000 goes a very long way these days.
You can work with a team that is thousands of miles away.
Life is good for entrepreneurs these days.

Me: There is such a thing as bad PR if your not “Guy Kawasaki” a name that draws a crowd.
$12,000 does go a long way if you spend it wisely. $399 for a logo, I could have done in 10 mins in Photoshop, and I’m an amateur. I’ve got better free logos on my sites. You have to get to being a successful entrepreneur before you can say “life is good for entrepreneurs these days”

Conclusion

I could make a comment on a number of his points.
My conclusion is he certainly polarized people. The responses are either completely for, or completely against.

If you want to read on, here are a few comments I’ve taken from his own blog comments which I found interesting. For those lazy and just like scanning.
Oh, and if you go to his site, the top reference on his own site is people bagging his site. Yeah that’s really good PR – Screen print at the end.

=========================================================================
Poor Guy! I have a number for you: number of websites needed to destroy your reputation: 1.

Wait, a minute you’re an “expert” on startups, and you spent more than a $1000 on domain name registration? Hahaha! LMAO

To me, Truemors would have been better if you:

1) Spent some money to have some juicy content prepared for launch to be submitted by random people.
2) Focused the product to a specific topic. Digg started out with technology only. Truemors could do celebrity gossip?

OK, here’s a “truemor”: I just scanned the comments below and Ray’s Jun 4, 2007 12:33:34 AM posting was so LOL funny *I* damn near messed myself. :-)

$4,824.14 for legal fees… What did the lawyers do for you? Did they come up with your terms of use? Do you have a privacy statement? Do tell!

Interesting numbers – but totally irrelevant! The whole point of business is to make money, not how carefully you spend what money you have! It would seem to me that Web 2.0 is all about hype – getting cheap eyeballs and selling them! Could you repost in a month or so and let us know when you’ve started making money?

You’ve proven you can start a web2.0 site for under 15k? WTF. Are you serious or are you just in your 30’s and senile? Most “successful” web2.0 sites get off the ground with less than $1,000.00. Truemors will be a graveyard in a month… might as well throw in the towel now.

You paid $399 for that logo!?? You could have told me…I would have created something better than that for free… Honestly, most of the things look a huge waste of money..
Guy, I guess this might offend you, but lately it seems you’ve been investing in some bad ideas. The idea for your new site is “okay”, however the layout is so terrible that the first time I saw the site, it was so annoying I skipped the article that brought me there and closed my browser tab.

When is a batch job successful?

Simple enough question, and it’s a simple enough answer. When the batch job/process in question successfully completes what it is designed to do and not in error.

I’m attempting to test, integrate and document some developed code on a client site, and well, I’m disgusted. (as with most things, is an accumulation of a number of things that lead to these frustrations.)

The process is broken down into two parts, lets call these X and Y. Now Y is the most stable part of a long standing product, it’s the API calls to the database. X does some pre-processing, then calls Y, then reports back success/failure.

Simple enough, and these are batch processes run after hours, so operators that don’t have the business knowledge need to know success or failure.

I’ll set aside for the moment that the calling process (which is indeed a shell script wrapper around the Java code) returns a status 0-Success and 1-Failure. This is practically useless because even when X fails, it doesn’t necessary report that (another story, but part of the same frustration)

I’ve extracted a small portion of the XML response that is returned from Y, that is then inteperated by X.

...
 <Status>
  <Code>0</Code>
  <Description>Success</Description>
  <DateTime>2006-09-26T16:03:45</DateTime>
 </Status>
 <Result>
   <OutputFileName>Not.Real.Name.Output.txt</OutputFileName>
 </Result>
...
...
<Severity>
  <Code>FATAL</Code>
    <Description>A fatal error was encountered while processing. See the reason code and description for further details.</Description>
</Severity>
<Reason>
 <Code>50</Code>
 <Description>XML exception: XML parse error on line: 9, position: ....
</Reason>
...

I’m not being told, “Oh, that’s a problem”. I’m been attempted to be convinced that it’s not an error, it is success.

Well, I don’t know from what planet you have lobbed in from, but in by book, FATAL is FATAL. Check out Handling Error Levels in Logging.

What’s the most depressing is I’m expected to hand this over to the customer for testing. My job isn’t actually testing, it’s integration and documentation for the end user, but the level of quality has demanded that I test it onsite before passing on. Well, I’m not going to give this to the customer, which makes it hard when the developers (who are on the same team as me) don’t see this as a problem.

PS: The list of articles of this nature has grown to the point, I’ve created my own “The Daily WFT” category. I’ve had a lot of stories I’ve never written about, perhaps I’ll pen a few more now.

It's makes me cry

I got home today and sat down to read my home email list. Nothing new. But on a MySQL mailing list, there was an enquiry why performance was slowing in a given application. I didn’t even have to read the situation, nor the problem, it took less then the 200ms mentioned to identify the problem looking at the supplied schema.

In summary, the first table in the schema had a primary key of VARBINARY(255) and a engine type of Innodb. Hold on, wait, it’s a concatenated key of two VARBINARY(255) columns. And I should mention, that primary key was a foreign key in the next table. If this was a home website app with one user, ok well it’s still bad, but this application was having performance problems with reasonable volumes of transactions, it’s not a beginner application. (A recent reference If you don’t know your data, you don’t know your application). Where do people learn this from!

Now I want to work on a large scale out MySQL environment, an organisation or site that’s going places, but the world of even normal every day applications is littered with these basic fundamental design errors. It’s make me cry.

My last contract had many flaws across the business, and the Java code for production applications was just as bad. Check out things like What constitutes a good error message to the user?, Why IT professionals get a bad name (I could easily write one of these a day for a long time, or you could check out The Daily WFT). You think the new contract with an large existing multinational company and world-wide installed Java application I could get an improvement. I’ll leave these stories for another time. I don’t want to have to deal with this.

I’ve got 16 half written blogs on cool MySQL features or interesting topics, but I never seem to get the motivation at the end of the day. I just want to know, how do people in IT get away with this. Where is the Pride in people’s work, where is the desire for people to make what they do a better place. Where is:

An opportunity that’s a challenge, including involving hard work and tight time frames, but a job that provides the rewards of job satisfaction for a productive contribution. An importance on quality, emphasis on continued improvement, and goals of simplicity in complex situations while working in a team environment are also necessary.

What constitutes a good error message to the user?

Today, will go down in my professional history as quite possibly the lowest I would ever think of a software developer. I’ve carefully avoided the term “fellow coder”, speaking of a IT industry sticking by fellow IT people, but not today.

I presently support an existing production system, some 1000+ users that’s been in place around 3 years in which I’ve had no prior involvement until recently. Integration with other external parties within the system have provided an esclation in errors being reported in this external communication, and lack of adequate feedback to the user is another topic. Email is the means of reporting administratively of user errors, again another topic of issue. Within these emails, which are almost impossible to manage due to the limited internal GUI only toolset and lack of access to actual email account files to automate scripting (yet another topic? Do you see a trend here), is some relevent information regarding the transaction, and then most importantly the error message. The thing I need to investigate the problem.

The line reads (removing some stuff):


Error Code: 234567892

Ok, well a little cryptic, but surely you can work out from the external system what this means. Investigation of some more errors, in the mail GUI product, yet another series of open windows (you can’t view messages like a regular mail client with a summary list and a detail panel), provides for a trend in the error messages:


Error Code: 1235492567
Error Code: -434783134
Error Code: 34345199

The trend being there is none. Of course today by mid morning the email error count is into the hundreds, and I’m none the wiser. Well time to closely investigate the code management (as I’ve already contacted the external party, and asked if I can provide some error codes to receive greater information).

The following constitutes the two lines of code taken in the determination of the error messages I’ve shown so far. Note, this code takes the external system response, and then “attempts to determine usefull error content for presentation back to the user”.


errorNo = new Random().nextInt();
error = “Error Code: ” + errorNo;

Now while everybody laughed out loud, including fellow developers, DBA, IT manager, the Business Owners and Users (which can’t read code but could understand the first of these two lines I highlighted), and yes it really was funny in context with a bigger picture, but really it wasn’t funny at all. Some things make my blood boil, and this was one of them. With all the time lost between multitudes of people, users, call centre etc, I’d never felt a stronger conviction to hunt down the developer that wrote this.

The end of the story is after even trolling old CVS repository entries I was unable to piece sufficient information to determine the author. Most likely done pre version control, and then that trail leads to only a few names I’ve heard mentioned before.

I’d like to see somebody top that one!

Unbelievable Bureaucratic Incompetence

Some times I’m just disgusted to be involved in the IT Industry, due to the incompetence of others that then reflect poorly on everybody else.

In this case at a present client, a new company wide email implementation using Microsoft Outlook as the Email Client and most likely Exchange Server is occuring. It has been for some time, there have been several delays and a lot of problems!

A particular user’s email address has been configured with an asposthe (‘). Now practically anybody with any system admin experience knows that an email address cannot contain this characters. Ok, well it’s not that bad, just correct it.

But what typifies this incompetence, is the rollout was done by IBM, not some new system admin that may have made a honest mistake. We are talking about a professional organisation that provides IT services. Ok, well let’s just say again it was a simple mistake, the bureaucratic side of my comment comes from the fact that the organisation where this email rollout was deployed has no ability to correct the problem (how can this be possible), and the resultant request made to the implementation company IBM, now wants to charge for the correction of there own incompetence.

The irony is I was the person that discovered it in a site wide rollout, and I only found it by doing a reply to an email (which is a common practice normally). Where was the checks and balances by all the people that have been involved in the process for sometime, and are supposed to be the experts? Where was the quality?

As I mentioned at the start of my post, I’m disgusted.

Why IT professionals get a bad name

Sometimes you just can’t find words to describe bad code, and if you are forced into maintenance it can be a mindfield. I’m presently supporting an existing deployed Web Based Java application, which I’ve had no involvement with previously, and for lack of any complements it’s absolutely terrible.

How this code was ever written, and of course never reviewed (that’s another talk on software development) one can only shutter. If it was an isolated case, then perhaps, but the code is bloated, and riddled with unnecessary complexity. Basic 101 practices such as Standard CSS, well formed html pages (ie, not with double <html> and <body> tags), and Javascript functions that are not duplicated up the warzoo are things you can discover spending 2 mins looking at just the first screen before you even look at the Java Code.

Here is an example.

tempKeyStr = tempKeyStr.substring(0,2).concat(String.valueOf(Integer.parseInt(tempKeyStr.substring(2).trim())));

Ok, I guess I should give you a hint of the type of values in the tempKeyStr prior to this wonderful transformation. This string contains a 2 alphanumerical character prefix, then optionally a space, then a numeric number (usually 2, 3 or 4 digits). An example may be ‘XX 999′ or ‘AA99′.

This will help you to identify what this lines now does?

Ok, well to save the suspense, the purpose of the above line of code is to trim and squeeze any whitespace from the string. So something like the following would surfice.

tempKeyStr = tempKeyStr.replaceAll(" ","");

Of course refactoring would totally eliminate this line, placing the replaceAll syntax in a previous declaration.
Those observant Java guru’s would also state, but what if this was written 5 years ago, replaceAll is only available since 1.4. Yes, correct, but Pattern has always existed, replaceAll is just a convience wrapper for this, and this type conversion from String to Integer to int to String is unnecessary complexity.

On that note of refactoring, I was sent the following link recently Refactoring to the Max. As the title suggests, sometimes people go to far.