This weeks PHP code mistake

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

I wrote a recursive function that looped forever and got
  • No output
  • Opcode error (PHP internals buggered)
  • Illegial operation crashes when I tried to debug it and all different places in my code
Otherwise my favourite error has got to be undefined index. You see that so much if you are writing procedurally
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

Weirdan wrote:Banks are always fun to hear about ;)
My time in one was a disaster. I always imagined that financials would be the 'best' place.. you know, a place where the only business is shifting billions of pounds around the market.. everyone is there soley to deal with money and vast quantities of it.. you'd imagine security would be paramount, that they would all be 'cutting edge' as far as technologies used would go. In other words, you'd of thought working at a trading-bank would be the mecca of IT environments.

What a shock it was to see some of the worst infrastructure I have ever heard of, let alone seen with my own eyes and I read all the "omg look how badly this is implemented" sites.

Absolute nightmare.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Jenk wrote:or use a text editor that does it for you.

re: omitting WHERE on DELETE.. I know someone who worked for a bank supporting their transactions database. They received a call to remove a 'corrupt' record..

they entered : DELETE FROM `transactions`;

the bank had to freeze for 24hours until the backup arrived and was updated to include all the transactions from the day that was lost.

Bye bye job and hello Sarbanes&Oxley auditors having a field day!
That poor bastard.
User avatar
MarK (CZ)
Forum Contributor
Posts: 239
Joined: Tue Apr 13, 2004 12:51 am
Location: Prague (CZ) / Vienna (A)
Contact:

Post by MarK (CZ) »

Everah wrote:Sarbanes&Oxley auditors having a field day!
Who are those?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

MarK (CZ) wrote:Who are those?
http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act

A somewhat recent act that basically fixed a large set of loopholes that companies would sometimes use to reward its executives, also known as cooking the books. There's a "witchhunt" on in the Silicon Valley (San Francisco bay area, for those at home) right now where the government, among others, are digging through financials of companies looking for wrong doings such as backdating corporate options for executives and such. It's brutual, but needs to be done.
bg
Forum Contributor
Posts: 157
Joined: Fri Sep 12, 2003 11:01 am

Post by bg »

feyd wrote:
MarK (CZ) wrote:Who are those?
http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act

A somewhat recent act that basically fixed a large set of loopholes that companies would sometimes use to reward its executives, also known as cooking the books. There's a "witchhunt" on in the Silicon Valley (San Francisco bay area, for those at home) right now where the government, among others, are digging through financials of companies looking for wrong doings such as backdating corporate options for executives and such. It's brutual, but needs to be done.
I work for a very large corporation and Sox compliance is a bitch. I've had to provide documentation a few times during internal audits.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

SarbOx is a pain. I just went through one of four internal audits and our auditor tore me up. It really sucks. Thanks Enron, appreciate it.
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

For us mere mortals at the bottom of the food chain, sarbanes&oxley has done more than just weed out those skimming money off the top. We have had drastically increased security audits (and measures) that must take place.

One of the most problematic is the use of administrator accounts (root on *nix) - i.e. it is absolutely prohibited. Installing some server apps is fun when the vendors distributed install package spits its dummy when you don't use root.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Dude, our recent SarbOx nitpick is a companywide mandatory screensaver after 10 minutes of inactivity. Your system automatically locks you out and requires you to login back in again. I guess this is to prevent unwanted folks from peering into your potential non-compliant files or something.
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

We've had that for years anyway as normal company policy, it might even be an ISO thing.

I've heard some ludicrous, but not entirely believable stories from friends in the industry.. one being a DBA at a bank (same one the other friend was sacked for deleting the entire table..) he claims every DBA has to have 3 accounts for every server they use.. one for read only, one for read + write and one for read + execute.. he says the logic is you login with the read account to examine and plan, login with write to make the change, then of course login with execute to.. execute.

He also says direct SQL commands are banned and you must create a stored procedure for any SQL you want to run.. even if it's just 'select count(*) from table'
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

Makes me glad to be a freelancer, no rules here :P except the ones I make.
User avatar
daedalus__
DevNet Resident
Posts: 1925
Joined: Thu Feb 09, 2006 4:52 pm

Post by daedalus__ »

Today, I was writing a class. I finished it and then was wondering why it wasn't being contructed.

I went to look at the __construct function; it was named __autoload

LOL
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Everah wrote:Dude, our recent SarbOx nitpick is a companywide mandatory screensaver after 10 minutes of inactivity. Your system automatically locks you out and requires you to login back in again. I guess this is to prevent unwanted folks from peering into your potential non-compliant files or something.
Add a dna test, retinal scan and urine analysis then sign me up for two please.

I can understand the need to lock the screensaver, although it may be more secure to make it a biometric login or smart-carded... if you guys have that sensitive of data floating around.

That reminds me of the Visa cage(s) at, -- damn, I can't remember the name of the datacenter..
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

FEYD! OMG 5 posts to go!
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

feyd wrote:
Everah wrote:Dude, our recent SarbOx nitpick is a companywide mandatory screensaver after 10 minutes of inactivity. Your system automatically locks you out and requires you to login back in again. I guess this is to prevent unwanted folks from peering into your potential non-compliant files or something.
Add a dna test, retinal scan and urine analysis then sign me up for two please.

I can understand the need to lock the screensaver, although it may be more secure to make it a biometric login or smart-carded... if you guys have that sensitive of data floating around.

That reminds me of the Visa cage(s) at, -- damn, I can't remember the name of the datacenter..
the funny thing is that the information on our personal machines isn't that sensitive. The information in the mainframes is pretty critical, but the stuff on our machines is just not that intense. Oh well, I guess it was bound to happen. Either through policy or legislation, but it was going to happen.

4 to go Feyd. I am freaking full of butterflies and I don't know why.
Post Reply