Page 2 of 3

Posted: Thu Aug 17, 2006 2:23 pm
by Ollie Saunders
I wrote a recursive function that looped forever and got
  • No output
  • Opcode error (PHP internals buggered)
  • Illegial operation crashes when I tried to debug it and all different places in my code
Otherwise my favourite error has got to be undefined index. You see that so much if you are writing procedurally

Posted: Thu Aug 17, 2006 2:35 pm
by Jenk
Weirdan wrote:Banks are always fun to hear about ;)
My time in one was a disaster. I always imagined that financials would be the 'best' place.. you know, a place where the only business is shifting billions of pounds around the market.. everyone is there soley to deal with money and vast quantities of it.. you'd imagine security would be paramount, that they would all be 'cutting edge' as far as technologies used would go. In other words, you'd of thought working at a trading-bank would be the mecca of IT environments.

What a shock it was to see some of the worst infrastructure I have ever heard of, let alone seen with my own eyes and I read all the "omg look how badly this is implemented" sites.

Absolute nightmare.

Posted: Thu Aug 17, 2006 6:16 pm
by RobertGonzalez
Jenk wrote:or use a text editor that does it for you.

re: omitting WHERE on DELETE.. I know someone who worked for a bank supporting their transactions database. They received a call to remove a 'corrupt' record..

they entered : DELETE FROM `transactions`;

the bank had to freeze for 24hours until the backup arrived and was updated to include all the transactions from the day that was lost.

Bye bye job and hello Sarbanes&Oxley auditors having a field day!
That poor bastard.

Posted: Thu Aug 17, 2006 6:50 pm
by MarK (CZ)
Everah wrote:Sarbanes&Oxley auditors having a field day!
Who are those?

Posted: Thu Aug 17, 2006 6:54 pm
by feyd
MarK (CZ) wrote:Who are those?
http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act

A somewhat recent act that basically fixed a large set of loopholes that companies would sometimes use to reward its executives, also known as cooking the books. There's a "witchhunt" on in the Silicon Valley (San Francisco bay area, for those at home) right now where the government, among others, are digging through financials of companies looking for wrong doings such as backdating corporate options for executives and such. It's brutual, but needs to be done.

Posted: Thu Aug 17, 2006 7:21 pm
by bg
feyd wrote:
MarK (CZ) wrote:Who are those?
http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act

A somewhat recent act that basically fixed a large set of loopholes that companies would sometimes use to reward its executives, also known as cooking the books. There's a "witchhunt" on in the Silicon Valley (San Francisco bay area, for those at home) right now where the government, among others, are digging through financials of companies looking for wrong doings such as backdating corporate options for executives and such. It's brutual, but needs to be done.
I work for a very large corporation and Sox compliance is a bitch. I've had to provide documentation a few times during internal audits.

Posted: Thu Aug 17, 2006 8:04 pm
by RobertGonzalez
SarbOx is a pain. I just went through one of four internal audits and our auditor tore me up. It really sucks. Thanks Enron, appreciate it.

Posted: Thu Aug 17, 2006 8:08 pm
by Jenk
For us mere mortals at the bottom of the food chain, sarbanes&oxley has done more than just weed out those skimming money off the top. We have had drastically increased security audits (and measures) that must take place.

One of the most problematic is the use of administrator accounts (root on *nix) - i.e. it is absolutely prohibited. Installing some server apps is fun when the vendors distributed install package spits its dummy when you don't use root.

Posted: Thu Aug 17, 2006 8:13 pm
by RobertGonzalez
Dude, our recent SarbOx nitpick is a companywide mandatory screensaver after 10 minutes of inactivity. Your system automatically locks you out and requires you to login back in again. I guess this is to prevent unwanted folks from peering into your potential non-compliant files or something.

Posted: Thu Aug 17, 2006 8:19 pm
by Jenk
We've had that for years anyway as normal company policy, it might even be an ISO thing.

I've heard some ludicrous, but not entirely believable stories from friends in the industry.. one being a DBA at a bank (same one the other friend was sacked for deleting the entire table..) he claims every DBA has to have 3 accounts for every server they use.. one for read only, one for read + write and one for read + execute.. he says the logic is you login with the read account to examine and plan, login with write to make the change, then of course login with execute to.. execute.

He also says direct SQL commands are banned and you must create a stored procedure for any SQL you want to run.. even if it's just 'select count(*) from table'

Posted: Thu Aug 17, 2006 8:20 pm
by Ollie Saunders
Makes me glad to be a freelancer, no rules here :P except the ones I make.

Posted: Thu Aug 17, 2006 8:20 pm
by daedalus__
Today, I was writing a class. I finished it and then was wondering why it wasn't being contructed.

I went to look at the __construct function; it was named __autoload

LOL

Posted: Thu Aug 17, 2006 8:25 pm
by feyd
Everah wrote:Dude, our recent SarbOx nitpick is a companywide mandatory screensaver after 10 minutes of inactivity. Your system automatically locks you out and requires you to login back in again. I guess this is to prevent unwanted folks from peering into your potential non-compliant files or something.
Add a dna test, retinal scan and urine analysis then sign me up for two please.

I can understand the need to lock the screensaver, although it may be more secure to make it a biometric login or smart-carded... if you guys have that sensitive of data floating around.

That reminds me of the Visa cage(s) at, -- damn, I can't remember the name of the datacenter..

Posted: Thu Aug 17, 2006 8:33 pm
by Ollie Saunders
FEYD! OMG 5 posts to go!

Posted: Thu Aug 17, 2006 8:38 pm
by RobertGonzalez
feyd wrote:
Everah wrote:Dude, our recent SarbOx nitpick is a companywide mandatory screensaver after 10 minutes of inactivity. Your system automatically locks you out and requires you to login back in again. I guess this is to prevent unwanted folks from peering into your potential non-compliant files or something.
Add a dna test, retinal scan and urine analysis then sign me up for two please.

I can understand the need to lock the screensaver, although it may be more secure to make it a biometric login or smart-carded... if you guys have that sensitive of data floating around.

That reminds me of the Visa cage(s) at, -- damn, I can't remember the name of the datacenter..
the funny thing is that the information on our personal machines isn't that sensitive. The information in the mainframes is pretty critical, but the stuff on our machines is just not that intense. Oh well, I guess it was bound to happen. Either through policy or legislation, but it was going to happen.

4 to go Feyd. I am freaking full of butterflies and I don't know why.