Holy shit, did I really do that? Or: stupid programming mistakes

[Superfluous_Parentheses]

Rysto:

In fairness, numbering the months from 0 is one of the stupidest things I’ve ever heard of.

Do they number days of the month from 0, too?

Days are 1 based, months are 0 based,years are the number of years since 1900. It’s in the POSIX/C standard, so it’s a bit late to start changing it now.

To be fair, though, the mapping of the system clock (seconds since 1970-1-1 0:00 UTC) to an actual usable date & time is a lot more complicated than most people first think. And that’s just for the last 100 years or so; it gets a lot worse the further back you go: first you lose standard time and then there are different calendar systems all over the place.

[Rysto]

Ugh. I just spent 10 minutes staring at the following code; trying to figure out why it wouldn’t compile:

if(i = 0; i < 20; i++) {

I console myself with the knowledge that if gcc used the same error recovery scheme that I implemented for the Ada compile I wrote in my fourth-year compilers course, it would have identified the error immediately.

[ZipperJJ]

I did this elaborate Web app in a short time, and it involved me rolling my own login system for the first time. I worked really really hard on the whole project, doing 90 hours in just 10 days (on top of my regular 8-hour shifts).

The system was set up to send temporary, made-up passwords to everyone who had a registered email address. Once you got your temp password you could log in and easily use a form to change your password to something memorable.

The site was launched and there was a bug. When looking at the bug, I noticed the user in question, who had already signed in once, didn’t have a password in the database. His value for password was blank.

I thought this was kind of weird, since you need a password to log in and the guy had logged in. That’s how we found the bug I was fixing. But, I blew it off, thinking one of the site admins messed up somehow.

About a MONTH later, the project manager told me that someone complained that they kept having to get a temp password every time they logged in. I looked at the database and saw that the only people who had passwords were people who had the random temp passwords. Everyone else had null or blank.

I couldn’t figure out how/why this was automatically happening. I looked at all my code and couldn’t find it.

Until I looked at the “Change Password” form. When I was building the app, I was having problems making Firefox not pre-fill the password field. So in a last-ditch effort I put all sorts of code in there to make sure that password field would be blank. I couldn’t make it blank on load, but I left all the code in there anyway.

But in all my efforts to make it blank, I also managed to make the password field blank on submission. So someone would come to the page, type in their new password, submit it, the code would make the value of the field blank and then submit it.

Everyone who had gone to change their password, then, had made their password blank.

Of course, no one thought to report this within a month and no one had thought to report that they had used the Change Password form before getting “locked out.”

Still, it was totally my fault, and I really screwed the pooch on the crux of this application. if (!IsPostBack) is truly, truly your friend

[Shot_From_Guns]

In one of my Java programming courses in college, we had to write a multi-client chat server. I had mine mostly working, but it wasn’t 100% there yet. I spent a couple hours playing around with weird syntax, trying to get the damn thing to spit out the correct output for each user connected to the server, but something just wasn’t clicking. Standing outside and taking a smoke break, I think idly, “Jeeze, this would be so simple if BufferedReader had a ready method.”

…

When I got back inside, I checked. BufferedReader… **does **have a ready method. :smack: I deleted the hackjob mess I’d been playing with, inserted that tiny bit of code, and bam! everything was working perfectly.

[BobArrgh]

About 23 years ago, when I was in my first or second year of professional programming, I was working on a system where I needed to encrypt a password and store it in a plain-text file. Not having access to any type of encryption code, I decided to implement a “poor-man’s” encryption methodology: Rotate the bits in each character in the password some number of times. The “number of times” I chose was the length of the password.

So, if the password was 4 characters in length, each bit would get rotated 4 times, scrambling the password quite nicely.

One day, I was digging through the plain-text file, and I noticed that the password was unencrypted. Right where the password was supposed to be was the word, “password”.

Yup … rotating all 8 bits of a byte puts the byte back into its original order, making the password plain text quite nicely.