Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: Mad, bad and dangerous to know

by eXile (Priest)
on Jul 29, 2006 at 14:32 UTC ( #564533=note: print w/ replies, xml ) Need Help??


in reply to Mad, bad and dangerous to know

"Matt's Script Archive" -"nms" filetype:pl ?

or leaving 'fatalstobrowser' in your production CGI.pm code ?


Comment on Re: Mad, bad and dangerous to know
Re^2: Mad, bad and dangerous to know
by Herkum (Parson) on Jul 30, 2006 at 13:44 UTC

    As much as everyone complains about how bad "Matt's Scripts" are, I don't think they are that bad. At the very least they have,

    1. Documentation and notes near the code describing what it is supposed to do
    2. Its neat, easy to read.

    I seen worse, the guy whose code that I took over in my last position had a 500 line if-elsif-else loop. No notes, no documentation, and a lot of it went beyond 100 characters per line (so I cannot even print it out to make it readable). That is BAD PERL CODE.

    I will take the examples you gave over the stuff I had to maintain anyday!

      No notes, no documentation, and a lot of it went beyond 100 characters per line (so I cannot even print it out to make it readable).
      In such a case, maybe Perltidy (external link) might be helpful ...

      -- Hofmator

        There are some cool things Perltidy can do, but break apart 100+ character strings/reg-expressions is not one of them.

      Do you really think that Matt's code is easy to read? I think it looks horrible. It's massively overcomplicated, it's full of outdated Perl 4 idioms and it doesn't make any use of modules which would reduce it in length by about a half.

      But my biggest problem with it is the number of people who have written other bad code following Matt's example. I'd guess that at least half of the broken, hand-coded CGI parsers that I see are based on Matt's code.

      Update: It's also worth noting that whilst the latest version of Matt's formmail is (as far as I can see) free from security holes, older versions that are famously insecure are still in use on hundreds of web servers.

      I know that the nms versions of the program are more secure and better written. I hope that they are also easier to read.

      --
      <http://dave.org.uk>

      "The first rule of Perl club is you do not talk about Perl club."
      -- Chip Salzenberg

        I'm pretty certain that the "un-webify" code that is everywhere came from some early Matt program.

        ?J\

      I seen worse, the guy whose code that I took over in my last position had a 500 line if-elsif-else loop. No notes, no documentation, and a lot of it went beyond 100 characters per line (so I cannot even print it out to make it readable). That is BAD PERL CODE.

      A lot of perl code is bad perl code.

      I've seen 500+ line loops in about 30% of the perl code I see. The lack of use strict is worse. No one writes tests; unit or otherwise. Documentation is restricted to crypic comments in the source than often guard against conditions that no longer apply, or are flat out wrong.

      It's easy to blame the coders, but management let it into production in that state...

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://564533]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (12)
As of 2014-10-01 17:31 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    What is your favourite meta-syntactic variable name?














    Results (31 votes), past polls