Subscribe to Moonbat's Lair
Leave Comment
Posted by
Moonbat 
I've been using PHP for about a year now, so I'd like to say I have a decent grasp of the language. But I've seen some things that make me wonder why the coders did it. Some are legitimate gripes, others are just my own pet peeves Why bother making a forum post, when I can make a blog post? This thing hasn't been used since I created it a while ago anyway.
1. Base64 != 1337 3ncryp710n t00L
I've seen this especially with 'web shells' used to exploit remote file inclusion vulnerabilities. Honestly, what is the point of it? To all those people who make web shells and then backdoor them, your Base64 won't hide anything. Sure it'll take a whole two seconds to decode it, but once it's decoded, the DB details from the connection being made by your 5-minute-hackjob of a backdoor are clear as day.
2. // Commenting every line no matter how mundane or obvious
I know that md5() hashes a string using the MD5 algorithim, thanks.
3. Spaghetti includes
Problem 1 - Create a function similar to foreach() to iterate through an array, but only if the array consists of nothing but integers. Be sure to have it include a file which includes a file that includes another three files that include the first file and also include two other files that include the second file included by the file that is included by the first file, which should also make use of require on four new files that include each other and require at least one other file.
See how hard that is to understand? Now imagine reading through code that uses include() and/or require() in such a manner.
4. ASCII art in code (art courtesy of http://chris.com/ascii/)
It looks cool, but my personal view is that it has no place in code, especially if it's as big as this one (which I've seen before). I've seen people brag about 1000+ lines of code. Heads up, ASCII art doesn't (well, shouldn't) count. Also, be sure to notice how much longer this post looks due to the ASCII art.
5. $Overuse['Of']['Multidimensional']['Arrays']
I hate it when multidimensional arrays are abused like this. I have seen an array like this being used to hold stuff like pathnames, username and password details, etc. It's confusing and, frankly, why not use something like classes to hold all this stuff?
Thanks for reading my first post, and I hope you enjoy it.
1. Base64 != 1337 3ncryp710n t00L
I've seen this especially with 'web shells' used to exploit remote file inclusion vulnerabilities. Honestly, what is the point of it? To all those people who make web shells and then backdoor them, your Base64 won't hide anything. Sure it'll take a whole two seconds to decode it, but once it's decoded, the DB details from the connection being made by your 5-minute-hackjob of a backdoor are clear as day.
2. // Commenting every line no matter how mundane or obvious
I know that md5() hashes a string using the MD5 algorithim, thanks.
3. Spaghetti includes
Problem 1 - Create a function similar to foreach() to iterate through an array, but only if the array consists of nothing but integers. Be sure to have it include a file which includes a file that includes another three files that include the first file and also include two other files that include the second file included by the file that is included by the first file, which should also make use of require on four new files that include each other and require at least one other file.
See how hard that is to understand? Now imagine reading through code that uses include() and/or require() in such a manner.
4. ASCII art in code (art courtesy of http://chris.com/ascii/)
@=====@ #=@ @=#_ # \/\/\/\/\/\ #\ @@| _ _ |@@( @@|\|_|-|_|/|@@ ) @| /\ |@ ( | \~~~~/ | ) | ~~~~ | | \_______/ | _________| |_______(____ / \ / ( `\ / / | fvk \ / |-\---, \ _______/ /__|_______@_______|__)___\ \________ |\ \ \___ ______________# | |__ \ |\\ /\ \ ', |\ # W W W W @@ \ /ooo `, \ ||\\ ' ooo \\#\ # W W W W @@ \ ' \ \ || \\ \ ; \#\___o_o_o_o____\ \ ; \ \|_|\\ `,_____/ \|______________| `,_____/ \ \\ \ \\ \ \\_______________________________________________\ \ ___________________________________________ | || | || | || | || | || | || | \|_| \|_|
It looks cool, but my personal view is that it has no place in code, especially if it's as big as this one (which I've seen before). I've seen people brag about 1000+ lines of code. Heads up, ASCII art doesn't (well, shouldn't) count. Also, be sure to notice how much longer this post looks due to the ASCII art.
5. $Overuse['Of']['Multidimensional']['Arrays']
I hate it when multidimensional arrays are abused like this. I have seen an array like this being used to hold stuff like pathnames, username and password details, etc. It's confusing and, frankly, why not use something like classes to hold all this stuff?
Thanks for reading my first post, and I hope you enjoy it.
Share This Entry:
0 Comments On This Entry
Tags
My Blog Links
Recent Entries
Search My Blog
0 user(s) viewing
0 Guests
0 member(s)
0 anonymous member(s)
0 member(s)
0 anonymous member(s)
|
|
| 