There is a disease which has spread among us. Its victims are gullible, miss informed and vulnerable. Once it has struck the consequences can be disastrous. Like any other disease, it is spread by those who are careless and those who have caught it themselves. The net positively stinks of it, seeping from every corner, page after page, just waiting to hitch a ride on another unsuspecting developer. What am I talking about? BAD CODE!!!!!
In my short outing on this earth I have seen the web go from a playground for script kiddies to a huge commercial entity. Anyone who doesn't use it is considered strange. A company that doesn't have a web site does not exist and home without an Internet ready PC is like a relic from the stone age. With this has come a new type of programmer. These are not hobbyists for which it is a way of life, they are individuals; often with other job titles trying to solve a specific problem as quickly as possible. These people often do not have the patience and problem solving ability of those who want to program, so rely heavily on search engines and forums to find the solutions to their problems. The thing is, if you are doing something you do not like, you want to get shot of it as quickly as possible - if it works, paste it in to your app and forget about it.
So, where does the problem come from? Let us approach form a different angle. There is a game called Chinese whispers. The object of the game is to whisper a message across a chain of several people; the irony is, that by the time the message has come to the end of the chain it bares no resemblance to the original. This, in my opinion is exactly where the problem lies.
You post a question on the forum asking how to solve a specific problem. "Mr 100 Posts Per Day" consults his 4GB library of samples, posts his response, hence solving the problem. But does this actually solve the problem? "Mr 100 Posts Per Day" rips his sample library from other posts and samples off the Internet and other forums; he doesn't know or care how the samples work, nor if they are the most secure, efficient and tidy way of solving the problem; but nor does the person asking the question (he has his code remember). OK, this is an extreme example, only a handful of "Mr 100 Posts Per Day" exist.
But, there are a huge number of developers out there who are happy to post code snippets with no explanation, no regard for best practice and who pay no attention to security and there are an even higher number who are willing to accept them for free. The result is that the "new to programming" programmer, who, is interested in programming and does want to learn, is being weaned on a mess of sloppy, insecure, inefficient code. Worse, these "new to programming" people, will with no doubt learn quickly and want to spread their knowledge; they write tutorials, post samples on forums and blog.
The web is now a pandora's box if you are new to programming. Because the majority of code out there is not even fit for the recycle bin, in fact it the hard disks that house this code should be put in a skip an nuked.
So where do the professional and expert programmers fit in? We have a huge responsibility to ensure that none of this code makes it past our eyes without us preaching/shouting the proper way and fixing it. Being a regular forum poster, I often find myself repeating in an endless loop; "do not use echo to output all your HTML", "do not execute queries without checking for errors", "sanitize variables", "indent code", "don't use tables for presentation" ... The list goes on. But I cannot stress more the importance of this, especially with languages such as Perl and PHP which provide a huge amount of flexibility but at the same time leave a lot of room for dreadful coding.
The coding community needs to wake up ... They need to realise that by giving samples which are knocked up in 5 minutes with no explanation is creating a generation of bad coders who get a terrible shock when they need to rewrite part of their application, clean up their company LAN after being attacked through an exploit, or just realise that all they have learnt in the past year is utter tosh.
Let us stand our ground and make the web a place of clean and secure code!!
5 comments:
Made me smile!
Why is it, on those forums you speak of, that so many of the posts are asking for help on how to do things that PISS PEOPLE OFF. "Plz give me code to flash taskbar." "Plz give me code to Shut down windows." "Pleze give code to prevent my program from ever closeing." etc, etc?
Interesting entry. I for one have never posted any code though I could probably contribute if I did enjoy solving others problems so explicitly for free. I think we all learn through experience that what is on the web has to be taken with a grain of salt and that includes code. Furthermore, 'caveat emptor' applies here. If you're smart, you look for code that does the job well and collect quality websites as sources. Then all that crap code posted in the ether can't really hurt you.
Excuse me Sir! Are you a "Mr 100 Posts Per Day" ?
People will follow examples. Set good examples and they will follow them. Unfortunately too many bad examples, so you find bad code.
One of the apps I am supporting was created in 1998. Its full of spaghetti code and the organization wants me to document the project architecture.
Post a Comment