43

My "programming" college...
Where I had to basically "unlearn" everything I knew about efficiency, organization and security in order to please my teacher...

Comments
  • 13
    Jesus Christ I fucking feel that.
    My teach uses such shitty code structure and doesn't even try to prevent f'd up input.
    Also that man has never heard of try catch.
    Basically all what we're supposed to be learning in class is so fucking crappy that every remotely sane person would get physically sick.
  • 16
    @Ranchonyx ikr...

    When I was in there:

    - Don't use hashes, use plaintext for storing password.

    - Don't use classes, use big function files.

    - Don't use seperate views, mix business logic and view logic.

    - Don't use PSR-4, just slam everything in arbitrary directories.

    - Don't sanitize your data, just slam it into your database as is.

    - Don't sanitize your data^2, just directly display it.

    - Don't use CORS, just allow any origin to send requests.

    - Don't use CSRF tokens, just allow anyone to send requests.

    - Don't use switch statements, use 1337666 if-elseif-else clauses.

    - Don't use negative statements to exit a function, create 1337666 nested if-elseif-else clauses.

    I wanna drink bleach just from remembering it...
  • 6
    @FinlayDaG33k this makes me wanna drink bleach.
  • 0
    substitute "data sanitation" with "prepared statements" but man, what a terrible teacher!

    I would have lost my cool on day one I'm sure...
  • 4
    @Ranchonyx Yes...

    And each of those things I didn't change would reduce my score by one...

    ...

    So that should explain why I always got failing grades :^)

    @SuspiciousBug Well, not exactly... even with prepared statements you can do some SQL Injections depending on circumstances (see stackoverflow:134099).

    I definitely did lose my cool at times...
  • 0
    @FinlayDaG33k That is one terrible bug, but if you change the charset of a(n SQL) connection while bypassing the client library that's on you.
  • 0
    Usually teachers are trying to teach a specific concept to people who might not know the rest of the concepts. Every course can hold student with quite different knowledge backgrounds. Imagine trying to teach how MPTT is used in databases, but the kids who are only there to learn the Data Structures component are having trouble with CORS, the ones that are more interested in security will have trouble with the data display, and you'll most likely have to solve their problems individually. Thankful my uni was quite open about that and encouraged us to add more features to our projects as long as it fulfilled the core requirements. Currently we tweak the interns' setting to the simplest possible, even if these may be insecure, and only care about security in the live server.
  • 1
    @eo2875 Yes, I understand that but they were actively holding back progress.

    If they, like you stated, said: "hey, as long as you fulfill the core requirements" then it would be fine.

    But no, they said I must fulfill the core requirements with *only* the information that was thaught to us by them at that period in time.

    So if I wanted to use GraphQL instead of REST for my API...

    Too bad, we haven't been thaught to use GraphQL so doing so would mean losing points...

    Despite the fucking goal of the exercise being XHR and JSON...

    The biggest bs point reduction I had in that college (please grab the nearest bottle of bleach in advance): I used PHP's OPCache...

    Yes...

    I got a point reduction for using PHP's OPCache in my config (just for some extra performance on the production server) because we hadn't learned about that yet...
Add Comment