Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
athlon173223yAnd then my favourite - pièce de résistance. A button that is supposed to update an entry in the DB that does jack shit.
-
athlon173223yI’m so glad that this Friday it’s all over and 80% of the grade is an individual work. Even if it doesn’t compile due to my colleague’s code - I don’t care! :)
-
C0D4681383yI mean, the login works right... sure it's not secure but that's not a thing taught or graded on so what's it matter.
I'm going to go hang your friend 🫠-
@C0D4 How it's not secure ? It depends on Encrypt I guess. Personally, I'm usung BCrypt. With option of 11.
-
C0D4681383y@NoToJavaScript hold up.
I was referring to @athlon's rant screen shot, the username is the only value sent to the Db, based on what I'm seeing.
Using bctypt without a hash is one thing. Actually comparing the hash is another 😂 -
Voxera115853y@NoToJavaScript well, the encrypt does not accept anything but password.
That means its not using any salt, hence not secure. -
athlon173223y@Voxera That actually has been modified post screenshot. Now all users have an unique salt.
-
athlon173223y@C0D4 from what you actually see, he’s trying to run “CheckLogin” void (which should either be a book, or preferably a Login object btw) by putting Login object into function that accepts two strings - and then he asks what’s wrong!
Buddy, the solution is staring in your face - figure it out! -
@athlon you don't need anything beside password. For example Bcrypt manages salt automaticlly, no need to even remember it exists. But it does come with a cost. It take around 150 ms to check if password is correct. (Afain with 11 as "dificulty", I don't remember the exact term).
I tried to bump that factor to 13, but it starts to be really long as a check ;p -
Oh but. Where did you find that code ?!
Surelly there is a pipeline which compiles and will not permit to merge a PR with compilation errors ? Who the fuck can even submit that ?! -
Voxera115853y@NoToJavaScript not quite.
Bcrypt for verification uses the password and the stored value and checks internally.
If using only password you can only store it, not test since every new call creates a new salt that is stored within the encoded value. -
It's so weird when people fail to grasp c-style languages' scoping logic. It's literally just "what happens in curly braces stays in curly braces". I also never understood why languages like Python or JS decided to violate this dead simple rule that effortlessly guarantees correctness.
-
athlon173223y@lbfalvy I wholeheartedly agree. I think it’s way easier to read and understand the code than it is with tabs in Python too.
-
Voxera115853y@lbfalvy for js its actually quite simple.
Before they introduced the let keyword, js used function scoping
And the base document can be considered a main function.
Nested functions have their own scope but can access the parent scope.
Just as c uses “{}” js uses “function(){}”
With that difference scoping then works just the same.
Related Rants
-
netikras7The colleague: - I can't work, my chair is uncomfortable - I can't work, my chair is not ergonomic - I can'...
-
PaperTrail10#3 Worst thing I've seen a co-worker do? A 20-something dev, 'A', back in the early days of twitter+facebook...
-
darksideofyay3devrant: tell us about your shitty co-workers everyone:
Not co-worker, but class mate. Specifically, my group mate.
Boy, I could fill an entire book with the “what the fuck” moments.
Here, the prior question of his was “why is this happening?”
rant
wk306
classmates