Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
** The most hilarious authentication implementation I've ever seen **
They stored password in cleartext, but never mind, this is sadly quite common.
For some reasons credentials were also case insensitive (maybe to avoid silly tickets from CAPS LOCK lovers?).
Then I had a look to the query executed during the login:
SELECT * FROM users WHERE username LIKE ? AND password LIKE ?;
So I tried logging in with user "admin" and password "%"... and it worked!
I laughed all the day.30 -
I wanted to post a note on devRant community etiquette and rule-breaking behavior we’ve been seeing lately to make clear it will not be tolerated. This is pretty much a rehash of this rant, https://devrant.com/rants/609739/... and also our official rules which I highly encourage people to read: https://devrant.com/rules
I’ve noticed an influx of a select group of members, mostly older users, expressing a distain towards other users or declaring content they dislike “shouldn’t be posted”, “please stop”, etc. If you find yourself about to post that, as per our rules, please don’t. It blatantly violates our rules and we are going to start cracking down on it much more. Whether you have 30k+ points or 10, we will apply the rules fairly to everyone and not give breaks to specific people, which admittedly I’ve done in the past.
If we see this behavior in rants/comments first we will give a warning (and the rant/comment will be deleted) and the next offense is a ban.
A valid question (even though I’ve answered it before) might be why does this need to be a rule? Simply put, it’s a rule for a number of reasons: posts like described try to inflict one’s will upon the entire community (even though we have a Democrat voting process...), they create confusion (almost every time they try to sound official, ex. “Stop doing this”), and beyond those two main reasons, they literally accomplish nothing because they offer no constructive methods of achieving what’s being requested, and only a fraction of the community will actually see it.
Here’s an example of what’s not allowed and what is allowed:
- Allowed: posting an issue on our GitHub issue tracker saying “I really dislike seeing this type of rant in my algo feed, here’s some ideas I have to improve the algo and add more personalization so I can see what I want.”
- Allowed: posting on GitHub issue tracker: “I found this awesome image similarly algo that I think can improve the ‘repost check feature’ - you guys should check it out and see if it might be good”
- Not allowed: “Omg stop shitposting windows update rants and Linux rants I hate them. Go post this type of rant because that’s what everyone really wants to see.”
One is constructive an the other is merely an opinion expressed as an enforcement of a self-made rule on the community and tries to tell other people how they should use devRant.
I cringe when people tell others how to use devRant because without fail when I see those posts, I go through that person’s rant/comment history and I nearly always see them using devRant in some kind of way I disagree with or isn’t exactly what I like to see. But that’s OK. I understand I’m not going to enjoy everything posted and I’m also not going to agree with everything posted. But I think it’s fair for those same people to then lecture on what isn’t appropriate to post on devRant, and it’s even more silly when their posts are sometimes irrelevant to development and the posts they are complaining about are relevant.
In the end, based on the large majority of feedback we get, we want to make devRant a place where everyone feels comfortable expressing themselves and doesn’t have to think about possibly getting ridiculed every time they post and that don’t have people trying to dictate what kind of ideas they are allowed to post. We also realize there’s types of content people don’t enjoy, but telling others not to post it is not the solution. We will soon be launching post type filters that will make filtering rants by post type possible.
Please let me know if you have any questions and thanks for reading.64 -
There was a time I made an update on one of our client's e-commerce website sign-up page. The update caused a bug that allowed new users to create an account without actually creating an account.
The code block meant to save user credentials (i.e email address and password) to the database was commented out for some reasons I still can't remember to this day. After registration new users had their session created just as normal but in reality they have no recorded account on the platform. This shit went on like this for a whole week affecting over 350 new customers before the devil sent me a DM.
I got a call from my boss on that weekend that some users who had made purchases recently can't access their account from a different device and cannot also update their password. Nobody likes duty calls on a weekend, I grudgingly and sluggishly opened up my PC to create a quick fix but when I saw what the problem was I shut down my PC immediately, I ran into the shower like I was being chased by a ghost, I kept screaming "what tha fuck! what tha fuck!!" cus I knew hell was about to break loose.
At that moment everything seemed off as if I could feel everything, I felt the water dripping down my spine, I could hear the tiniest of sound. I thought about the 350 new customers the client just lost, I imagined the raving anger on the face of my boss, I thought about how dumb my colleagues would think I was for such a stupid long running bug.
I wondered through all possible solutions that could save me from this embarrassment.
-- "If this shitty client would have just allowed us verify users email before usage things wouldn't have gotten to this extent"
-- "Should I call the customers to get their email address using their provided telephone?... No they'd think I'm a scammer"
-- "Should I tell my boss the database was hacked? Pffft hack my a**",
-- "Should I create a page for the affected users to re-verify their email address and password? No, some sessions may have expired"
-- "Or maybe this the best time to quit this f*ckn job!"
... Different thoughts from all four corners of the bathroom made it a really long bath. Finally, I decided it was best I told my boss what had happened. So I fixed the code, called my boss the next day and explained the situation on ground to him and yes he was furious. "What a silly mistake..!" he raged and raged. See me in my office by Monday.
That night felt longer than usual, I couldn't sleep properly. I felt pity for the client and I blamed it all on myself... yeah the "silly mistake", I could have been more careful.
Monday came boss wasn't at the office, Tuesday, Wednesday, Thursday, Friday not available. Next week he was around and when we both met the discussion was about a different project. I tried briefing him about last week incident, he seems not to recall and demands we focus on the current project.
However, over three hundred and fifty customers swept under the carpet courtesy of me. I still felt the guilt of that f*ck up till this day.1 -
I appreciate all of your suggestions to improve devRant but I've a counter suggestion to make. Please do not post silly ideas. We should not try to make this community another Facebook or Twitter. Let's keep it simple and plain. We're better than non-dev users in many ways.5
-
So I just receieved a rude email from my client as candidates cannot register on his system. He is adamant that the system I built doesn't work........until he found out that candidates are silly and not reading notifications written in h1 with a font size of 33px that states "Please check your email to activate your account".......
FUCK SAKE READ PEOPLE.... READ!2 -
What do you windows users out there use for full disk encryption? Anyone using anything else than bitlocker?
Asking for a friend or some silly excuse like that.10 -
The only thing worse than client QA is client vendor QA.
I do QA for a company that does custom implementations of a major e-commerce platform. On one of my current projects, the customer has elected to outsource their UAT, and isn't willing to wait for the site (or even individual features) to be complete before starting testing, so I've been triaging a lot of silly tickets. But today took the cake.
This system allows users to save their credit card info. The vendor QA guy filed a ticket "reporting" that if he saved a cc with a given number, then created a new cc record with the same number but a different expiration date, the original record was overwritten, rather than a new record being created.
I just stared at the thing for like five minutes, gathering the mental strength to reply with something other than "you're an idiot."3 -
Since i needed higher quality data for retoor9b I invested some time in the statistics project. It became quite decent. It's not a silly script anymore.
I also had rank per user regarding popularity (upvotes / post avg). It got lost somehow. I only know that IHateForALiving has second place. Root 10th. Netikras 14th, Lensflare 15th). First place was by not regular user who made one post with six upvotes. That's all. Hihi.
Repository: https://retoor.molodetz.nl/retoor/...
Dataset for LLM: embeddings:https://retoor.molodetz.nl/retoor/...
Graph compilation with ALL users active last few weeks:
https://retoor.molodetz.nl/retoor/...
All generated data by this project: https://retoor.molodetz.nl/retoor/...
Build / latest export status: https://retoor.molodetz.nl/retoor/...
In the LLM dataset you'll see more interesting data for every user like:
Statistics: User(ranter) retoor made 505 contributions to devRant(developer community) what means retoor owns 1.0 percent of contributions on devRant(developer community). The avarage post length of retoor is 219 and total post length is 111037. retoor owns 0.0 percent of content on devRant(developer community).
retoor is 315 times mentioned on devRant(developer comminity).2 -
A self rant here.
I have noticed how much ever you think of UX by yourself and try to think u are a genius for coming up with it, users are going to shit over your idea anyways.
I recently thought of this genius idea of forcing users to put their "Full Name", cause it elevates the gaming experience, as it's a group party game. For that I thought of adding two boxes: "Full Name" and "Nickname". So users will be forced to put a silly name in the nickname box but in full name they would add their real name.
To my surprise out of everyone who has played my game only 4-5% of people have added their real name, I have had people enter random characters in both the boxes.
I have even mentioned that this information is used to enhance the game experience.. still!!
29
Top Tags
Weekly Rant
View