pboyd.io

The day I wiped a production database table

It seems everyone has a story like this, but I’ll give you mine anyway. I was 6-months into my first real developer job, trying to fix a bug. Our application would sometimes insert rows with an invalid “foreign key” (we used MySQL with MyISAM, which didn’t have foreign key constraints–but it had an ID for another table anyway). Of course, the bug was only seen in production, so I had a production MySQL shell open to see the bad rows.

The regex [,-.]

I stumbled on this regex recently: \d{2}[,-.]\d{2}. The intention is clear enough: match two sets of two digits separated by a comma, a dash, or a period. Of course, it shouldn’t work. Dashes in character classes are special because they’re used for ranges (like [a-z] to match lower-case ASCII letters). If you want - in a character class you put it at the beginning, or the end, never the middle. So this should be [-,.

The Cargo Cult of Good Code

On Writing Well by William Zinsser is my second favorite book on software design. I know it has nothing to do with programming but let’s look at some lightly edited quotes: Clear thinking becomes clear coding; one can’t exist without the other. Look for the clutter in your code and prune it ruthlessly. Rewriting is the essence of programming. If that last one doesn’t seem to apply, consider that code isn’t really written so much as beaten it into shape and then refactored.

Let's build a virtual machine

I once heard about a High School student who thought Europe was the capital of France. Of course that’s ridiculous, but how long, do you suppose, someone can go believing Europe is in France and not the other way around? If you’re far from Europe physically and mentally, I’d bet you could go a lifetime, and it wouldn’t even matter. It’s only a problem when someone tries to use that fact.

You're not a 10x programmer

As I write this, it’s Saturday morning I’m sipping coffee and listening to light rain while sitting on my living room sofa. I hope anyone reading this is as cozy as I am. So please forgive me, and understand that it’s only with sorrow and under duress that I must throw this bucket of cold water on you: you’re probably an average programmer. That’s right, mediocre. Unexceptional. Why must I treat you so harshly?

Text Encoding: The Thing You Were Trying to Avoid

Programmers tend to treat text encoding like the office bore. You weren’t planning on a 2-hour conversation about your co-worker’s lawnmower today? Well too bad, because it’s happening now. Text encoding is much the same, it’s always around, but we’d rather avoid it. From time to time it pops over anyway to mess up your day and fill you in about the latest nuance between a code point and a character, or something equally dull.

A simple case for unit tests

I learned recently that the word playwright is unrelated to write. It is, in fact, derived from wrought. A play is not written, it’s beaten into shape. In that vein, codewright ought to be a word, because I’ve never written software from top to bottom, it’s hammered and stretched until it’s right.1 My personal process usually goes like this: Figure out what the next bit of code should be Write it Run it Check the result Failed?

An experiment on code structure - Part 2

This is a follow-up to an experiment on code structure. To recap, I built two versions of a back-end for a simple web app with statistics about commercial airline flights. backendA had no real design behind it, it was just whatever fell out of keyboard. backendB was a structure that I’ve been using for the past couple years, it isolates dependencies, and uses interfaces with dependency injection. The two versions produce identical output, only the structure of the code is different.

How Not to Store Passwords

Here’s a fun list to look through: Dumb Password Rules. Most of the rules seem arbitrary, like only allowing digits, but some hint at deeper problems. For instance, preventing single-quotes. They aren’t inserting passwords into a database without a SQL placeholder, right? Nearly every site on that list has a needlessly short maximum password size. If they’re storing passwords correctly, there’s no need for this. This post will go through a few bad ways to store a password and you can see what I mean.

An experiment on code structure

Let’s say you want some software built. So you hire a team of smart developers, tell them what to build, and leave them alone. Inputs will be needed in the form of computer hardware, pizza and coffee. Of course, you expect outputs in the form of status updates (no one outside the team will understand the updates, but that’s beside the point). Since you hired smart developers and gave them everything they need, you can be sure they’ll do a good job in no more time than necessary, so you don’t to bother them with schedules and such.