Avatar

Measure Twice, Shoot in Foot Once

@sudrien-scratched008 / sudrien-scratched008.tumblr.com

This is old. My current blog is at @sudrien.
Posts
Avatar

Exercise video aesthetic

You’re outside. Everything is dead. Everything is dead that can’t walk or drive away. This land never knew trees. The only thing between you and the horizon are a row of immaculately washed cars. A woman with sunglasses and big earrings caries a reporter-style microphone to introduce you. There are a few questions. People won’t stop wandering into frame to be seen with their cars. The sky is not filled with clouds, it’s just completely white. It cuts to you when you remember to put out your mat, because everything is dead.

You fold in half in a few different variations.

A guy two heads taller than you comes and hugs you by your head. HE then waves to the side, and a large croud of people waiting at the size for the recording to finish enter the frame. One dude tries to summersault on your mat. He fails, and his friends try to help him up.

End cut.

https://www.youtube.com/watch?v=cRLmIL1RQ3U

#I never knew what to do with this post#contortion#yoga
Avatar
reblogged
Avatar
mysticorset

I just need to share this.

So, this client I’m working with, real sweet people, great organization. I update their website for them with new events and information, because nobody there knows how the internet work. And their website is so old. It’s just static html, all the way down. Hundreds of pages of html that has been manually generated.

They also have a magazine, which of course you have to pay a subscription fee for. They want their readers to be able to access it online, but only the ones who pay for it. Each edition has a table of contents page on the site, and to get to the articles you have to enter a password that they send out with the hard copy of the magazine. 

On the page where you enter the password, it is just a standard masked text input and a button, and a javascript to make it go. The js is entirely inline, right there in the html between a couple of <script> tags. You can see the whole thing by pulling up the browser developer tool. As far as I can tell (I am not a javascript expert), this is what it does:

  1. User enters in some string of text and presses Submit (redturtle43)
  2. the string is passed through some mathematical functions and something to do with an array of very long random-looking strings (which are not random because there are only 5 of them and they are always the same for every edition)
  3. Then backwards math happens to it to return the original string entered (redturtle43)
  4. Compare the results of the math to see if there is an html file with the same name
  5. If yes, direct to that html file (redturtle43.html) (which has no further security functions and can absolutely be accessed unchallenged with a direct link)
  6. If no, return text in an alert and try again with unlimited attempts

As best as I can figure, this was a collaboration between a technologically illiterate manager who got a boastful script kiddie (probably in middle school and related by blood) with no actual idea what they were doing to satisfy a need that neither of them knew that was a thing before deciding it was necessary. I expect said kiddie was paid in pizza or possibly being allowed to have a beer without telling their mom.

My head hurts so badly. And I can’t change it because that is not what I’m being paid to do.

Avatar
mysticorset

About six people have asked to see this:

I would love for someone who understands it to explain exactly how terrible it is.

Avatar
sudrien-scratched008

Having reviewed this code a bit better - this is like padding a term paper.

Example:

phase1 = Math.ceil(Math.random()) - 6 + (2<<2) phase1 = Math.ceil( “A number between 0 and 1″ ) - 6 + (2<<2) phase1 = 1 - 6 + (2<<2) phase1 = -5 + (2<<2) phase1 = -5 + ( 8 ) phase1 = 3 pass[ phase1 + Math.round(Math.sin(Math.PI/2)-1) ] pass[ phase1 + Math.round(1-1) ] pass[ phase1 + Math.round(0) ] pass[ phase1 + 0 ] pass[ 3 ]

…that’s 10 mathematical operations for a static number

#this is very incomplete but every time I look at this code again I lose lifepoints
You are using an unsupported browser and things might not work as intended. Please make sure you're using the latest version of Chrome, Firefox, Safari, or Edge.