Maximillion was hired to maintain a PHP CMS. His new employer, up to this point, had just been contracting out work, but as time went on, contracting rates got higher, the amount of time required to add basic features kept going up. It was time to go ta a full time employee.

"The system's pretty simple," the hiring manager explained during the interview, "as I understand it, it's basically just one PHP file."

It was not just one PHP file, but the manager wasn't that far off. The front page of the site was 4.9MB. That's not 4.9MB rendered, that's the PHP file. PHP and HTML existed side by side with in-line JavaScript and in-line CSS.

And the code had some… treats.

//strip content of extra tinyMCE <p> tags $offset=0; $content = " ".$content; while(($pos = @stripos($content,'<p>&nbsp;</p>',$offset))) { $content = substr($content,0,$pos).substr($content,$pos+13); $offset = $pos+13; } // doing this twice seems to get all of them out; $offset=0; $content = " ".$content; while(($pos = @stripos($content,'<p>&nbsp;</p>',$offset))) { $content = substr($content,0,$pos).substr($content,$pos+13); $offset = $pos+13; }

"Doing this twice seems to get all of them out". I get that TinyMCE, a WYSIWYG editor, might inject some noise into the generated HTML, and that you might want to clean out those <p>&nbsp;</p> tags, but why twice? The comment implies its necessary, but why?

Of course, no giant PHP file would be complete without reimplementing date logic.

public function time_from($timestamp){ $difference = time() - $timestamp; $periods = array("sec", "min", "hour", "day", "week", "month", "years", "decade"); $lengths = array("60","60","24","7","4.35","12","10"); if ($difference > 0) { // this was in the past $ending = "ago"; } else { // this was in the future $difference = -$difference; $ending = "to go"; } for($j = 0; $difference >= $lengths[$j]; $j++) $difference /= $lengths[$j]; $difference = round($difference); if($difference != 1) $periods[$j].= "s"; $text = "$difference $periods[$j] $ending"; return $text; }

Honestly, and it terrifies me to say this, while I've got a lot of problems with this function, it doesn't bother me as much as usual. Since the goal is to just sorta ballpark with "4 weeks ago" all the bad date assumptions don't matter that much. I still hate it.

And while the contractors clearly understood what functions were, that doesn't mean all of the contractors did. For example, this block:

$offset = 0; while($pos = @stripos($string,'src=',$offset)) { $first_quote = @stripos($string,'"',$pos+3); $second_quote = @stripos($string,'"',$first_quote+2); $first_3 = strtolower(substr($string,$first_quote+1,3)); if($first_3=='www'||$first_3=='htt'||$first_3=='mai') { if($first_3=='www') $string = $core->run_action('pages','str_insert',array('http://',$string,$first_quote+1)); } else $string = $core->run_action('pages','str_insert',array($url_fix,$string,$first_quote+1)); $offset = $second_quote+1; }

That just gets copy-pasted any time they need to do any URL handling. What, do you think you get to 4.9MB of source code by writing reusable code? You gotta copy/paste to get those numbers up!

[Advertisement] ProGet’s got you covered with security and access controls on your NuGet feeds. Learn more.