This is absolutely hilarious (i.e. how not to program a script)

Discussion in 'Web Development and Programming' started by CM30, Oct 20, 2013.

  1. CM30

    CM30 Regular Member

    Joined:
    Jul 1, 2012
    Messages:
    901
    Likes Received:
    500
    Saw this on Webhosting Talk and Reddit fairly recently, but haven't seen it here yet. Basically, this web hosting control panel is an absolute gold mine of coding missteps and generally bad ideas. Such as...

    An online update script which asks for server root information and sends it in plain text:

    http://www.zamfoo.com/updatezamfoo

    Use of perl scripts to download things and extract zip files with no error checking whatsoever and various other things.

    The owner's generally poor attitude towards criticism that often involves threats and stuff. And which used to involve a video of him trying to 'hack' one of his competitor's scripts.

    Really, it's just hilarious how badly designed this whole thing is. Read the whole story here and just weep at how much stuff is so screwed up:

    http://www.reddit.com/r/programming/comments/1gfve8/how_not_to_handle_a_critical_security/

    The 'personal bio' thing is hilarious too, for all the wrong reasons:

    http://www.zamfoo.com/control2/kb/index.php?task=article&article_id=48&category_id=6

    So yeah, apparently this is something. And there I was thinking vBulletin 5 and Moodle were as bad as you could get for programming and company management. Just... wow.
     
  2. bearbin

    bearbin Regular Member

    Joined:
    Dec 1, 2013
    Messages:
    2
    Likes Received:
    0
    Wow... There are so many terrible things there.

    And on the page: "special characters may not work" on the root password input field. Encouraging bad passwords as well as showing how bad they are at programming.
     
  3. MyDigitalpoint

    MyDigitalpoint Regular Member

    Joined:
    Jun 5, 2013
    Messages:
    114
    Likes Received:
    30
    Location:
    Virtual World
    Besides all what is said and the vulnerabilities involved with this plugin, the site looks so amateurish that I don't see how someone could take zamfoo seriously.
     

Share This Page