This is absolutely hilarious (i.e. how not to program a script)

Saw this on Webhosting Talk and Reddit fairly recently, but haven't seen it here yet. Basically, this web hosting control panel is an absolute gold mine of coding missteps and generally bad ideas. Such as...

An online update script which asks for server root information and sends it in plain text:

http://www.zamfoo.com/updatezamfoo

Use of perl scripts to download things and extract zip files with no error checking whatsoever and various other things.

The owner's generally poor attitude towards criticism that often involves threats and stuff. And which used to involve a video of him trying to 'hack' one of his competitor's scripts.

Really, it's just hilarious how badly designed this whole thing is. Read the whole story here and just weep at how much stuff is so screwed up:

http://www.reddit.com/r/programming/comments/1gfve8/how_not_to_handle_a_critical_security/

The 'personal bio' thing is hilarious too, for all the wrong reasons:

http://www.zamfoo.com/control2/kb/index.php?task=article&article_id=48&category_id=6

So yeah, apparently this is something. And there I was thinking vBulletin 5 and Moodle were as bad as you could get for programming and company management. Just... wow.

 

Wow... There are so many terrible things there.

And on the page: "special characters may not work" on the root password input field. Encouraging bad passwords as well as showing how bad they are at programming.

 

Besides all what is said and the vulnerabilities involved with this plugin, the site looks so amateurish that I don't see how someone could take zamfoo seriously.