Sunday, June 23, 2024

CodeSOD: A Serial Offender

Programming LanguageCodeSOD: A Serial Offender


Michael has a confession. Once upon a time, a very long time ago, he needed to write some JavaScript to serialize data and send it as part of a request. The challenge for Michael is that he didn't actually know JavaScript or what its built in functions could do and the task was already past the deadline by the time it got assigned to him.

function objectPrepareSave()
{
    for(var _a = 0; _a < aEditfields.length; _a++)
    {
        try
        {
            tinyMCE.execCommand('mceRemoveControl', false, aEditfields[_a]);
        }
        catch(err)
        {
        }
    }

    /* Basic Data */
    var _out = "DATA:{";
    _out += 'online="'+escape(getElementById("objOnline").checked)+'"';
    _out += ';;ref="'+escape(getElementById("objRefnum").value)+'"';
    _out += ';;name="'+escape(getElementById("objName").value)+'"';
    //_out += ';;parent="'+escape(getElementById("objParent").value)+'"';
    //_out += ';;rubric1="'+escape(getElementById("objRubric1").value)+'"';
    //_out += ';;rubric2="'+escape(getElementById("objRubric2").value)+'"';
    //_out += ';;rubric3="'+escape(getElementById("objRubric3").value)+'"';
    _out += ';;category="'+escape(getElementById("objCat").value)+'"';
    _out += ';;stars="'+escape(getElementById("objStars").value)+'"';
    //_out += ';;isle="'+escape(getElementById("objIsle").value)+'"';
    _out += ';;municipio="'+escape(getElementById("objMuni").value)+'"';
    _out += ';;city="'+escape(getElementById("objCity").value)+'"';
    //_out += ';;desc="'+escape(getElementById("objDesc").value)+'"';
    _out += ';;sDesc="'+escape(getElementById("objSDesc").value)+'"';
    //_out += ';;extra="'+escape(getElementById("objXtra").value)+'"';
    _out += ';;addition="'+escape(getElementById("objAdd").value)+'"';
    _out += ';;gifs="'+escape(getElementById("objPicList").innerHTML)+'"';
    _out += '}';
   
    /* Detail Data */
    _out += "::DETAILS:{";
    _out += 'null="null"';
   
    var _tbl = getElementById("detailTable");
    for(var _i = 1; _i < (_tbl.rows.length-1); _i++)
    {  
        var _row = _tbl.rows[_i];
        _out += ';;' + (_i - 1) + '="' + escape(_row.cells[1].textContent + ';' + _row.cells[2].lastChild.value) + '"';
    }
   
    _out += '}';
   
    /* Price Data */
   
    _out += '::PRICE:{';
    _out += 'null="null"';
   
    _tbl = getElementById("priceTable");
    for(var _i = 0; _i < _tbl.rows.length; _i++)
    {
        var _row = _tbl.rows[_i];
        if(_row.cells.length == 1)
        {
            _out += ';;' + _i + '="' + escape(_row.cells[0].textContent) + '"';
        }
        else
        {
            _out += ';;' + _i + '="';
            var _o = "";
           
            for(var _h = 0; _h < _row.cells.length; _h++)
            {
                _o += _row.cells[_h].textContent + ';';
            }
            _o = substr(_o, 0, strlen(_o) - 1);
            _out += escape(_o) + '"';
        }
    }
   
    _out += '}';
   
    _out += '::TPL:{';
    _out += 'null="null"';
   
    _tbl = getElementById("tplTable");
    var _index = 0;
    for(var _i = 0; _i < _tbl.rows.length; _i++)
    {
        var _row =_tbl.rows[_i];
        if(_row.cells.length == 1)
        {
            _out += ';;' + _index + '_' + _row.id + '="';
        }
        else
        {
            var _o = '<'+escape(_row.cells[0].textContent)+'>=<';
            if(_row.cells[1].childNodes[0].tagName)
            {
                if(_row.cells[1].childNodes[0].tagName == "INPUT" || _row.cells[1].childNodes[0].tagName == "TEXTAREA")
                {
                    _o += escape(_row.cells[1].childNodes[0].value);
                }
            }
            else
            {
                _o += escape(_row.cells[1].childNodes[0].nodeValue);
            }
           
            _o += '>';
            _out += escape(escape(_o));
        }
        _index++;
    }
   
    _out += '"}';
   
    aEditfields = new Array();
   
    return _out;
}

The code is fairly simple, as such things go: iterate across a bunch of form fields and concatenate together a string that contains the serialized version. Performance is terrible, the data format is… unusual, and nobody wants to support this code.

Which means we don't need to punish Michael for writing it- he still supports it, which is punishment enough.


.comment { border: none; }

[Advertisement]
ProGet’s got you covered with security and access controls on your NuGet feeds. Learn more.

Check out our other content

Check out other tags:

Most Popular Articles