Dimitrios Kalogirou offers good advice:
Write self descriptive code ! Your code should be read like sentences. Avoid smart shortcuts and tricks because they break the reading… I use code comments when the code is not really self documenting. Comments should convey what code cannot. They should explain the reasons for a specific design decision, they should explain what code is supposed to achieve and why.Comments Off on Code Comments Gone Wrong | Filed in Tips | Tags: programming
The lack of women in programming is in part a cultural issue that differs from region to region. In developed countries, very few women work as programmers whereas in Brazil and India a lot of women pursue careers in IT. Women in developed countries perceive the field as isolating and very few young women graduate in computer science. This perception of isolation was based in reality decades ago, but that is no longer the case today.
Well, you may be surprised to learn that the earliest computer programmers were women and that the programming field was once stereotyped as female.Comments Off on Women as Programmers | Filed in Technology | Tags: gender, programming
“Hello World” is the first program one usually writes when learning a new programming language. The first Hello World program appeared in chapter 1.1 of the first edition of The C Programming Language, in 1978. Since then, Hello World has been implemented in just about every programming language on the planet.2 Comments | Filed in Interesting | Tags: programming
The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
Rank Score ID Name  346 CWE-79 Failure to Preserve Web Page Structure (‘Cross-site Scripting’)  330 CWE-89 Improper Sanitization of Special Elements used in an SQL Command (‘SQL Injection’)  273 CWE-120 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)  261 CWE-352 Cross-Site Request Forgery (CSRF)  219 CWE-285 Improper Access Control (Authorization)  202 CWE-807 Reliance on Untrusted Inputs in a Security Decision  197 CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)  194 CWE-434 Unrestricted Upload of File with Dangerous Type  188 CWE-78 Improper Sanitization of Special Elements used in an OS Command (‘OS Command Injection’)  188 CWE-311 Missing Encryption of Sensitive Data  176 CWE-798 Use of Hard-coded Credentials  158 CWE-805 Buffer Access with Incorrect Length Value  157 CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP File Inclusion’)  156 CWE-129 Improper Validation of Array Index  155 CWE-754 Improper Check for Unusual or Exceptional Conditions  154 CWE-209 Information Exposure Through an Error Message  154 CWE-190 Integer Overflow or Wraparound  153 CWE-131 Incorrect Calculation of Buffer Size  147 CWE-306 Missing Authentication for Critical Function  146 CWE-494 Download of Code Without Integrity Check  145 CWE-732 Incorrect Permission Assignment for Critical Resource  145 CWE-770 Allocation of Resources Without Limits or Throttling  142 CWE-601 URL Redirection to Untrusted Site (‘Open Redirect’)  141 CWE-327 Use of a Broken or Risky Cryptographic Algorithm  138 CWE-362 Race Condition
It can take a fairly stable team of programmers as long as six months to get to a point where they’re estimating programming time fairly close to actuals, says Suvro Upadhyaya, a Senior Software Engineer at Oracle. Accurately estimating programming time is a process of defining limitations, he says. The programmers’ experience, domain knowledge, and speed vs. quality all come into play, and it is highly dependent upon the culture of the team/organization. Upadhyaya uses Scrum to estimate programming time. How do you do it?Comments Off on How Do You Accurately Estimate Programming Time? | Filed in Oracle | Tags: programming
Are you a computer programmer? Here is what Half Sigma thinks about your profession:
So, if you are a computer programmer, maybe you should change your career and become a database administrator. After all, database administration is one of the fastest-growing jobs in the United States.
I believe that no matter what your profession is, keeping up to date with the “what’s new” in your industry/technology is very essential to career development.39 Comments | Filed in Interesting, Technology | Tags: programming
One of my ex-coworkers emailed me this photo. The subject of the email was: Winner of “not my job” award.
When I looked at this photo, the word “laziness” started flashing in my mind. My thoughts then wandered to laziness as it related to programming. I then asked myself: what is laziness in programming? Here are a few thoughts:
Throughout my career I was guilty of being lazy. But some may argue that good programmers are not only lazy, but also dumb:
…for a lazy programmer to be a good programmer, he (or she) also must be incredibly unlazy when it comes to learning how to stay lazy â€“ that is, which software tools make his work easier, which approaches avoid redundancy, and how he can make his work be maintained and refactored easily.
…a good programmer must be dumb. Why? Because if heâ€™s smart, and he knows he is smart, he will: a) stop learning b) stop being critical towards his own work… a good programmer, when confronted with a problem from management, will adopt this mindset of being dumb; he will start asking the most simple, child-like questions. Because he doesnâ€™t accept the parameters suggested to him that someone thinks make up the problem.
So, you should always try to be lazy in an “unlazy” way, and dumb in a smart way.12 Comments | Filed in ColdFusion, Interesting, Oracle | Tags: programming
Here is a list of 10 programming quotes I picked from this longer list, and what I learned from each:
It’s hard enough to find an error in your code when you’re looking for it; it’s even harder when you’ve assumed your code is error-free.
Lesson: Always assume that your code is buggy and code accordingly.
Be careful about using the following code — I’ve only proven that it works, I haven’t tested it.
Lesson: Always test your code.
Good code is its own best documentation. As you’re about to add a comment, ask yourself, “How can I improve the code so that this comment isn’t needed?”.
Lesson: Write clear maintainable code.
Incorrect documentation is often worse than no documentation.
Lesson: Make sure your documentation really reflects what your code is doing and vice verse.
Measuring programming progress by lines of code is like measuring aircraft building progress by weight.
Lesson: The number of lines of code is irrelevant in measuring software development progress, measure by what the code does and how fast it does it.
Just because the standard provides a cliff in front of you, you are not necessarily required to jump off it.
Lesson: Do not blindly follow any standard, understand first.
The most important single aspect of software development is to be clear about what you are trying to build.
Lesson: Understand the problem first, then build the solution.
Good programmers use their brains, but good guidelines save us having to think out every case.
Lesson: Understand and use software design patterns whenever possible.
Simplicity is the ultimate sophistication.
Lesson: No comment.
The primary duty of an exception handler is to get the error out of the lap of the programmer and into the surprised face of the user. Provided you keep this cardinal rule in mind, you can’t go far wrong.
Lesson: Apply exception handling liberally across all your programs. 🙂
So, I was tasked with changing a simple ColdFusion application. The application was written by a former co-worker who was also a “ColdFusion developer”.
The application has an HTML form in a login.cfm page that submits to a login_action.cfm page.
Now, take a look at this login_action.cfm, what am I supposed to do? Go hang myself? The following is an exact copy/paste: Continue reading…13 Comments | Filed in ColdFusion | Tags: programming