The Big Programming Thread - Page 832

Prev 1 830 831 832 833 834 1032 Next

Thread Rules
1. This is not a "do my homework for me" thread. If you have specific questions, ask, but don't post an assignment or homework problem and expect an exact solution.
2. No recruiting for your cockamamie projects (you won't replace facebook with 3 dudes you found on the internet and $20)
3. If you can't articulate why a language is bad, don't start slinging shit about it. Just remember that nothing is worse than making CSS IE6 compatible.
4. Use [code] tags to format code blocks.

Blisse

Canada3710 Posts

January 29 2017 03:43 GMT

#16621

I'm 90% sure my last 2 places of work had no while loops explicitly in our coding guidelines. Say no to while loops!

And also to declare as close to usage as possible. I thought we've moved on from C89! For a project I spent some time hacking around things to get c99/gnu99 working because I wasn't going to live with only declaring at the start of functions.

Hanh

146 Posts

January 29 2017 04:18 GMT

#16622

That code,


int i = 0;

...

while (i++ < 10) {
    // do stuff
}

is asking for trouble. Some guy can change 'i' between the initialization and the while loop or inside the loop itself.

If your language permits it, something like


for i in 0 to 9 do 
 ...
done

It's shorter, clearer and safer ('i' is immutable).

tofucake

Hyrule19203 Posts

January 29 2017 05:05 GMT

#16623

"some guy"? Do you have random people working on your codebase? Doing while loops like that is perfectly acceptable, and was even required by C until C99 or something like that.

Hanh

146 Posts

January 29 2017 06:06 GMT

#16624

Yeah - I don't review/control all the code that is added to my code base. Write under K&R C rules if you want, but these bugs could have been avoided easily. Writing code that junior developers will find too troublesome to break is my defense.

spinesheath

Germany8679 Posts

January 29 2017 07:07 GMT

#16625

On January 29 2017 09:50 Manit0u wrote:

Show nested quote +

It's useful when you want to replace for loops with while loops (which is done behind the scenes by the compiler anyway, since for is just an alias for while). It saves you but a line of code compared to the proper while loop, but if your project will have thousands of those, it's thousands of lines saved.

ex:


for (int i = 0; i < 10; i++) {
    // do stuff
}

// ^ translates to
int i = 0;

while (i < 10) {
    // do stuff
    i += 1;
}

Now, I prefer to write it this way:


int i = 0;

while (i++ < 10) {
    // do stuff
}

I prefer to use while over for whenever I can, mostly because I like to declare and initialize all the variables at the beginning of a function. Makes it easier to debug later on, even if it isn't the most efficient thing to do.

I don't see any debugging advantage at all with that. Nowadays it is common practice to declare variables as close to usage as possible, ideally right where they are initialized.

Also I much prefer to use a for loop in this case because it much clearer that the i is just a loop variable, going from some a to some b. Whenever I see a while loop like that I double check the progression of i because usually something other than simple increment is happening somewhere in there, which is why the for loop became awkward and was replaced with a while.

I have no issue with 1000 extra lines if that means that I don't mangle 2000 separate instructions into 1000 lines. You're incrementing and comparing in a single line. Sure it isn't so bad here if you use it as a fixed pattern, but unlike a for loop you can't even freely switch between pre- and postincrement here.

RoomOfMush

1296 Posts

January 29 2017 08:32 GMT

#16626

Besides what the others have said above, the two loops Manit0u has shown are not even equal in functionality. In the second while-loop the "do stuff" will happen after i has been incremented. In the for-loop and the first while-loop it happens before. I would call that a mild case of error potential.

spinesheath

Germany8679 Posts

January 29 2017 08:36 GMT

#16627

On January 29 2017 17:32 RoomOfMush wrote:
Besides what the others have said above, the two loops Manit0u has shown are not even equal in functionality. In the second while-loop the "do stuff" will happen after i has been incremented. In the for-loop and the first while-loop it happens before. I would call that a mild case of error potential.

Good point. I didn't even realize that. And considering I was talking about this exact construct and still missed it, I'd consider it a rather serious case of error potential.

Acrofales

Spain18271 Posts

January 29 2017 09:30 GMT

#16628

On January 29 2017 07:34 Manit0u wrote:

Show nested quote +

On January 29 2017 05:24 Acrofales wrote:
But why would you ever type a = a++; (except as a typo from ignorance)? The whole point of a++ is that it's shorthand for incrementing by 1. So if you use ++, you write it:


#include <stdio.h>

int main() {
	int a = 10;
	do {
		printf("Value of a: %d\n", a);
		a++ ;
		
	} while ( a <20 );
	
	return 0;
}

And voila, it works fine. The moment you start writing things with a = <do something with a>, you have to worry about operator precedence (in fact, any time you use multiple operators you have to think about that).


#include <stdio.h>

int main(void)
{
    int a = 10;

    do {
        printf("Value of a: %d\n", a);
    } while (a++ < 20);

    return 0;
}

That's how you do it (if you really want to use the ++ operator)

Pretty sure that will loop 10 times, whereas the initial code loops 9 times, because I *think* a < 20 has higher precedence than ++, so for that to work, you'd have to write it


#include <stdio.h>

int main(void)
{
    int a = 10;

    do {
        printf("Value of a: %d\n", a);
    } while (++a < 20);

    return 0;
}

And because of subtle bugs like this, I avoid concatenating ++ with other operators. I only use it as shorthand for i = i + 1, as a separate statement, or in a for loop in languages that don't support more modern syntax.

Hanh

146 Posts

January 29 2017 11:13 GMT

#16629

Isn't it ironic when what you recommend to do to avoid bugs is a bug itself?

RoomOfMush

1296 Posts

January 29 2017 11:53 GMT

#16630

On January 29 2017 20:13 Hanh wrote:
Isn't it ironic when what you recommend to do to avoid bugs is a bug itself?

Programming has a lot to do with personal experiences and confidence. People re-use code (and libraries & technologies) they have used before. It could very well be that Manit0u has more confidence in the second while-loop and that is why he uses it all the time. For him this may improve reliability & readability.
The only problem comes when you suddenly have to work in a team where each member is used to write things differently. This is when things can get messy. A good company will try to counteract this problem by imposing coding guidelines and force all employees to write these loops the same way to make sure nobody makes a stupid mistake when working with the code of somebody else.

But when you are working alone or with people who do things the same way as you do, you can do pretty much anything you feel comfortable with.

Acrofales

Spain18271 Posts

January 29 2017 21:53 GMT

#16631

Nvm, my post above is wrong :p But I stand by my point that it's confusing :p

Thaniri

1264 Posts

January 30 2017 00:04 GMT

#16632

Can anyone help me with a PHP question? (school question if you want to ignore those):

Im creating a login/create account form and trying to hash my passwords. When I'm salting + hashing a password what do I need to store in the database? Right now my database looks like: customer(cID, cHash, cEmail, cLname, cFname, cWallet)

So when a user creates an account I grab all the form inputs they have, hash+salt the password and store it in the cHash column.

Now when they want to login, how do I change their inputted password to the same thing as cHash?

Blitzkrieg0

United States13132 Posts

January 30 2017 00:30 GMT

#16633

You need to add a column to store their salt into your database. When the user enters their password into the form you add the salt and hash it. If the proper password was entered that will match the hash stored in the database.

Thaniri

1264 Posts

January 30 2017 00:43 GMT

#16634

Okay thanks, I should be able to do it now. Going to have to rewrite some methods.

edit: works like a charm

phar

United States1080 Posts

January 30 2017 01:44 GMT

#16635

On January 29 2017 14:05 tofucake wrote:
"some guy"? Do you have random people working on your codebase? Doing while loops like that is perfectly acceptable, and was even required by C until C99 or something like that.

You should generally always assume that your code is going to be read more than it is written, and modified many times down the road by others.

In related news, herein lies the usefulness of automated testing infrastructure.

Manit0u

Poland17731 Posts

January 30 2017 01:46 GMT

#16636

On January 30 2017 09:30 Blitzkrieg0 wrote:
You need to add a column to store their salt into your database. When the user enters their password into the form you add the salt and hash it. If the proper password was entered that will match the hash stored in the database.

Fuck no! Your solution is good but for more general use, not PHP itself.

With PHP you should use the password_hash() and password_verify() functions. PHP 7 has even deprecated the 'salt' option for those... What it does is use bcrypt (at the moment, might change the default if something stronger will come along and be established enough - like Argon2) to hash your password, generates salt automatically and stores it inside the password itself (as of PHP 5.5 default algo is bcrypt and cost is 10).

So, what you need in the db (absolutely minimal setup):


TABLE: users
COLUMNS: id, username, password

Then, in your code:


class User
{
    protected $id;
    protected $username;
    protected $password;

    public function setPassword($password)
    {
        $this->password = password_hash($password);
    }

    public function getPassword()
    {
        return $this->password;
    }

    public function passwordValid($password)
    {
        return password_verify($password, $this->password);
    }
}

And that's it. You never know what the plaintext password is, or what the salt is. With this approach you can also use stuff like password_needs_rehash() in case you change your hashing algo. It's dead easy to implement a simple way to gradually update your user passwords as necessary without having to do some complex logic and database juggling.

Edit:

Also, to the posters above, I was wrong about those loops but I was up for 23 hours at the time of writing that and my mind just wandered random places...

Blitzkrieg0

United States13132 Posts

January 30 2017 02:13 GMT

#16637

Why does php obscure the salts? That just seems like a fundamental misunderstanding of the purpose of salts.

Hanh

146 Posts

January 30 2017 02:57 GMT

#16638

It doesn't obscure it. It puts it in the returned value before the actual hash value. That's to avoid the mistake of forgetting to store the salt and cost separately.

WarSame

Canada1950 Posts

January 30 2017 05:05 GMT

#16639

Could any of you please tell me why I can access the local host version of my server but cannot access it through my external IP? I allowed traffic through the firewall according to this guide.

Nesserev

Belgium2760 Posts

January 30 2017 05:14 GMT

#16640

--- Nuked ---

Prev 1 830 831 832 833 834 1032 Next

Please or register to reply.

The Big Programming Thread - Page 832

Completed

Ongoing

Upcoming