Here is some login form code from a developer I’m sure gets paid $60-70,000 yearly by this company.
function validate(text1,text2,text3,text4)
{
if (text1==text2 && text3==text4)
load(‘success.htm’);
else
{
load(‘failure.htm’);
}
}
As ever, ‘seniority’ doesn’t count what you’ve learned or how you apply it, only the number of years keeping a chair warm and finding ways to ‘play it safe.’ The example above is from a man who took three days to complete the famous 5 Minute Wordpress install, and did so without consequence.
When he was asked why he did what had, he said because “they didn’t really need a login.” Also known as “I’m too lazy a developer to spend two hours doing this in a proper way that protects our partners, so I’ll just add a single javascript function and spend the next two hours taking cigarette breaks.”
For those who don’t do web work at all: Imagine going to a secret clubhouse- the doorman says “What’s the password?” and you don’t have it. You could keep guessing and he’d keep denying you, but at the same time he’s also more than willing to let you look at his clipboard where in large letters it’s written “THE PASSWORD IS ABC123 AND THERE’S ALSO NO SECURITY AT THE SIDE DOOR.”
There are a few ways that what he did is offensive to those who make a living from the web and creating for it, but the part that bothers me is that this is the sort of thing that someone learns on their first day of basic web scripting and shouldn’t need to steal from a free site 5+ years into a job. He didn’t even put effort into stealing it- that page is literally the first Google result when searching “javascript login script.”
