Pages:
Author

Topic: MtGox source code leaked ... - page 3. (Read 19047 times)

sr. member
Activity: 313
Merit: 250
i ♥ coinichiwa
March 03, 2014, 07:00:55 PM
#51
I've seen so much bad code in my life... even in enterprise systems... this one looks quite average  Grin

But not using curly brackets alone is something a developer should goto hell for.
hero member
Activity: 574
Merit: 500
March 03, 2014, 06:26:04 PM
#50
I prefer one monster super class...

Well I think we are done. 

Php ....lolz

MySQL...lolz

SpagettiCode...lolz

What does this all of the above bullshit add upto ....loss of 450million ++

All code should be loosely coupled & highly cohesive ... i.e dependency injection, discreete components that have no depenceys on each other.... break down of the layers UI,Business logic, middleware ...repos...etc etc etc

Gox was a darwin experiment that shows a decrepid , disabled piece of shit is destined to die

GOX IS DEAD.... LONG LIVE THE DEATH OF GOX Tongue

legendary
Activity: 3766
Merit: 5146
Note the unconventional cAPITALIZATION!
March 03, 2014, 05:45:56 PM
#49
Um this goes far beyond "not perfect".  It essentially breaks every rule in software design, resulting in a fragile, unmaintainable mess.

Projects written by a single person don't need to be developed as academics say. If u were an owner of an exchange and didn't trust to any other coder u would go the same way.


sr. member
Activity: 364
Merit: 257
March 03, 2014, 05:41:29 PM
#48
My impression was that supposedly they implemented a new trading engine to speed up transactions after the meltdown.

Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?



I think the trading engine was in the backend. Correct me if I'm wrong, but this looks like the front end to me?

it is the more like the  "back" but not exaclty it, that's a class with their full colection of functions...there is no code with the front(or back) end logic using those functions. But everything is there to do so.
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
March 03, 2014, 05:37:36 PM
#47
My impression was that supposedly they implemented a new trading engine to speed up transactions after the meltdown.

Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?



I think the trading engine was in the backend. Correct me if I'm wrong, but this looks like the front end to me?
sr. member
Activity: 332
Merit: 253
March 03, 2014, 05:36:47 PM
#46
My impression was that supposedly they implemented a new trading engine to speed up transactions after the meltdown.

Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?

hero member
Activity: 531
Merit: 501
March 03, 2014, 05:25:49 PM
#45
Is there anything in the code to suggest that the cold wallet was actually online?
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
March 03, 2014, 05:17:20 PM
#44
oh man, please don't let this be legit.....
newbie
Activity: 18
Merit: 0
March 03, 2014, 05:02:36 PM
#43
i wouldn't be surprised if the alleged 20GB of data comes up for sale
I guarantee you it is. There is no doubt the encrypted passwords (if gox even encrypted the database) are being sent through the grinder as we speak. Everyone should change their passwords if they used the same one on Gox!

Glad I didn't complet my registration ont heir website, I was about to sent them my passport, and what's not info, and when I saw how complex the process compared back I back peddaled and didn't confirm the uploaded documents I uploaded at the time
haha. SO... you uploaded your personal information to their servers (Now take time to think about that) but didnt click accept to complete the process. My advice: Get lifelock.
full member
Activity: 238
Merit: 100
March 03, 2014, 04:59:30 PM
#42
Umm, Facebook was built on PHP

Yeah, maybe once upon a time back then. But much less so today. And nobody in their right mind would trust friggin nsabook with their wealth...
legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
March 03, 2014, 04:51:47 PM
#41
This does look ugly:

 Some random red flags:

- There's a class with the name of the application. (Issues: Scope, SRP)

- There's a class with 1708 lines of code. (Scope)

- There's a switch-case statement that runs over 150 LOC (readability, maintainability)

- There's a string parsing function in the same class as transaction processing (Separation of concerns)

- There are segments of code commented out (are they not using source control?)

- There's inlined SQL (maintainability, security)

- There's JSON being generated manually & inline (SoC, DRY)
- There's XML being generated manually & inline (SoC, DRY)
- To sum up function _Route_getStats($path): XML production, JSON production, file writing, business logic, SQL commands, HTTP header fiddling, hard coded paging limits, multiple exit points...
The amount of refactoring needed here to bring this code up to acceptable quality is simply staggering.
legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
March 03, 2014, 04:49:30 PM
#40
Hey folks, new here and happen to also be a LAMP developer (not considering creating an exchange yet Wink...

I just wanted to jump in here and defend LAMP stacks.

Linux/Apache/MySQL/PHP (LAMP) CAN be highly secure depending on how the code is written.

This forum runs on PHP, most major banking site's fronted is PHP...

The problem comes in when people write insecure code, you can just as easily write insecure C+ or Python as insecure PHP...

I guess my point is dont bash the platform, bash the developer Wink


Good point, you win 40 GoxCoins  Cheesy
hero member
Activity: 812
Merit: 500
March 03, 2014, 04:44:11 PM
#39
Isn't it convenient that the Gox source code is leaked right after his appeal to the bankruptcy court. That seems to substantiate Karpeles claim that he was hacked and just a poor innocent victim. Very tidy.

+1

Hes a rich man now.
legendary
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
March 03, 2014, 04:30:20 PM
#38
Isn't it convenient that the Gox source code is leaked right after his appeal to the bankruptcy court. That seems to substantiate Karpeles claim that he was hacked and just a poor innocent victim. Very tidy.
hero member
Activity: 588
Merit: 501
March 03, 2014, 04:16:20 PM
#37
Glad I didn't complet my registration ont heir website, I was about to sent them my passport, and what's not info, and when I saw how complex the process compared back I back peddaled and didn't confirm the uploaded documents I uploaded at the time
hero member
Activity: 686
Merit: 500
March 03, 2014, 04:11:03 PM
#36
i thought the ceo is a tensai?
sr. member
Activity: 389
Merit: 250
March 03, 2014, 04:06:50 PM
#35
I think what concerns me more than anything is that they're rounding some of their values.


newbie
Activity: 14
Merit: 0
March 03, 2014, 02:04:19 PM
#34
I think what concerns me more than anything is that they're rounding some of their values.
legendary
Activity: 1078
Merit: 1002
Bitcoin is new, makes sense to hodl.
March 03, 2014, 01:58:37 PM
#33
no wonder why they could not turn LTC switch on, their code is too mess to add another currency
legendary
Activity: 1050
Merit: 1002
March 03, 2014, 01:52:50 PM
#32
Hey folks, new here and happen to also be a LAMP developer (not considering creating an exchange yet Wink...

I just wanted to jump in here and defend LAMP stacks.

Linux/Apache/MySQL/PHP (LAMP) CAN be highly secure depending on how the code is written.

This forum runs on PHP, most major banking site's fronted is PHP...

The problem comes in when people write insecure code, you can just as easily write insecure C+ or Python as insecure PHP...

I guess my point is dont bash the platform, bash the developer Wink

I agree. I'm getting a bit tired of people who language bash. For example, DeathAndTaxes, whom I respect is killing MtGox in this thread, but he hasn't once faulted the language of choice. Often people who bash don't have much achievement of their own which they can point to, which is telling.

Mysql? php??? For a multi-million dollar website?!?!?!? WTF!!!

Umm, Facebook was built on PHP and they just bought a company for $19 billion. Magento, also built on PHP, was bought by eBay for $180 million. Which apps have you done lately that are worth millions of dollars?

A good programmer can usually do well with most any language, although some may be better fits for a given application. It depends more on style and preference, which is why Google, which probably knows a thing or two about software, allows people to write in the language of their choice for their annual Code Jam with $15K prize. They are not so ignorant as to think various programming languages, which are just tools, can't be used effectively.
Pages:
Jump to: