But not using curly brackets alone is something a developer should goto hell for.
Topic: MtGox source code leaked ... - page 3. (Read 19023 times)
I've seen so much bad code in my life... even in enterprise systems... this one looks quite average
But not using curly brackets alone is something a developer should goto hell for.
But not using curly brackets alone is something a developer should goto hell for.
I prefer one monster super class...
Well I think we are done.
Php ....lolz
MySQL...lolz
SpagettiCode...lolz
What does this all of the above bullshit add upto ....loss of 450million ++
All code should be loosely coupled & highly cohesive ... i.e dependency injection, discreete components that have no depenceys on each other.... break down of the layers UI,Business logic, middleware ...repos...etc etc etc
Gox was a darwin experiment that shows a decrepid , disabled piece of shit is destined to die
GOX IS DEAD.... LONG LIVE THE DEATH OF GOX
Um this goes far beyond "not perfect". It essentially breaks every rule in software design, resulting in a fragile, unmaintainable mess.
Projects written by a single person don't need to be developed as academics say. If u were an owner of an exchange and didn't trust to any other coder u would go the same way.
My impression was that supposedly they implemented a new trading engine to speed up transactions after the meltdown.
Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?
Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?
I think the trading engine was in the backend. Correct me if I'm wrong, but this looks like the front end to me?
it is the more like the "back" but not exaclty it, that's a class with their full colection of functions...there is no code with the front(or back) end logic using those functions. But everything is there to do so.
My impression was that supposedly they implemented a new trading engine to speed up transactions after the meltdown.
Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?
Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?
I think the trading engine was in the backend. Correct me if I'm wrong, but this looks like the front end to me?
My impression was that supposedly they implemented a new trading engine to speed up transactions after the meltdown.
Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?
Does the PHP code look like a new sped up trading engine? Or is it more likely the code used prior to that time?
Is there anything in the code to suggest that the cold wallet was actually online?
oh man, please don't let this be legit.....
i wouldn't be surprised if the alleged 20GB of data comes up for sale
I guarantee you it is. There is no doubt the encrypted passwords (if gox even encrypted the database) are being sent through the grinder as we speak. Everyone should change their passwords if they used the same one on Gox!Glad I didn't complet my registration ont heir website, I was about to sent them my passport, and what's not info, and when I saw how complex the process compared back I back peddaled and didn't confirm the uploaded documents I uploaded at the time
haha. SO... you uploaded your personal information to their servers (Now take time to think about that) but didnt click accept to complete the process. My advice: Get lifelock. Umm, Facebook was built on PHP
Yeah, maybe once upon a time back then. But much less so today. And nobody in their right mind would trust friggin nsabook with their wealth...
This does look ugly:
Some random red flags:
- There's a class with the name of the application. (Issues: Scope, SRP)
- There's a class with 1708 lines of code. (Scope)
- There's a switch-case statement that runs over 150 LOC (readability, maintainability)
- There's a string parsing function in the same class as transaction processing (Separation of concerns)
- There are segments of code commented out (are they not using source control?)
- There's inlined SQL (maintainability, security)
- There's JSON being generated manually & inline (SoC, DRY)
- There's XML being generated manually & inline (SoC, DRY)
- To sum up function _Route_getStats($path): XML production, JSON production, file writing, business logic, SQL commands, HTTP header fiddling, hard coded paging limits, multiple exit points...
The amount of refactoring needed here to bring this code up to acceptable quality is simply staggering.
Some random red flags:
- There's a class with the name of the application. (Issues: Scope, SRP)
- There's a class with 1708 lines of code. (Scope)
- There's a switch-case statement that runs over 150 LOC (readability, maintainability)
- There's a string parsing function in the same class as transaction processing (Separation of concerns)
- There are segments of code commented out (are they not using source control?)
- There's inlined SQL (maintainability, security)
- There's JSON being generated manually & inline (SoC, DRY)
- There's XML being generated manually & inline (SoC, DRY)
- To sum up function _Route_getStats($path): XML production, JSON production, file writing, business logic, SQL commands, HTTP header fiddling, hard coded paging limits, multiple exit points...
The amount of refactoring needed here to bring this code up to acceptable quality is simply staggering.
Hey folks, new here and happen to also be a LAMP developer (not considering creating an exchange yet 
...
I just wanted to jump in here and defend LAMP stacks.
Linux/Apache/MySQL/PHP (LAMP) CAN be highly secure depending on how the code is written.
This forum runs on PHP, most major banking site's fronted is PHP...
The problem comes in when people write insecure code, you can just as easily write insecure C+ or Python as insecure PHP...
I guess my point is dont bash the platform, bash the developer
...I just wanted to jump in here and defend LAMP stacks.
Linux/Apache/MySQL/PHP (LAMP) CAN be highly secure depending on how the code is written.
This forum runs on PHP, most major banking site's fronted is PHP...
The problem comes in when people write insecure code, you can just as easily write insecure C+ or Python as insecure PHP...
I guess my point is dont bash the platform, bash the developer
Good point, you win 40 GoxCoins
Isn't it convenient that the Gox source code is leaked right after his appeal to the bankruptcy court. That seems to substantiate Karpeles claim that he was hacked and just a poor innocent victim. Very tidy.
+1
Hes a rich man now.
Isn't it convenient that the Gox source code is leaked right after his appeal to the bankruptcy court. That seems to substantiate Karpeles claim that he was hacked and just a poor innocent victim. Very tidy.
Glad I didn't complet my registration ont heir website, I was about to sent them my passport, and what's not info, and when I saw how complex the process compared back I back peddaled and didn't confirm the uploaded documents I uploaded at the time
i thought the ceo is a tensai?
I think what concerns me more than anything is that they're rounding some of their values.
I think what concerns me more than anything is that they're rounding some of their values.
no wonder why they could not turn LTC switch on, their code is too mess to add another currency
Hey folks, new here and happen to also be a LAMP developer (not considering creating an exchange yet ...
I just wanted to jump in here and defend LAMP stacks.
Linux/Apache/MySQL/PHP (LAMP) CAN be highly secure depending on how the code is written.
This forum runs on PHP, most major banking site's fronted is PHP...
The problem comes in when people write insecure code, you can just as easily write insecure C+ or Python as insecure PHP...
I guess my point is dont bash the platform, bash the developer
...I just wanted to jump in here and defend LAMP stacks.
Linux/Apache/MySQL/PHP (LAMP) CAN be highly secure depending on how the code is written.
This forum runs on PHP, most major banking site's fronted is PHP...
The problem comes in when people write insecure code, you can just as easily write insecure C+ or Python as insecure PHP...
I guess my point is dont bash the platform, bash the developer
I agree. I'm getting a bit tired of people who language bash. For example, DeathAndTaxes, whom I respect is killing MtGox in this thread, but he hasn't once faulted the language of choice. Often people who bash don't have much achievement of their own which they can point to, which is telling.
Mysql? php??? For a multi-million dollar website?!?!?!? WTF!!!
Umm, Facebook was built on PHP and they just bought a company for $19 billion. Magento, also built on PHP, was bought by eBay for $180 million. Which apps have you done lately that are worth millions of dollars?
A good programmer can usually do well with most any language, although some may be better fits for a given application. It depends more on style and preference, which is why Google, which probably knows a thing or two about software, allows people to write in the language of their choice for their annual Code Jam with $15K prize. They are not so ignorant as to think various programming languages, which are just tools, can't be used effectively.
Jump to: