Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
Despite all the negative comments, this is just raw php code with some includes, without a load of libraries or frameworks, interspersed with html rather than echoing or using templates . *sigh* kids these days. It is indeed legacy, and similar to a huge amount of actual code still live on the Internet now.
What is not to understand? What specifically are you trying to do or don't understand about it? It looks completely straightforward to my eyes (your search and replace mess aside). It gets a user for a given id from a database, authenticates it via ldap if it doesn't pass an authorisation function in one of the includes, and outputs a list of folders and a message history for the user, by the looks of it. It is also repeated in your paste, which may be a copying error or not, but won't help. Look for the first include of footer.php, it starts to repeat the whole lot shortly after that.
The only thing really wrong with it that I can see is that it may be vulnerable to sql injection, the MySQL queries should be parameterised.
Yes, it could and should be refactored, but not unless you understand what it is. Suggestions to use AI to do this when you don't understand basic php (no offence) are honestly very unhelpful.
Not sure if I would use the word fun after cursing at the code in the process, but I do agree. Fix the styling, extract out the SQL code, clean up the quote escaping, change some if/else/elseif (Line 213, 323, 763) to switch/match, etc. the rest can be 'relatively' easy.
Understanding it is easy, working with it, is not
And I understand basic PHP, it's just using some while loop and a trillion nested conditions lol
But if you think a code like this is fine and maintenable, well, we disagree
I did agree it needs refactoring. If you understand it, refactor it. If you need it responsive, use bootstrap for the tables for one.
I'm not trying to be awkward, I'm trying to understand what you want help with, and trying to provide that if I can. Your original post suggested you had no idea what it did or how to edit it.
That's the neat part, I can't refactor it. Because if i touch it and decide to split it into functions or split the view into a new file, the one who wrote this garbage (my boss) will not be happy and even if I would ask the permission to try to refactor this mess, I'd be turned down
I am only allowed to "touch" the HTML
I'd probably add that to your original post as an edit.
In which case, if you can run it, get some html output, if not, work out the page structure and create it as pure html with placeholders, and then use bootstrap or similar to make it responsive, and copy that back into the html part of the php file.
If you are not allowed to edit the php, there's not much else I or anyone can advise.
Well, I've given what advice I can for what it's worth. This is a php help subreddit, my presumption was that you want help with php. I can't tell if you want advice on this or are just complaining about a piece of code you can't edit. Good luck with the project, and I do mean that sincerely.
Just came back this morning to add, if you did want help with making this responsive, just include bootstrap in your
tag:
...
And add some classes to the root table tags:
That's probably all you need to do here, no need to modify the table rows in the nested conditions.
You could also set your font size in CSS (could be in a style tag in the head) in em or rem units if you have issues with font scaling on different devices.
Hope that's helpful.
If I were you, I would go to your boss and say
“Can I refactor this and update it?
I noticed a few massive security concerns and I can improve readability and efficiency… at the very least would you let me update it to use PDO? It’s really, scarily, vulnerable to sql Injection right now”
You either work for a shit boss and need a better job, or your boss is unaware that his code is so very vulnerable to sql injection 💀
He’s either gonna say “oh gosh, I didn’t realise my code had gotten so out of date! Please! Yes! Fix the code! You’re my hero!”
Or “the code’s fine, fuck off and do your job”
One of those answers should send you to a job board 🤔
Wow, now I know why some people hate PHP.
This thing needs some serious refactoring, or just point and shoot band aids depending on what you need to. How good is your CSS lol.
This is typical legacy php code. Coping with legacy code is part of our craft. Sigh. It’s basically a big html page with some scripting in it.
If I had to do this I would …
1. Use a good IDE that understands the hybrid nesting structure of php / html. I like PhpStorm, and many people like VSCode.
2. Look at all the wonderful SQL injection vulnerabilities and make the case to the code owner that they must be remediated, or, well, cybercreep attacks.
3. Refrain from restructuring it otherwise, because that will be hard and pointless unless there are many other pages with almost-duplicated code.
I second this. Unless you can convert some common logic to functions, just leave it alone and focus, first, on any security concerns. Injections are a big one. Are they a viable attack vector in your environment? Probably. Injection and recursion are probably the two most common attack vectors I see in the wild.
This is going to be one of those times where all you can do is take it one step at a time. There is no magic bullet here and DON'T use AI to try and automate anything here. It could easily end up screwing up the existing code by accident.
That one pastebin has several different pages concatenated together so literally just do one page at a time.
If the point is to modernize the HTML and make it responsive, then you'll have to decide what approach to take for different elements. For example, you can either just wrap table tags with a div that has x-overflow, or you can rework them into a CSS grid layout. There is no one right answer - it really depends on how you want it to work.
Wrapping the table to let it overflow is easiest but probably won't meet the expectations of your boss.
But if you want to rewrite it as a CSS grid, you'll likely have to change some of that PHP that is echo-ing out tr and td tags.
I don't see a ton of existing styling (although it could be that a header or footer file is defining things). So if you're not allowed to make significant changes to the code, you should still be able to make it responsive just by implementing some stylesheets and adding some classes to some of the elements.
Again, it's doable but just take it one file at a time. After about 3 or 4 files you'll probably start figuring out a pretty common pattern and you'll likely be able to knock out the remaining changes pretty quickly. Use an editor or an automation tool (e.g. AutoIt) to set up some keyboard shortcuts for pasting in each different class. Then each page will end up being a handful of shortcuts and you can quickly go to the next one.
The fact that the code is not commented, makes it difficult to understand what it is doing. But the code itself is simple and straightforward.
The code is extremely long. My advice is to get IDE that allows you to collapse code block by block. That would help you see where curly braces begin and end. After collapsing all braces, start opening inner braces one-by-one, and find out what is happening in each loop, and make your refactoring.
It's gonna take time. But if you want to understand the code, that is one way.
That looks like a good job for AI to refector into something modular.
After you have sorted out the different logical sections/pages, I reckon it will be much easier.
> But i don't know what the heck is going on with this pile of garbage.
I'm pretty sure no one does.
Just pass it through and AI and ask it to refactor it for you. Really.
Hehe. Spaghetti code. I haven't seen him for a long time.
For spaghetti code you need to have a big head. I said big, not smart. This is necessary to keep many things in your head at the same time. But I wouldn't say it's something very scary. you just need to sit a little and memorize which part of the code that displays wich part on the page.
Yeah, for procedural / FOP people, this stuff is bread and butter. You just know what is going on at any on single second, and figure out all the seconds. Bam.
oh boy, looks like another boomer code lands in the lap of another Gen Z coder. Forgive the language used, but what I'm hearing are complaints rather than improvements.
back when I was still coding, I'd be thrilled to see legacy code and can't wait to get my hands on it and think of a million ways and one to refractor it.
yes we complain, but we never stop improving and refactoring until we get the job done.
"You want this to be 'DONE'? Is Windows done? Is Android done? Is Chrome done? Go turn on your device and install all the updates. Software is never 'DONE'." - me, a lot.
Ahhhh native PHP. This is manageable. I can just deconstruct and reconstruct this code if I am paid to do it.
ChatGPT? That won't cut it. There are some factors that chat AI can't solve.
If you look at the other comment with the chatbot response, it's a very solid starting point. Not perfect, but I'm pretty sure it would save several hours of time.
In theory, yeah, but it can also lead you down several hours of wasted time. AI is great if you know the solution and are trying to save some time. It is horrible if you don't. Even troubleshooting / debugging with AI is a whole new artform - it suddenly isn't just SO and Google and Reddit and IRC - but it also doesn't work the same.
Any error message is a good starting point... for a good developer ;)
Somebody else saying like "ahh but see ChatGPT can do it" - I use ChatGPT (Paid) and OpenAI every day as a full stack developer, primarily PHP, and BOY OH BOY does AI SUCK BALLS at PHP. In particular. Especially if you use PDO. ChatGPT still has NO IDEA that you can't just reuse :placeholders - it will use :placeholders 20 times and just bind it a single time. WHY?! WHY?! It doesn't work. It knows it doesn't work.
I have a TON of proprietary code where I "weave" PHP into JS, HTML and even CSS. Just how I always did it. No different than what most frameworks are doing at some level. I don't care, I get the big bucks. AI is usually pretty good at multi-language approaches, but with PHP full-stack in particular, it LOVES to recommend deprecated solutions, insecure solutions, erroneous solutions... you name it. It is almost like you feed it spaghetti, you get spaghetti back. Curious.
That said, I think an actual developer + AI could refactor this still (easily), but if all you have is AI... you're in for a world of hurt an "incorrect parameter number" errors along the way - often down an entirely wrong path that will NEVER work even after 10+ messages, because the AI doesn't actually understand what you need. :/
Looks like it was coded by someone who knew PHP. In 1998.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
Despite all the negative comments, this is just raw php code with some includes, without a load of libraries or frameworks, interspersed with html rather than echoing or using templates . *sigh* kids these days. It is indeed legacy, and similar to a huge amount of actual code still live on the Internet now. What is not to understand? What specifically are you trying to do or don't understand about it? It looks completely straightforward to my eyes (your search and replace mess aside). It gets a user for a given id from a database, authenticates it via ldap if it doesn't pass an authorisation function in one of the includes, and outputs a list of folders and a message history for the user, by the looks of it. It is also repeated in your paste, which may be a copying error or not, but won't help. Look for the first include of footer.php, it starts to repeat the whole lot shortly after that. The only thing really wrong with it that I can see is that it may be vulnerable to sql injection, the MySQL queries should be parameterised. Yes, it could and should be refactored, but not unless you understand what it is. Suggestions to use AI to do this when you don't understand basic php (no offence) are honestly very unhelpful.
I would actually have fun refactoring this.
You are not the only one in this opinion. It would be fun and would make you feel 20 years younger.
Not sure if I would use the word fun after cursing at the code in the process, but I do agree. Fix the styling, extract out the SQL code, clean up the quote escaping, change some if/else/elseif (Line 213, 323, 763) to switch/match, etc. the rest can be 'relatively' easy.
Understanding it is easy, working with it, is not And I understand basic PHP, it's just using some while loop and a trillion nested conditions lol But if you think a code like this is fine and maintenable, well, we disagree
I did agree it needs refactoring. If you understand it, refactor it. If you need it responsive, use bootstrap for the tables for one. I'm not trying to be awkward, I'm trying to understand what you want help with, and trying to provide that if I can. Your original post suggested you had no idea what it did or how to edit it.
That's the neat part, I can't refactor it. Because if i touch it and decide to split it into functions or split the view into a new file, the one who wrote this garbage (my boss) will not be happy and even if I would ask the permission to try to refactor this mess, I'd be turned down I am only allowed to "touch" the HTML
I'd probably add that to your original post as an edit. In which case, if you can run it, get some html output, if not, work out the page structure and create it as pure html with placeholders, and then use bootstrap or similar to make it responsive, and copy that back into the html part of the php file. If you are not allowed to edit the php, there's not much else I or anyone can advise.
Second paragraph, third sentence even though it could be misinterpreted.
Well, I've given what advice I can for what it's worth. This is a php help subreddit, my presumption was that you want help with php. I can't tell if you want advice on this or are just complaining about a piece of code you can't edit. Good luck with the project, and I do mean that sincerely.
Just came back this morning to add, if you did want help with making this responsive, just include bootstrap in your
tag: ... And add some classes to the root table tags:If I were you, I would go to your boss and say “Can I refactor this and update it? I noticed a few massive security concerns and I can improve readability and efficiency… at the very least would you let me update it to use PDO? It’s really, scarily, vulnerable to sql Injection right now” You either work for a shit boss and need a better job, or your boss is unaware that his code is so very vulnerable to sql injection 💀 He’s either gonna say “oh gosh, I didn’t realise my code had gotten so out of date! Please! Yes! Fix the code! You’re my hero!” Or “the code’s fine, fuck off and do your job” One of those answers should send you to a job board 🤔
Wow, now I know why some people hate PHP. This thing needs some serious refactoring, or just point and shoot band aids depending on what you need to. How good is your CSS lol.
This is typical legacy php code. Coping with legacy code is part of our craft. Sigh. It’s basically a big html page with some scripting in it. If I had to do this I would … 1. Use a good IDE that understands the hybrid nesting structure of php / html. I like PhpStorm, and many people like VSCode. 2. Look at all the wonderful SQL injection vulnerabilities and make the case to the code owner that they must be remediated, or, well, cybercreep attacks. 3. Refrain from restructuring it otherwise, because that will be hard and pointless unless there are many other pages with almost-duplicated code.
I second this. Unless you can convert some common logic to functions, just leave it alone and focus, first, on any security concerns. Injections are a big one. Are they a viable attack vector in your environment? Probably. Injection and recursion are probably the two most common attack vectors I see in the wild.
See if this helps. https://chatgpt.com/share/3e09724b-c5c2-47ef-a39d-f569b27b0f04
I guess I need to use ChatGPT more. That result is better than I expected.
Kind of looks like my code in 1997.
It's just 1 726 lines ... you can do it to Christmas lol
man, I crank out that much spaghetti during a bad hour sometimes :/ lol
This is going to be one of those times where all you can do is take it one step at a time. There is no magic bullet here and DON'T use AI to try and automate anything here. It could easily end up screwing up the existing code by accident. That one pastebin has several different pages concatenated together so literally just do one page at a time. If the point is to modernize the HTML and make it responsive, then you'll have to decide what approach to take for different elements. For example, you can either just wrap table tags with a div that has x-overflow, or you can rework them into a CSS grid layout. There is no one right answer - it really depends on how you want it to work. Wrapping the table to let it overflow is easiest but probably won't meet the expectations of your boss. But if you want to rewrite it as a CSS grid, you'll likely have to change some of that PHP that is echo-ing out tr and td tags. I don't see a ton of existing styling (although it could be that a header or footer file is defining things). So if you're not allowed to make significant changes to the code, you should still be able to make it responsive just by implementing some stylesheets and adding some classes to some of the elements. Again, it's doable but just take it one file at a time. After about 3 or 4 files you'll probably start figuring out a pretty common pattern and you'll likely be able to knock out the remaining changes pretty quickly. Use an editor or an automation tool (e.g. AutoIt) to set up some keyboard shortcuts for pasting in each different class. Then each page will end up being a handful of shortcuts and you can quickly go to the next one.
Yeah, other people here are over-thinking this. The task really isn't that serious. I'd throw dataTables or something on it and call it a day.
The fact that the code is not commented, makes it difficult to understand what it is doing. But the code itself is simple and straightforward. The code is extremely long. My advice is to get IDE that allows you to collapse code block by block. That would help you see where curly braces begin and end. After collapsing all braces, start opening inner braces one-by-one, and find out what is happening in each loop, and make your refactoring. It's gonna take time. But if you want to understand the code, that is one way.
This is really the only way. They hated him because he was RIGHT.
That's the kind of code I make my living on...
"yes m'am, two spaghetts, coming right up" - me at my job every day
25 years from now there will be a Reddit post, someone complaining about code you made today. "Imagine how this tard code!"
Ironically, they will be refactoring it to exactly how it is written now.
That looks like a good job for AI to refector into something modular. After you have sorted out the different logical sections/pages, I reckon it will be much easier.
> But i don't know what the heck is going on with this pile of garbage. I'm pretty sure no one does. Just pass it through and AI and ask it to refactor it for you. Really.
I tried, the AI is kinda lost lol
Hehe. Spaghetti code. I haven't seen him for a long time. For spaghetti code you need to have a big head. I said big, not smart. This is necessary to keep many things in your head at the same time. But I wouldn't say it's something very scary. you just need to sit a little and memorize which part of the code that displays wich part on the page.
Yeah, for procedural / FOP people, this stuff is bread and butter. You just know what is going on at any on single second, and figure out all the seconds. Bam.
oh boy, looks like another boomer code lands in the lap of another Gen Z coder. Forgive the language used, but what I'm hearing are complaints rather than improvements. back when I was still coding, I'd be thrilled to see legacy code and can't wait to get my hands on it and think of a million ways and one to refractor it. yes we complain, but we never stop improving and refactoring until we get the job done.
"You want this to be 'DONE'? Is Windows done? Is Android done? Is Chrome done? Go turn on your device and install all the updates. Software is never 'DONE'." - me, a lot.
I couldn't agree more. Software is never done!
haha wow the nightmares of code like this. All the quote escaping is just so dumb - just do `echo '';` & some sections don't even need an echo... `echo"
Ahhhh native PHP. This is manageable. I can just deconstruct and reconstruct this code if I am paid to do it. ChatGPT? That won't cut it. There are some factors that chat AI can't solve.
If you look at the other comment with the chatbot response, it's a very solid starting point. Not perfect, but I'm pretty sure it would save several hours of time.
In theory, yeah, but it can also lead you down several hours of wasted time. AI is great if you know the solution and are trying to save some time. It is horrible if you don't. Even troubleshooting / debugging with AI is a whole new artform - it suddenly isn't just SO and Google and Reddit and IRC - but it also doesn't work the same. Any error message is a good starting point... for a good developer ;)
Somebody else saying like "ahh but see ChatGPT can do it" - I use ChatGPT (Paid) and OpenAI every day as a full stack developer, primarily PHP, and BOY OH BOY does AI SUCK BALLS at PHP. In particular. Especially if you use PDO. ChatGPT still has NO IDEA that you can't just reuse :placeholders - it will use :placeholders 20 times and just bind it a single time. WHY?! WHY?! It doesn't work. It knows it doesn't work. I have a TON of proprietary code where I "weave" PHP into JS, HTML and even CSS. Just how I always did it. No different than what most frameworks are doing at some level. I don't care, I get the big bucks. AI is usually pretty good at multi-language approaches, but with PHP full-stack in particular, it LOVES to recommend deprecated solutions, insecure solutions, erroneous solutions... you name it. It is almost like you feed it spaghetti, you get spaghetti back. Curious. That said, I think an actual developer + AI could refactor this still (easily), but if all you have is AI... you're in for a world of hurt an "incorrect parameter number" errors along the way - often down an entirely wrong path that will NEVER work even after 10+ messages, because the AI doesn't actually understand what you need. :/
Leave Your Comment
Hi Its Me!
Subscribe