SecureQueryStrings mania

I have inherited a web project, from a former coleague, that “senior” developer.

He’s a big fan of secured query strings, because he says, “Session is crap. It can be hijacked and your server put to its knees”.

This project has a wizard through which the user must go, about 7 pages. All communication between these pages is done with secure query strings.

Like this:

/// <summary>
/// Gets the project id.
/// </summary>
/// <value>The project id.</value>
private int projectId
{
    get
    {
        if ( this.PageParams != null && this.PageParams["projectId"] != null )
            return Convert.ToInt32( this.PageParams["projectId"] );
        else
            throw new NullReferenceException( "this.PageParams[projectId]" );
    }
}
/// <summary>
/// Gets the topic id.
/// </summary>
/// <value>The topic id.</value>
private int topicId
{
    get
    {
        if ( this.PageParams != null && this.PageParams["topicId"] != null )
            return Convert.ToInt32( this.PageParams["topicId"] );
        else
            throw new NullReferenceException( "this.PageParams[topicId]" );
    }
}

Each page has between 7 and 11 such properties, simply pasted from one page to the other.

Imagine a change of the business entities or a change in the workflow of the wizard. (I think “Find and Replace” is a very used feature of this guy :D)

Oh, and the comments, are generated automatically, using a dreaded tool – I shall not utter its name. Even though they don’t tell anything useful, they will not make the help file red.

This is what I consider a really bad example of how to build an application.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s