The other day, while reviewing a plugin, I told someone that their code was okay, but it could be better.

They had this:

if ( $_POST['value'] == 1 ) {
    $variable = yes;
if ( $_POST['value'] == -1 ) {
    $variable = no;

And I said they should do this:

$variable = ( $_POST['value'] == 1 )? 'yes' : 'no';

They asked why, since the only possible input were 1 and -1.

Users Are Weird

It’s hard to explain why users are so weird, but they are. Any time you have post data that a user can input, a user will find a way to intentionally or accidentally put in bad data. I think perhaps the best way to explain it is that users are like toddlers. You can baby proof your house, but they’ll figure out how to get into the flour and suddenly your kitchen looks like an episode of Cutthroat Kitchen and good luck cleaning it up.

The point is this. Even if your data is only meant to be a 1 or a -1, you have to think beyond what the code should be and assume it will, one day, be what it’s it.

Broaden Your Mind

The basic rule of any input screen is that users will do what they do. They just will. They use code in ways you didn’t imagine, and that’s okay. And even if you have a check box, which logically cannot be altered beyond checked or un-checked, someone will do something outside your expectations.

The easiest way to understand it is to think about hackers. The whole reason we sanitize checkbox data is not that we expect a user to make a phenomenal mistake, but we expect a hacker to show up and try to back-door our work. We cannot trust that every user has good intentions. This is even more common in WordPress, since anyone can download your code, examine in for weaknesses, and then attack.

Angry People Do Bad Things

If I had a nickel for every time I heard “But an admin would never…” I’d be rich.

A good admin would never, intentionally, break their own system, this is true. But an admin who was just fired, and hasn’t had their credentials revoked yet? Oh gosh, can they ever be evil. When a person was fired at a job I once had, they went into the test lab, took all the diskettes, and tossed them in the dumpster. The protocol for handling people being fired was changed that day, but all it took was one angry admin, and we had to go dumpster diving for 3.5″ floppy disks.

No, it wasn’t fun.

Trust No Data

I never trust data. Not even on code only I use. I always assume I can be tricked into doing something dangerous, or that I’ll make a mistake while using a system. Humans make mistakes. You can’t trust them to be right all the time, and you can’t trust them to be good all the time.

That means it becomes our responsibility, as developers, to do the following:

  1. Make sure the data entered is sanity-checked
  2. If it’s not sane, fallback to a safe default or throw a good error

But never, ever, trust anyone to be right all the time. Especially you.

Reader Interactions

%d bloggers like this: