bad code Memes

Front End OTP Verification

11 hours ago 143.1K views 0 shares

Someone named Suresh just committed a cardinal sin of web security. They're comparing the user's OTP input against a hidden field called otp_hidden ... which exists in the DOM... on the client side... where literally anyone can just open DevTools and read it. It's like putting a lock on your door but leaving the key taped to the doorknob with a sticky note that says "SECRET KEY - DO NOT USE". The entire point of OTP verification is that it should be validated server-side against what was actually sent to the user's phone/email. Storing it in a hidden input field defeats the purpose harder than using var in 2024. The red circle highlighting this masterpiece is chef's kiss. This is the kind of code that makes security researchers weep and penetration testers rub their hands together gleefully. Never trust the client, folks.

True Or True

Javascript Programming Debugging

1 day ago 197.2K views 0 shares

When you need to make absolutely sure something is true, so you just... set it to true in both branches. The classic "I've covered all my bases" approach that covers absolutely nothing. Either the data exists and we're setting trueOrFalse to true, or it doesn't exist and we're setting trueOrFalse to true. Bulletproof logic right there. This is the programming equivalent of those "choose your own adventure" books where every path leads to the same ending. Just skip the if-else and assign it directly, my friend. Your code reviewer is going to have a field day with this one.

Looks Good To AI Bros Though

Security AI Programming Databases Backend

1 day ago 201.8K views 0 shares

Oh look, it's the classic SQL injection vulnerability that would make Bobby Tables proud, but with extra steps and worse syntax. The "AI-generated" query is literally concatenating user input directly into a SELECT statement, then somehow trying to GET values from variables that don't exist, AND mixing up assignment operators like it's having an identity crisis. But sure, "vibe coders" who learned from ChatGPT think this is perfectly fine production code. If those kids actually understood parameterized queries, prepared statements, or literally any basic security principle from the last 20 years, they'd realize this is a hacker's wet dream. One simple '; DROP TABLE users;-- and your entire database is toast. The real tragedy? AI code generators will confidently spit out garbage like this, and junior devs who don't know better will ship it straight to prod. Then they'll be shocked when their company makes headlines for a data breach. But hey, at least the code "works" in their local environment! 🎉

Forgive Me Father

Programming

2 days ago 136.4K views 0 shares

We've all been there—staring at a codebase that desperately needs refactoring, but the deadline is tomorrow and you just need it to work . So you copy-paste that function for the third time, slap an O(n³) algorithm where a hash map would do, and ship it with a guilty conscience. The confessional booth awaits, but deep down you know you'll do it again next sprint. At least you're not using nested ternary operators... yet.

I'm Going To Fail That Class

Programming Debugging Backend

4 days ago 207.3K views 0 shares

When your software architecture professor asks about your design patterns and you realize your entire codebase is held together by duct tape, prayer, and a single try-catch block that catches Exception. Sure, you've got architecture—disaster architecture. The kind where every component is tightly coupled, your database talks directly to your UI, and your "separation of concerns" is just different folders with the same spaghetti code. But hey, at least you're self-aware about the impending doom, which is more than most CS students can say when they're confidently explaining their monolithic mess as "microservices-ready."

Never Say Never

Programming Debugging Backend

9 days ago 192.2K views 1 shares

You know that monstrosity you wrote years ago? The one that makes you physically recoil when you see it in the codebase? Yeah, that 1,200-line behemoth with nested if-else statements so deep you need a map and a flashlight to navigate them. You promised yourself you'd refactor it "someday" and then conveniently forgot it existed. Fast forward to today: a critical bug appears, or worse, a "simple" feature request that touches that exact function. Now you're stuck wrestling with your past self's crimes against clean code. The best part? You can't even blame anyone else because git blame points straight at you. Nothing quite captures that special blend of regret, horror, and resignation like having to debug your own spaghetti code from 2019.

For That Modern Web Feeling

Javascript Webdev Programming Frontend

11 days ago 266.0K views 0 shares

Someone literally wrote 15 lines of JavaScript to make a page fade out. You know what else makes a page disappear? Closing the tab. Takes zero lines of code. But no, we need to set the page opacity to 30%, create a spinner element with inline styles that would make any CSS developer weep, position it dead center with transforms (because apparently flexbox is too mainstream), add a linear infinite rotation animation with hardcoded pixel dimensions, append it to the body, wait 750ms, then fade everything out and remove the spinner. All of this to simulate "loading" when the function literally does nothing except waste three-quarters of a second of the user's life. Modern web development is just adding spinners to make users think something important is happening. Spoiler: it's not. The best part? The setTimeout callback has an empty action() function. Chef's kiss. Peak web engineering right there.

Scripting Kinda Easy

Gamedev Unity Programming

16 days ago 160.8K views 0 shares

Oh honey, someone just discovered that naming variables is THE HARDEST part of programming and decided to give up entirely! Instead of using actual descriptive names, they've created a beautiful masterpiece where keyboard controls are literally just... the action names. Shift = sprint? Groundbreaking. Space = jump? Revolutionary. Left click = punch? GENIUS. But wait, it gets better! They're so confident about their "graphics = very good" and "music = good" that they just... declared it in the code like a royal decree. No implementation, no assets, just pure manifestation energy. And of course, "fps = 120" and "no lag" because if you write it down, it becomes true, right? That's how game development works! Just comment your dreams into existence and ship it! 🎮✨

We All Know It Is

Git Programming Debugging

17 days ago 216.1K views 0 shares

When you're vibing with terrible code quality, writing nested callbacks six levels deep, zero error handling, and variable names like "x1" and "temp2"... and suddenly your commit counter hits 3251. Nothing says "professional software engineer" quite like watching your crime against computer science get immortalized in git history. The code may be garbage, but hey, at least you're consistently producing garbage. That's what they call velocity in Agile, right?

Year

Webdev Javascript Programming Frontend

18 days ago 214.2K views 0 shares

So everyone's screaming about JavaScript being terrible, but then you look at how developers actually get the current year in production code. Instead of just using new Date().getFullYear() , some genius decided to hardcode "2025" wrapped in a beautiful mess of <footer><small> tags that don't even close properly. The closing </small> is chilling AFTER the text instead of wrapping it correctly. Maybe JavaScript isn't the problem. Maybe it's the developers who refuse to use it correctly. This footer will be hilariously outdated in about 365 days, and some poor soul will have to manually update it while the rest of the internet just... uses a date function like normal people. The real kicker? They're complaining about hardcoded YEARS while literally hardcoding a year. Chef's kiss. 💋👌

Enron Architecture

Programming Security Debugging Backend

23 days ago 214.9K views 0 shares

When your codebase is so sketchy it's basically a federal crime. Building financial products with code so questionable you're not networking at meetups—you're collecting character witnesses for your inevitable trial. Two lawyers, three cops, a judge, and almost Maduro? That's not a professional network, that's a legal defense dream team in the making. Your architecture isn't just bad, it's "cooking the books" level fraudulent. At least Enron had the decency to collapse quickly—your technical debt is the gift that keeps on giving to law enforcement.

When The Code Is Written Entirely By AI

AI Programming Debugging

24 days ago 273.5K views 0 shares

Rick confidently throws a portal at the wall, expecting it to work. Cut to him staring at a wall covered in nested if-statements with zero logic inside them. That's your AI-generated codebase right there. You ask ChatGPT for a simple function and it gives you seven layers of conditionals that all check the same thing. No else blocks, no early returns, just pure chaos wrapped in the illusion of structure. Sure, it might technically run, but good luck explaining to your team why there are 47 if-statements doing absolutely nothing productive. The best part? The AI will confidently tell you it's "optimized" and "follows best practices." Meanwhile you're left refactoring what looks like a choose-your-own-adventure book written by someone who's never heard of boolean logic.

Browse