Plaintext-passwords Memes

Someone just reinvented the equality operator with extra steps. The ifBothCorrect function literally just checks if two values are equal, but instead of using === or == , they wrote an entire function that assigns them to variables, compares them, and returns true or false. It's like using a forklift to pick up a pencil. But wait, there's more! The authentication logic fetches ALL usernames and ALL passwords from the database, then loops through them in nested foreach loops to validate credentials. That's O(n²) complexity for what should be a single database query. Your database is crying. Your security team is crying. I'm crying. The cherry on top? They're storing passwords in plain text (look at that getAllPasswords() call). This code is a security audit's final boss. It's so beautifully terrible that it almost feels like performance art.

Plot twist: you're trying to create a new account and the system just casually exposes that someone else is already using your go-to password. Congrats on the world's worst security implementation—instead of saying "username taken," they're out here revealing password collisions like it's no big deal. Starboy98 is having an existential crisis because either: (a) someone stole their signature password, (b) they forgot they already made an account, or (c) they just discovered their "unique" password is about as original as using "password123." The Mike Wazowski face really captures that moment when you realize your password game is weak and the database architect's security game is even weaker. Pro tip: If a website can tell you your password is already in use by another user, run. That means they're storing passwords in plaintext or comparing them before hashing. Yikes.