Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

(jcwren) RE: Yet Another Cargo Cult non-use of CGI.pm

by jcwren (Prior)
on Aug 01, 2000 at 01:32 UTC ( #25349=note: print w/replies, xml ) Need Help??


in reply to Yet Another Cargo Cult non-use of CGI.pm
in thread Upload Security (strip ../, etc.)

I'm gonna take one shot at this, and that's it.

Like I said in the chatterbox, "It's not what you say, it's how you say it". The first thing you do is make the person feel like an idiot: "Why, oh why, do people insist on cargo cult code?". Not everyone is a seasoned CGI/Perl programmer. There are a lot of issues involved with proper argument processing, security, compatibility, etc. It's not easy to recognize this when you're first starting out. There's so much to learn that you can't start out knowing it all. And worse yet, you can have something that will work, but be insecure. Once it starts working, you move on. You don't see the test case, or even *know* the test case that will break it.

CGI programming is glorious, it's intruiging, it's attractive because lots of people may get to see your results. So unlike writing backends for converting dates from "2000-02-02" to "Feb 2nd, 2000", it has sex appeal. As a result, a lot of people take it on, not realizing the true underlying complexity. I can certainly say that about myself. I know there's plenty of things that I should be aware of in regards to ultimately great CGI programming. But I've also got to figure out to write HTML that's compliant across browers, DB interfaces, managing Apache, installing mod_perl, yada yada yada. So much "knowledge space", it's impractical to learn it all before you write your first lines of code.

Sure, maybe you've been doing it for years. Sure, maybe it's all second nature to you. Sure, maybe you have a personal T3, so drudging through CPAN isn't painful. Sure, maybe you have an editic memory, and remember everything you read, instantly weeding out the implicitly wrong information from what's right. I don't have any of those. And I doubt most people do.

You're a very smart person, Randal. No one denies that. People want to benefit from your knowledge. I'm convinced I could. But I REFUSE to listen to people who talk down to me. Both in Perlmonks, and in Real Life. I have no patience for that, whatsoever. Nor should anyone else. As an instructor and as a Perlmonks saint, you can't do that to people. Your answers are terse, and unsuitable for the inexperienced person. Which constitutes every person asking a question. If they didn't ask the question, then they must know the answer, and therefore be experienced. While a puppy can be trained by swatting him when he goes on the carpet, you CANNOT teach a programmer with the same technique. You'll insult their intelligence, and only cause them to ignore you (and, evidently, vote -- on any posts, regardless of merit).

Instead, you have to point them (nicely) towards sources that answer their needs. Explain the *why* in the flaw. Your followup post below is MUCH more in line with how people should be educated. That's the type of response people are looking for. Not being smacked over the head with "Cargo Cult Programmer Alert!".

I respect your abilities, and I don't want to see you leave PM on the basis of people mistreating you. But until you portray the role of the instructor, and not the role of "the man with the +7 FONT tag", things aren't going to get much better.

I'll be more than happy to clarify on this if there's an issue. This post is NOT meant to be a "bash merlyn" post. Please understand that. Instead, it's meant to be a direct answer to the big green box.

Any place with 2700+ registered users and 600+ active users is going to have politics. I understand that. But I don't want to see PM turn into a SlashDot type of environment. I like to think that I generally try to avoid that (not perfectly, mind you, but in general). And I'd like to see politics kept between the persons involved, privately and discreetly, rather than publically aired.

--Chris

e-mail jcwren
  • Comment on (jcwren) RE: Yet Another Cargo Cult non-use of CGI.pm

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://25349]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (4)
As of 2022-01-25 01:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:












    Results (65 votes). Check out past polls.

    Notices?