Hacker News new | ask | show | jobs
by katsura 1320 days ago
I wanted to give you a completely objective opinion, so I went from gematrix.org > www.c2kb.com > 9gagrss.xyz and based on that and your user name I found this: https://github.com/caviv/9gager

One thing, I think, you should be really careful about is how you handle user inputs, e.g. this line: https://github.com/caviv/9gager/blob/20ccaaf649af525fc7a0c1d...

I validated this on the live site as well, and it was really easy to insert any kind of HTML through the `channel` param. This is called XSS or Cross-Site Scripting.

Also, you seem to regularly commit code that includes database connection information (I hope it is not active anymore, or at least not reachable from the outside internet), e.g.: https://github.com/caviv/9gager/commit/bcc0b91eb8638835c1557...

Now, to be clear, this doesn't necessarily make you a bad programmer per se. But in my eyes, your claims of being "actually really good" seem to be over the top, and what I see is that you still have a lot to learn about the web and especially about security.
3 comments
kevinfiol 1320 days ago
To be fair, I write quite a bit of sloppy code when I program as a hobby, or if I'm trying to quickly hobble together something that just does what I need to do (and that includes random projects I throw up on Github).
link
jollyllama 1320 days ago
Agree, this isn't conclusive. OP might have a lot to learn about security. Or maybe OP just didn't care in this case.

To offer some constructive criticism, "Hassle" being misspelled as "hassel" in the readme, to me, would raise the question of the quality of English written communication created by the author.

link
Kiro 1320 days ago
The difference is that you don't create a whole post on HN just to humblebrag how good of a programmer you are.

This code is a disaster and the opposite of what OP describes. A clear case of Dunning–Kruger.

link
kevinfiol 1320 days ago
But OP wasn't bragging about their 9gager project. Also, isn't it possible to be a good programmer but write bad code sometimes? Perhaps OP's best work just isn't on display.

Trying to give the benefit of the doubt, but I generally don't think one toy Github project is conclusive evidence of anything, really.

link
Kiro 1319 days ago
The 9gager project is at the top of his site (https://www.c2kb.com/). It's definitely on display.

> Trying to give the benefit of the doubt

Why? Even if he's actually a really good programmer like he claims, it's a massive display of hubris. We should encourage humbleness.

link
kevinfiol 1319 days ago
> The 9gager project is at the top of his site (https://www.c2kb.com/).

Oh, I didn't see that.

link
rnk 1320 days ago
The danger is whenever anyone feels like asking others to check out there pretty good work, someone will inevitably find problems. It's just life and our limits as humans. What I have noted is the people that carry themselves as huge geniuses are the ones who make huge oversights. The best is someone quietly humble, doing awesome work, has depth when you ask them.

I am sure if you were in the dev field for years without a degree then you'd get tired of being second guessed for not having that piece of paper from a college.

link
anonym29 1320 days ago
Shhhh, you're making the jobs of pentesters harder! /s
link
solarkraft 1320 days ago
Opinions are not objective.
link
katsura 1320 days ago
I used it in this sense:

> In everyday life, your objective opinion is the one that sets aside your subjective preferences or feelings about something and instead assesses it based on facts and reality. [0]

[0] https://www.dictionary.com/e/subjective-vs-objective/

link