Yes! I screwed things

Dog on couch

Who's to blame?

Gediminas Morkevičius aka @l3pp4rd

Me
  • I code with - PHP, GO, Java, JavaScript, C
  • And I'm hardcore - ViM, Arch Linux, DWM user
  • I share my stuff atgithub.com/l3pp4rd
Data-Dog

Fail recipe #1

mysql -u root database

On your localhost - development.

And on another shell - production

It is easy to mix the shells when running..

Troll face
DELETE * FROM users

How to prevent this from happening?

  1. Use readonly user for production database.
  2. Never use DELETE or UPDATE statements when connected to production.

Fail recipe #2

Composer modules

{
  "require": {
    "symfony/symfony": "~2.7.0",
    "symfony/monolog-bundle": "~2.7",
    "symfony/swiftmailer-bundle": "~2.3",

    "my-company/payments":"~1.0"
  }
}

To prevent downloading vendor packages on deployment, we are building a release archive

gulp.task('archive', function(cb) {
  spawn.exec('./bin/archive', function(err, stdout, stderr) {
    if (err) {
      gutil.log(gutil.colors.red('error'), ' => ', stdout);
    } else {
      gutil.log(gutil.colors.cyan('package'), ' => ', stdout);
    }
    cb(err);
  })
});

gulp.task('package', function () {
  runSequence('build', 'composer-minimize', 'composer-optimize', 'archive', 'composer-install', function (err) {
    if (err) gutil.log(gutil.colors.red('error'), ' => ', err);
  });
});

It is a very high probability that developer, tampers with vendor sources..

vim vendor/my-company/payments

And it just went to production

Fail

A fix was applied..

gulp.task('composer-minimize', function(cb) {
  // and ensure that tampered vendors are reset!
  spawn.exec('rm -rf vendor/{my-company} && composer install --no-scripts --no-dev', function(err, stdout, stderr) {
    cb(err);
  });
});

Fail recipe #3

Transaction management

There are few things you always need to know about databases

Serialization deadlocks on MySQL is one of them

Fail

Fail recipe #4

Unreadable and unmaintanable code

Nested if statements. Do you see a bug here?

function signupAction(Request $request)
{
    $form = $this->createForm(new SignupType(), $user = new User());
    $form->handleRequest($request);
    if ($form->isValid()) {
        $same = $this->repo('AppBundle:User')->findOneBy(['email' => $user->getEmail()]);
        if (null !== $same) {
            if ($same->isConfirmed()) {
                $this->formError($form->get('email'), "already confirmed");
            } else {
                $this->get('mail')->user($same, 'activate');
            }
        } else {
            $user->regenerateConfirmationToken();
            $this->persist($user);
            $this->flush();

            $this->get('mail')->user($same, 'activate');
        }
        return $this->redirect($this->generateUrl('app_user_login'));
    }
    return ['form' => $form->createView()];
}

How about now?

function signupAction(Request $request)
{
    $form = $this->createForm(new SignupType(), $user = new User());
    $form->handleRequest($request);
    if (!$form->isValid()) {
        return ['form' => $form->createView()];
    }
    $same = $this->repo('AppBundle:User')->findOneBy(['email' => $user->getEmail()]);
    if (null !== $same and $same->isConfirmed()) {
        $this->formError($form->get('email'), "already confirmed");
    }
    if (null !== $same) {
        $this->get('mail')->user($same, 'activate');
        return $this->redirect($this->generateUrl('app_user_login'));
    }
    $user->regenerateConfirmationToken();
    $this->persist($user);
    $this->flush();

    $this->get('mail')->user($same, 'activate');
    $this->addFlash('success', 'Activation email was sent');
    return $this->redirect($this->generateUrl('app_user_login'));
}

Fail recipe #5

File session storage - does not scale

Fail

Fail recipe #6

Be careful with IP tables

Fail

Cannot SSH anymore. Server is a blackbox

iptables -F
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

Fail recipe #7

chmod -R 777

Fail

Fail recipe #8

Late Friday releases

Fail

die(var_dump()) on weekend

Epic fail

Develop everything in smallest possible steps, otherwise you might not finish anything..

Fail

Initial commit on DoctrineExtensions

Fail

I failed so many projects, because I tried to publish something better, bigger, nicer

Fail