Listening to Black Sabbath’s Master of Reality.

@aahoogendoorn Look at you… new avatar! Is that an AC/DC shirt?

@mariannerd Howdy partner! It is AC/DC all right. Your avatar new too? Something wrong with the old one?

@aahoogendoorn Nope, just a change in scenery! Like the project I’m doing. I’m asked to do a code review.

@mariannerd Cool! Whenever I’m asked to do a code review, the client always knows, or at least suspects, something’s terribly wrong.

@aahoogendoorn Oh yes… We have the suspect… Now it’s a case of getting the evidence … I feel like Columbo..

@aahoogendoorn You know the suspects from the beginning, but you still have to look for the evidence for conviction!

@aahoogendoorn So when you are asked to do a code review, what is the first thing you do?

@mariannerd The first thing I do? Ask the client what they’re hoping to achieve: do they actually want to know how deep the rabbit hole goes?

@mariannerd Next, I make a list of all things I should look at during the review. Architecture, domain, data access, layers, extensibility..

@mariannerd Security, authorization, reuse, code copying (especially in VB), way of working, documentation, design, quality of coding.

@aahoogendoorn So far so good!

@mariannerd Rule #1 in code reviews: more time means more detail.

@aahoogendoorn Code Reviews are fun! No deadlines. just looking at somebody else’s code.

@aahoogendoorn … Oh and telling what’s wrong with it… I must say this is the first time I get such an assignment.

@mariannerd. You know, there’s so much horrible code out there, we could do code reviews for the rest of our lives.

@aahoogendoorn Well a lot of this stuff is subject to opinion… 100 developers, 100 different code for the same functionality…

@mariannerd Yes true, but some code is definitely worse than other code. And believe me, I’ve seen some bad coding in my time.

@aahoogendoorn Any examples?

@mariannerd Examples of bad code? How many do you need. Check out this old blog post of mine (in Dutch). http://htxt.it/reVB

@mariannerd. Think of SQL statement in web pages, or of a single class that handles 50% of all functionality.

@mariannerd. Or think of the same business rule implemented multiple times on different locations, in different ways.

@aahoogendoorn One of the things I came across: internal web application: authentication by doing a LDAP query to see if the user exists.

@aahoogendoorn Haven’t they heard of Windows Authentication in IIS? They didn’t even check if the user was enabled or disabled… :-S

@mariannerd Haha, nice one. I once audited the enterprise web portal for a very large international company where ALL communication …

@mariannerd between front end and back end went through one single class. Imagine the effect of a single change..

@mariannerd Sometimes, it gets really bad. Code a whole company depends on, which is so bad, that productivity will definitely be below zero soon

@mariannerd Anyway, I love being asked for code reviews. It gives the opportunity to help improve the quality of applications.

@mariannerd. That is, if they follow up on your advice from your code review. Unfortunately, that is not always the case.

@aahoogendoorn Well maybe it’s not needed… Or they just want to know the risks and are happy to take them!

@aahoogendoorn Which could be the outcome of a code review. It’s not good, but far from worse.. And it may be fixed with a couple of quick wins.

@mariannerd. Well yes, that could be the outcome. Maybe I’m to idealistic about writing good code. If it ain’t broken, don’t fix it.

@mariannerd. But I just love clean code…

@aahoogendoorn …. But even bad code can function.

@mariannerd My favorite example: an ASP.NET web site that was never compiled by the developers. They just ran it from the browser. Great stuff!

@mariannerd. As a consequence, of the over 40 pages in the application, only 6 compiled (the ones they visited running it in the browser)…

@aahoogendoorn LOL "we got a live one here!". This business application compiled at runtime? No test cases just put it in production!

@mariannerd. And then things can get pretty messy. Especially when your poor company lives of this software.

@aahoogendoorn That is the whole point isn’t it.. Developers just start coding without a plan, or knowing best practices.

@mariannerd Yes, a lot of developers code without having a decent architecture, without patterns, without layers – but with best intentions.

@aahoogendoorn Oh yes, best intentions… The road to hell is paved with good intentions…

@mariannerd. No stop signs, speed limits. Nobody’s gonna slow me down. Highway to hell. AC/DC# ?

@aahoogendoorn Nope… 4 minutes by Madonna LOL.

@mariannerd. Madonna? Girl you need a music review instead of a code review!

@aahoogendoorn ….I guess even bad music can function.