Hacker Newsnew | past | comments | ask | show | jobs | submit | Timwi's commentslogin

It is in the context of this thread, because the article is about exponential growth.

reply


You're fond of asking candidates an unrealistic hypothetical and you think that's revealing?

reply


Yep. I sure do.

reply


The one that is labeled as “German” is similar to, but noticeably different from, the hardware display actually in use on Berlin underground trains. The real one has proper descenders, and also has narrow i/t/l and wider m/w (that is, it's not monospace). Alas, the provided link 404s as well.

reply


There are a few mistakes in this talk; I'll list just two that I noticed.

1. He calls Array(16) and then talks about there being 16 separators. Of course, there are only 15. This kinda breaks the Batman joke.

2. He writes {}+[] and claims that he's adding a list to an object, then mocks the fact that it gives a different result than []+{} which gives [object Object]. In reality, if you write ({}+[]), you also get [object Object]. I'll leave it as a puzzle for you to figure out why {}+[] is different. (Hint: Gurer vf ab bowrpg gurer.)

reply


Good catch. I'm sure there could be more technical inaccuracies in the talk, but again, this is for entertainment purposes I assume, not education.

reply


Yet in node REPL:

    > {}+[]
    '[object Object]'
    > []+{}
    '[object Object]'
... because Node's REPL and some consoles pre-wrap input that looks object-ish :)

reply


For future reference, the phrase is “hear, hear”.

reply


There, there. ;)

reply


Yeah, yeah.

reply


Do you like Kool-aid? Perhaps a lot? You may be addicted.

reply


Mastodon does not have persistence of data though. Your instance shuts down? All your posts are gone. I naively assumed I could just move them to a new instance and found out the hard way. I have felt disillusioned with Mastodon ever since.

reply


Ultimately all things are ephemeral.

reply


It’s megahit, no hyphen. Also the exe is called prince.exe in my copy of the game but it’s possible there were other versions.

reply


What SQL system have you been using where just escaping a string requires “an ever-increasing pile of regexes”?

reply


Why is a format string or string concatenation (or interpolation, what I would use) the “wrong way” when all user input (more precisely: all string literals) are properly escaped?

reply


The main reason is that a lot of the reason comes around that it is incredibly difficult to do this in a general case just because of the grammar of SQL. Especially with the very different dialects, in the worst case you can get unintended remote code execution[1]

There's an incidental performance benefit on some database engines as well. When you write a SQL query, in general the database engine has to compile this to a form it can use

If you use raw string concatenation, "SELECT USERS FROM table WHERE id=1" might compile to something like (pseudocode below)

    def prepstatement1():
        ...
So if you use an explicit prepared statement[1], something like "SELECT USERS FROM table WHERE id=?" might compile to something like

    def prepstatement2(id: int):  # <--- notice the new parameter here
       ...
Some database engines also have the ability to cache a prepared statement and so these are a lil bit faster. Remember, your database has to still compile the string concatenated case, it's just a little bit hidden.

[1]: For example SQL Server has xp_cmdshell: https://learn.microsoft.com/en-us/sql/relational-databases/s...

[2]: https://en.wikipedia.org/wiki/Prepared_statement

reply


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: