CodeSOD: Evaluating Perks

This post was originally published on this site

The Daily WTF

Today’s anonymous submitter works for a company that handles customer rewards perks. It’s handling thousands of dollars of transactions a day, which isn’t a huge amount, but it’s certainly non-trivial.

Now, there’s a conversion formula from points to dollars: points/100*1.7. Now how would someone implement this complex formula in PHP? Well, our submitter’s predecessor did it this way:

$divfactor = 100; $multfactor = 1.7; $vcvalue = $points; $divoperation = “/”; $multoperation = “*”; $valcalc = eval(‘return ‘.$vcvalue.$divoperation.$divfactor.$multoperation.$multfactor.’;’);

Was this an attempt at obfuscation? Because it didn’t work. I understand exactly what the code is doing. But I’m also left wondering… why. What did they hope to gain?

It’s forever a mystery.

[Advertisement] Continuously monitor your servers for configuration changes, and report when there’s configuration drift. Get started with Otter today!

To read the full article click on the 'post' link at the top.