There was a small bug in the PHP order form that Jared L. had developed: the form would complain that "$1000" is an "invalid numeric value." While technically true, Jared's boss wanted to make the form as fool-proof as possible, and asked Jared to fix it.

"No problem," Jared affirmed, "I'll make sure to have it strip those out."

"Well," his boss replied, "I believe we've got a function to do that".

He frowned for a second before stating, "Well, I was just going to use regex to make sure they entered it right, or else just use str_replace() to strip out any special chars".

"No, no we've already gotten it written, let me ask Brian where it's at," he insisted.

Crap, Jared thought, for Pete's sake, anything but that. He went back to his desk and pulled up TheDailyWTF.com, absolutely sure that whatever transpired next would be worth a submission.

Sure enough, within a few minutes, Jared's boss came over to his desk. "Great news," the boss said enthusiastically, "you don't have to write any code, we've already got it! Go ahead and open up everything.inc and find the fixString() function. You just pass that a string and an array, and it will strip anything in the array out of it. You're set!".

"Great!" Jared replied, clenching my teeth. So let me guess, Jared thought, this function is just going to consist of one line returning the results of a "replace". He opened it up to see what it contained:

function fixString($string, $chars = 0) { $string = "A" . $string; if (empty($chars)) { $chars = array('"','\'','\\'); } for ($i = 0; $i < count($chars); $i++) { while (strpos($string, $chars[$i]) != 0) { $index = strpos($string, $chars[$i]); $string = substr($string, 0, $index) . substr($string, $index+1); } } $string = substr($string,1); return $string; }

Jared shook his head and sighed. Instead of including the entire, 800-line everything.inc file in his page, he opted for the built-in replace():

$cleanedPrice = str_replace(array('$'), "", $price);

Too bad Brian was the lead developer and team lead.