Programming Tip: Assume Your Users are Idiots

Posted by Nessa | Posted in uncategorized | Posted on 30-05-2010

3

Any programmer knows the golden rule of programming – no matter how well you’ve coded an application, there’s always going to be something wrong with it. I’ve done enough development work to have a lasting suspicion that if there’s a bug or hole to be found, someone will stumble upon it and rub it in your face.

Here’s an interesting fact:

There’s no such thing as a bug-free application.

No amount of poking, prodding, testing, slurping, or caressing is going to find every possible fault that can exist in an application. Somewhere along the line, one of your users is going to trigger a problem and cause you to spend a few hours patching code.  It’s like idiot-proofing a microwave – you can’t reasonably predict every possible thing that a user can do, you just do what you can and hope for the best.

The good thing about these idiots is that they make us better programmers.  To be a better programmer, you have to think like an idiot and apply some basic principles:

1. Validation

Check and maybe even double-check all types of input and assume the worst. Sure, maybe that user didn’t know that Sex referred to gender, but you should have thought of that.  Always take into account blank, malformed, incorrect, malicious, and duplicate data.

2. Default Actions

Any time you use conditionals, always combine validation with a default action, in case something unexpected happens. Do you know what your application is going to do if a specified condition isn’t met?

3. User behavior

Some people do things you don’t want them to, but you have to be ready for it anyways.  Does your application work correctly if people hit the “back” or “refresh” buttons? Is it going to cause a problem if someone bypasses your lightbox and opens a link in a new tab instead? Or bookmarks a page that was meant to be accessed from a login screen?

4. Acceptance

Accept the fact that no matter what advice I give, you’re still never going to make it perfect.

And don’t forget – testing, testing, testing. While some people I deal with like to believe that I don’t actually test anything, I do – I just also know the golden rule of programming and that there’s no way around it.  Testing is an ongoing process and requires both automated and manual work. Don’t knowingly leave a bug or security flaw in place and assume it will go unnoticed – trust me, it won’t.  If there’s one thing idiots are good at, it’s making you look like an idiot.