Programming & Development

It Ran Fine in Production. Then I Wrote the Tests.

The app worked. Users could log in. Data was saving. Nobody was on fire. So naturally, I went looking for the fire. I was asked to audit a new Agent Referral feature on a school management system — agents refer schools, earn commissions, the usual. No brief. No checklist. Just "make sure it's fine." It was not fine. Nothing was visibly broken, but the architecture had been quietly making peace with some genuinely bad decisions. Everything held together by vibes and accumulated runtime state. Here's what I found — and why it matters whether you're writing PHP, Python, Go, or whatever language you've convinced yourself won't betray you. The Back Door That Was Literally Labelled There was a helper method — resolveAgent() — whose job was to figure out which agent was logged in. Two steps: Check if the authenticated user is an Agent ✅ If not — check if the URL has an agent_id parameter, and if so, load that agent from the database ❌ Step 2 is called Priv

DEV Community

11d ago

2 0

Discussion

Begin the discussion

Begin something meaningful by sharing your ideas.

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

Jamie Rodriguez

Stefani

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

dbarabashh.com

Hire based on the conversation about code, not the code itself

Comments

Lobsters

5h ago

orwellfoundation.com

Why I Write (1946)

Comments

Hacker News

13h ago

dev.to

Mastering Your Heartbeat: Architecting a High-Frequency Health …

Have you ever wondered how wearable devices manage the massive deluge of data coming from your body every second? We are talking about high-frequency health da…

DEV Community

16h ago

css-tricks.com

Recreating Apple’s Vision Pro Animation in CSS

Putting CSS’s more recent scrolling animation capabilities to the test to recreate a complex animation of the Apple Vision Pro headset from Apple's website. R…

CSS-Tricks

20h ago

infoq.com

React Navigation 8.0 Alpha with Native Bottom Tabs, Reworked Ty…

React Navigation has released version 8. 0 in alpha, updating its routing library for React Native and web applications. Notable changes include native bottom…

InfoQ

22h ago

socket.dev

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain

Comments

Lobsters

1d ago

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Programming & Development.

Browse Topics

Continue exploring

Discover more content that aligns with your interests and this post.

dev.to

Mastering Your Heartbeat: Architecting a High-Frequency Health …

Have you ever wondered how wearable devices manage the massive deluge of data coming from your body every second? We are talking about high-frequency health da…

DEV Community

16h ago

dev.to

Why your fixed header disappears in Puppeteer fullPage screensh…

I spent two evenings debugging this. Sharing so you don't have to. The problem When you call page. screenshot({ fullPage: true }) on a site with a…

DEV Community

1d ago

dev.to

A Practical Guide to Building a Vision AI Model Serving Pipelin…

This article is based on a VAIaaS (Vision AI as a Service) project we developed for production deployment. I’ll share our experience building a Vision AI model…

Daan Sanchez

1d ago

dev.to

Your Phone as a Terminal: One Command, One QR Code, No SSH Clie…

It happens a few times a year. I'm away from my laptop, a deploy is stuck, and I want to tail a log or restart a service. The options all have friction. SSH ap…

DEV Community

1d ago

dev.to

AWS Cognito Refused to Cooperate. So I Made Google and Cognito …

Liquid syntax error: 'raw' tag was never closed

DEV Community

1d ago

dev.to

Subqueries vs CTEs: When, Why, How.

With a background in Python programming, Learning SQL started feeling like a step back, every line is independent of the next and so far nothing seemed interco…

Jamie Rodriguez

1d ago

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest

It Ran Fine in Production. Then I Wrote the Tests.

Begin the discussion

Join the conversation

Community appreciation

Explore the same topics

Explore more from this topic

Continue exploring

See more related posts

Share Content