ACM and the Canadian Province of Alabama

Posted by Skrud at Wednesday, March 5th 2008 at 12:42pm

I got an e-mail this morning informing me that since I participated in the ACM ICPC, I was eligible to receive a free ACM Student Membership for one year. ACM is, of course, the Association of Computing Machinery: the “first society in computing”. It is a prestigious organization that puts on many conferences (such as SIGGRAPH and OOPSLA), present guidelines for teaching Computer Science and Software Engineering curricula, and ACM Fellows are considered to be widely respected and influential individuals in Computer Science. Being a student member of ACM would give me access to a near-infinite set of papers and articles, for one thing, and it would be a valuable resource to have.

I went to the ACM’s web site to fill out their form for ICPC participants. When I clicked submit, however, I was faced with this upsetting error message:

No matter how many times I clicked “Submit” or filled out the form, this dialog would pop up. Following my geek instincts, I was determined to figure out why. I looked at the source code for the web page. Immediately, I noticed the all the code for the Javascript client-side form validation was right there in the page. A couple of quick searches and I found the reason I was looking for.

In validating the form, the Javascript checks to see that you did in fact enter a Canadian province if you selected that your country was Canada. (That is, if you entered something like “Kentucky” it would tell you pop up the error dialog, since “Kentucky” is not a Canadian province). Fair enough. However the line of code they had for validating Québec was something like this:

if ( form.s_state == "PQ" ) { success = 1; } else { success = 0; }

However in the form itself, as part of a giant list box, was the following option:

<option value="QC">Quebec</option>

Obviously, “QC” and “PQ” are not the same thing. So the form validation fails. What’s a geek to do? So I opened up Firefox, installed Firebug and went back to the form. I used Firebug to modify the <option> tag so that it’s value was “PQ”, thus allowing the form to be submitted. I was met with a nasty error debugging page, since apparently “PQ” is not a valid key in their database. This means that the form isn’t ever being validated on the server side. The values that I fill out, passing the Javascript client-side validation, go straight to their database.

Sufficiently disgruntled, and realizing that there’s no server-side validation whatsoever (other than some foreign key constraints in the database), I opted to simply disable Javascript in my browser. This worked like a charm. My form was submitted successfully, I received a registration number and confirmation e-mail and everything. This is analogous to being locked out of a car, and managing to open the door by pressing the “bypass locking mechanism”-button that is located on the handle.

But I made a mistake. After disabling Javascript I forgot to select “Quebec” from the dropdown box. So according to the ACM, I live in Montreal, in the state of Alabama, in Canada.

Ridiculous. This is the society of programmers, computer scientists and software engineers — and they can’t even get a simple web form right. Forms should always, always, ALWAYS be validated on the server-side. This is elementary. This is basic. This is common-sense.

Don’t worry, though. I fully plan to notify the appropriate individuals to resolve the problem.

Tags: acm, code, embarrassment, geek, wtf 5 comments