Because of a minor glitch on facebook, a wee bit of their php code was released to the sweaty swarms of digg users and techcrunch fiends. Because I’ll probably get a cease and desist letter for posting the code, I’ll just post the coment codes that gave me a laugh. They could only be written by a carefree gymnasium of funky fresh Facebook employees.
- Line 57: // an error can also be here because the
profile photo upload code is crazy - Line 85: // make sure big tunas haven’t moved around
- Line 121: // Merman’s Admin profile always links to the Merman’s
home - Line 247: // We special case the network not recognized error
here, because affil_retval_msg is retarded. - Line 359: // MONETIZATION BOX
HA!
And this just in…. the photo.php has also been discovered. Here’s some gems from that fine bit of code ripe with more Sophmoreshpeal!
Lines 77-78: // Uh oh, th tag must have been removed since the user received the email // about it… just go to photo search!- Lines 159-60: // if they’re from photo_search and are requesting a bad photo, chances are it’s because // the pagination got screwed up…
- more tuna! Line 223: //keep track of tuna contexts
- Line 264: //For legacy’s sake
- Line 475: * DO THE PRINTSHOP STUFF
- Line 502: // all memers of a tuna object can post photo comments
Seek and ye shall find. Profile.php also has some soon to be very public humor in it. Thanks Facebook!
- // NOTE(mcslee): ok, at this point we know we are going to display the full page, so it is time to do a PHATTY PHATTY MULTIGET of all the shit that we are going to need to make this page, or at least the most common things
- //hzhao: this is a bit questionable
- // only do the high-lighting if coming from a search result or login. User’s hacking URLs is not fun.
Facebook’s Response in Techcrunch Comments:
Hi Nic-
I wanted to clarify a few things in your story. Some of Facebook’s source code was exposed to a small number of users
due to a bug on a single server that was misconfigured and then fixed immediately. It was not a security breach and did not compromise user
data in any way. The reprinting of this code violates several laws and we ask that people not distribute it further.–
Brandee Barker. Facebook
Some comments were kinda snarky:
Rufus said: Yick. That’s some ugly code. It doesn’t
even follow any good PROCEDURAL development practices. It looks like it was written by decidedly average college freshmen 😉
Cited at Financial Times.
digg_url = ‘http://digg.com/security/The_Top_11_Facebook_Leak_Comments’;
http://digg.com/api/diggthis.js
Also at Mashable.
Moneydick 
[…] and even a PhD. paper doesn’t mean your code is of the Field-Medal caliber. Capish? (Bonus: funny comments). # facebook | […]
LikeLike
“PHATTY PHATTY MULTIGET”
I would love to know what the h*ll that is supposed to mean.
LikeLike
“because affil_retval_msg is retarded.”
hehe, nice.
LikeLike
[…] Leaked Facebook Code Comments […]
LikeLike
[…] giving users access to the news feed, birthdays, application invites, pokes, status updates and a ‚Äòmonetization box‚Äô. All this sounds reasonably appropriate; and the news feed is configurable anyways. So what […]
LikeLike