{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreihqtenpuiqg56hzmzqwlwga7btragki35pedea7n7lzbhsryjlyke",
"uri": "at://did:plc:vyjlfm46mfv6u4vjp6qtrfx2/app.bsky.feed.post/3modvv5ivhdj2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreidg2k33tiuupnstmiowh7hyyvtsbe3gyhfygiytrzynysnhoctrxi"
},
"mimeType": "image/jpeg",
"size": 81260
},
"path": "/articles/caught-a-mistake",
"publishedAt": "2026-06-15T06:30:00.000Z",
"site": "https://thedailywtf.com",
"tags": [
"CodeSOD",
"Learn more."
],
"textContent": "**Daniel** recently started a new job. His first task was to fetch some data from the database and render it to the user. Easy enough, and there were already wrapper functions around the database to make it easy. He called `execute_read`, passed it a query, and checked the results.\n\nThere were no results. But the query definitely should have returned results. What was going on?\n\n\n def execute_read(conn, query, params, only_one=False):\n result = None\n cursor = None\n try:\n start_time = time.time()\n cursor = conn.cursor()\n cursor.execute(query, params)\n\n if only_one:\n result = cursor.fetchone()\n else:\n result = cursor.fetchall()\n\n end_time = time.time()\n time_taken = end_time - start_time\n\n if env.is_production():\n if time_taken > 0.4:\n logger.critical(\"long query\", query=query, time_taken=time_taken)\n else:\n if time_taken > 0.2:\n logger.warning(\"long query\", query=query, time_taken=time_taken)\n\n except Exception as err: # pragma: no cover\n logger.exception(\"execute_read exception\", exception_msg=err, query=query)\n\n finally:\n logger.debug(\"execute_read debug\", query=query, params=params, only_one=only_one)\n if not result:\n if only_one:\n result = {}\n else:\n result = []\n if cursor:\n cursor.close()\n\n return result\n\n\nThere are a _lot_ of things I don't like about this function. The `only_one` parameter, for starters. Note how the database library actually breaks that behavior out as different functions- that's a much more appropriate model, especially since you have wildly different return types depending on how that flag is set.\n\nSimilarly, checking `env.is_production()` to check a timing threshold is itself pretty awful. I can sympathize with wanting different timing constraints based on what environment you're in- but if that's the case, the _timing constraint_ is the parameter. `env.long_query_threshold` should be the configuration parameter. Also, your database should be able to alert you to these kinds of things, so that it doesn't live in your code anyway.\n\nBut the WTF here is the promiscuous exception handler, which catches all errors and simply logs them. This created a situation where Daniel sent a query to the database and got no results. He didn't go straight to the logs and tried to debug it more directly, so it took him quite some time to find the `execute_read exception` log line which told him what was wrong: his SQL query had a syntax error.\n\nDaniel writes: \"I can't imagine the disaster that this causes if there's a network hiccup in production.\" Failing silently and returning empty results sets _definitely_ is inviting a lot of confusion.\n\n[Advertisement] Keep all your packages and Docker containers in one place, scan for vulnerabilities, and control who can access different feeds. ProGet installs in minutes and has a powerful free version with a lot of great features that you can upgrade when ready.Learn more.",
"title": "CodeSOD: Caught a Mistake"
}