I’ve recently come across probably the worst web application I have possibly ever seen. I’ll keep the application anonymous for now, partly because it’s on accessible via an intranet, and because it’s literally peppered with security holes.
The interface is awful and looks like it’s just come out of the early 90s era of web design, with tables with those terrible pseudo-3D table look (you know, the default style that tables look like?). The login page also extremely rudely finds it acceptable to resize your browser window for you to the maximum possible size and due to the browser configuration on this local network, I’m unable to stop it from doing so.
It violates every single usability guideline for the web I’ve ever found, making the common mistake of navigating when a combo box’s selected index changes (not when a button is clicked, how it should be) and therefore making it very difficult to make the application accessible and providing no user feedback after submitting forms.
But worst of all, there appears to be no validation on returning data from this application. So if you look across at someone else’s screen and take their ID from the location bar, you can view (oh, and edit too!) their data. It’s also potentially vulnerable to SQL injection (although I believe it uses an Access database, so I’m not sure).
Please – don’t make these mistakes when you’re developing, whatever technology you’re using. Have a bit of experience before you get something rolled out. Please, for my sake. I hate manually resizing my window all the time.
Post a Comment