top | item 9628896

(no title)

Others have covered the possible approaches to talking with the developer and the boss pretty well. Aside from that, I just wanted to point out that the only big worrying issue is the SQL injection. I would focus on this above everything else. You may have to show the client why this is a big deal.

I've found that many businesses are willing to put up with less performant code. If they're getting the same functionality for a lower price from a less expensive developer, they consider that a win. In many cases, it's actually hard to write web code with performance bad enough that a client will care.

I wouldn't just fix the developer's mess for him. I would definitely tell the boss that you're willing to fix the less performant code for him, but unless the website has a 2+s response time or crashes every day, don't be surprised if they say no.

discuss

No comments yet.