Today's anonymous submitter works for a company that handles customer rewards perks. It's handling thousands of dollars of transactions a day, which isn't a huge amount, but it's certainly non-trivial.

Now, there's a conversion formula from points to dollars: points/100*1.7. Now how would someone implement this complex formula in PHP? Well, our submitter's predecessor did it this way:

$divfactor = 100;
$multfactor = 1.7;
$vcvalue = $points;
$divoperation = "/";
$multoperation = "*";
$valcalc = eval('return '.$vcvalue.$divoperation.$divfactor.$multoperation.$multfactor.';');

Was this an attempt at obfuscation? Because it didn't work. I understand exactly what the code is doing. But I'm also left wondering… why. What did they hope to gain?

It's forever a mystery.

[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!

This post originally appeared on The Daily WTF.

Today's anonymous submitter works for a company that handles customer rewards perks. It's handling thousands of dollars of transactions a day, which isn't a huge amount, but it's certainly non-trivial.

Now, there's a conversion formula from points to dollars: points/100*1.7. Now how would someone implement this complex formula in PHP? Well, our submitter's predecessor did it this way:

$divfactor = 100;
$multfactor = 1.7;
$vcvalue = $points;
$divoperation = "/";
$multoperation = "*";
$valcalc = eval('return '.$vcvalue.$divoperation.$divfactor.$multoperation.$multfactor.';');

Was this an attempt at obfuscation? Because it didn't work. I understand exactly what the code is doing. But I'm also left wondering… why. What did they hope to gain?

It's forever a mystery.

[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!

This post originally appeared on The Daily WTF.