Would you like to guarantee your project ends up on this site? Antoon's employer has a surefire technique. First, hire a freshly graduated architect with no programming experience. Second, chuck them into a project in a programming language they don't know. Third, give them absolutely no supervision and no guidance or support, and watch what happens.

The WTF, of course, is less the code itself, and more the process which lead to it, but there are things in this code which terrify me. I never want to see a DROP TABLE just sorta chucked into the middle of a SQL injection vulnerability. Having the connection string in a global $link variable doesn't bother me, but why is $result an array? What is $copy? Why might it be "error", and why do we drop the table before checking if that's an error? And why is the variable that can be either "EXIST" or "NOTEXIST" called $size? Wait, let's go back to $result, because I just realized that db_query must be a wrapper and it also uses the $result global variable to store anything that happens. But also it returns a value if it succeeds or fails and…

Sorry. The more time I spend looking at this code, the worse I feel about the experience. Again, I don't fault the underqualified developer, I fault the organization which put them in a position they were guaranteed to fail. If anything, they should be proud that they failed in such a stomach-churning way. Better that than being boring.

https://thedailywtf.com/articles/drop-into-the-deep-end