Demaestro - 12:41 am on Oct 6, 2010 (gmt 0)
this is where you learn that your my coworker, not my boss
That is weak. You don't need to be someone's boss to comment on your co-workers attitude or poor work habits/practices.
It is almost universally true in programming that those who can't, manage those who can.... Meaning the boss is often more inept then the co-worker when it comes to writing code. So to assume management will catch it is silly. If you have no Q/A or source control then you may have to be the one to point this stuff out if there are no processes set up to catch them.
In this situation it sounds more like programming practice is at play then security or bug issues, but even bad programming practices can bring a system down if it scales big enough.
Like I said, if you notice this, it goes into production, and it causes crashes or introduces security flaw then I would call you negligent if you didn't bring it to the attention of everyone.
Not being the boss has NOTHING to do with this. It has to do with being a responsible employee.
If I was a cook and saw other cooks storing meat improperly, like raw chicken with raw beef, I wouldn't say... "I am not the boss, it isn't up to me to make sure people don't get sick"
That is a total cop out. You have some responsibility here, the question is how serious are the flaws in the code?