ArraySearch with Chained Functions

After working with some large data sets and developing code to processes them, I created a utility implementing a pattern referred to as “chained functions”.

The Problem

I recently discovered the array.prototype.some and array.prototype.every methods, and saw their utility for searching arrays. I became determined there was a way to streamline their functionality after an initial usage in a case similar to this (although in a far more complex situation):

This block of code finds a single person object with an age of “17” in the people array, and throws an error if one is not found.

However, this takes up a lot of room, and I enjoy the challenge of condensing things, so ended up with this (roughly) equivalent block:

Now I can certainly imagine at least a few programmers would cringe at what could could be considered a confusing and abusive usage of some, among other offenses. And I admit a first time viewer would probably need a few seconds to decipher what’s going on here. However, the alternative is verbose and unwieldy, adding it’s own layer of complexity, So I took some time to write an (rather robust) alternative.

The Solution

Based on my experience, the situation of needing to find a particular object in a array with a particular property (or properties) is pretty common. The ArraySearch utility aims to provide an elegant solution. You can skip to the end and see the result, but here’s a bit of explanation behind the solution.

Recently, I’ve discovered the concept of what I like to call “natural language functions”. These are functions that chain arguments into successive calls, rather than a single call accepting a large group of arguments or breaking functionality into multiple distinct functions. This proves to be extremely effective at reducing both complexity and development time, and vastly increasing readability. My initial exposure to this was through the Chai assertion library, which uses the following syntax:

This style of abstraction/structure allows code to be quickly deciphered and written. Wherever possible, I’ve tried to implement it in my coding. Here’s an example based around ArraySearch:

Traditional function calls with multiple arguments are inherently confusing and ambiguous. Natural language removes the question of what goes where and awkward Boolean values or flags; the function call reads like a sentence and takes advantage of intellisense/auto-complete functionality.

Natural language functions are definitely trickier to write than traditional functions, and use some relatively advanced JavaScript constructs, but they provide immense implementation benefits.

How do they work?

Natural language functions take advantage of “chaining” through custom getter functions. Here’s an example of a couple pieces of ArrayFinder:

This packages the return type implementation into two clear values “one” or “all”. Next the arraySetter accepts a value for the array and stores it, returning another object that contains the actual executing functions:

findBy is a search function internal to ArraySearch that would normally have to be called with multiple explicit arguments, but that is instead provided with the proper context. setSearchPath continues the chain for more complex functionality.


The final result:

What’s going on here takes no deciphering abilities (and doesn’t need any comments), is extremely quick to write, and takes up very little space. The ArraySearch utility includes the ability to search by any number of properties and at any depth, and to search arrays within an object, and is available on my GitHub.

A few more examples:

The with function accepts an predicate to search for within an array inside of the object, defined by the object path (admittedly this could take the whole natural language thing a little farther, but coming soon).

Please comment with any feedback or bugs/issues you find in my code!


Stopping Spam: CAPTCHA Techniques

An ongoing struggle in web application development is preventing apps from being vulnerable to exploitation by bots while keeping them friendly for the average user. It used to be standard to slap a string of garbled text on the screen and ask users to interpret it. However, as bots grow more sophisticated, images have become increasingly difficult for legitimate users to decipher, while proving increasingly ineffective at preventing malicious responses. While this approach has been abandoned even by the popular reCAPTCHA service, a number of new, more effective and more user-friendly techniques have emerged.

Math Problem


At first glance this may seem overly simple to prevent any sort of attack. However, there a few key elements that can make this kind of CAPTCHA effective.

The first is to disguise the markup used for the label and input elements:

Marking up the field as a “url” field will cause many spam bots to simply attempt to enter their URL into the field. You’ll next notice there are no actual numbers in the math problem. The numbers are inserted through CSS psuedo elements:

Even if a bot parsed the text on the page to determine the input was a CAPTCHA looking for a number, it wouldn’t be able to determine the numbers to solve the problem. Without parsing the CSS associated with the page, the numbers are completely invisible to any script parsing the HTML (psuedo-elements cannot be directly accessed or modified through JavaScript).

This certainly wouldn’t protect against any targeted attack, but for any small cite trying to deter blanket spam attack, this a method is simple for users to solve and difficult for bots to bypass. In addition, further security could be added by dynamically inserting numbers into the CSS.

The same effect can also be accomplished by asking the user other trivial questions.


This CAPTCHA solution involves simply asking the user to check a certain check box input indicating they are human. While this again might seem like an ineffectively simple solution, it would be difficult for a box to interpret text asking them if they are human or not. In fact, this is the basic method employed by Google’s new reCAPTCHA service.

A variation on this would could involve asking the user to un-check a checkbox that is checked by default.


Even more difficult for the majority of bots to bypass is a simple slider widget. While such a widget is trivially simple for humans using a touch screen or mouse, it is no simple task for a bot to emulate the same behavior. A slider can be implemented through the QapTcha jQuery plugin.

reCAPTCHA (and other services)no-captcha

In addition to reCAPTCHA, there are a number of services that provide more advance security. Combining one of the above techniques or more involved tests (at least from a technical perspective), these services provide enhance protection from even targeted attacks. This is useful in situations where your site or application may be specifically targeted and the above techniques are easily identify and accounted for by the attacker.

Ineffective and Obsolete Methods

There are few CAPTCHA methods that are no longer considered effective or that carry significant disadvantages.


A “honeypot” field is a field hidden with CSS and marked up to appear to bots a certain type of input, a company name for example, but that is validated to be empty to submit the form. While still effective, these fields can pose significant problems to screen readers, making the form inaccessible to who use them.

Traditional CAPTCHA


While once a staple of web forms, these services have been largely rendered obsolete as they become increasingly difficult for people to solve while increasingly easy for computers. Many sites still misguidedly employ these puzzles, but they should be avoided.