Search Results

Search found 14074 results on 563 pages for 'programmers'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 102/563 | < Previous Page | 98 99 100 101 102 103 104 105 106 107 108 109  | Next Page >

  • Small projects using the cathedral model: does open-source lower security?

    - by Anto
    We know of Linus' law: With enough eyeballs all bugs are shallow In general, people seem to say that open-source software is more secure because of that very thing, but... There are many small OSS projects with just 1 or 2 developers (the cathedral model, as described by ESR). For these projects, does releasing the source-code actually lower the security? For projects like the Linux kernel there are thousands of developers and security vulnerabilities are quite likely going to be found, but when just some few people look through the source code, while allowing crackers (black hat hackers) to see the source as well, is the security lowered instead of increased? I know that the security advantage closed-source software has over OSS is security through obscurity, which isn't good (at all), but it could help to some degree, at least by giving those few devs some more time (security through obscurity doesn't help with the if but with the when). EDIT: The question isn't whether OSS is more secure than non-OSS software but if the advantages for crackers are greater than the advantages for the developers who want to prevent security vulnerabilities from being exploited.

    Read the article

  • Structuring database for multi-object "activity" and "following" functionalities

    - by romaninsh
    I am working on a web application which operate with different types of objects such as user, profiles, pages etc. All objects have unique object_id. When objects interact it may produce "activity", such as user posting on the page or profile. Activity may be related to multiple objects through their object_id. Users may also follow "objects" and they need to be able to see stream of relevant activity. Could you provide me with some data structure suggestions which would be efficient and scalable? My goal is to show activity limited to the objects which user is following I am not limited by relational databases. Update As I'm getting advices on ORM and how index things, I'd like to again, stress my question. According to my current design model the database structure looks like this: As you can see - it's quite easy to implement database like that. Activity and Follower tables do contain much larger amount of records than the upper level but it's tolerable. But when it comes for me to create a "timeline" table, it becomes a nightmare. For every user I need to reference all the object activities which he follows. In terms of records it easily gets out of control. Please suggest me how to change this structure to avoid timeline creation and also be abel to quickly retrieve activity for any given user. Thanks.

    Read the article

  • Should I choose Doctrine 2 or Propel 1.5/1.6, and why?

    - by Billy ONeal
    I'd like to hear from those who have used Doctrine 2 (or later) and Propel 1.5 (or later). Most comparisons between these two object relational mappers are based on old versions -- Doctrine 1 versus Propel 1.3/1.4, and both ORMs went through significant redesigns in their recent revisions. For example, most of the criticism of Propel seems to center around the "ModelName Peer" classes, which are deprecated in 1.5 in any case. Here's what I've accumulated so far (And I've tried to make this list as balanced as possible...): Propel Pros Extremely IDE friendly, because actual code is generated, instead of relying on PHP magic methods. This means IDE features like code completion are actually helpful. Fast (In terms of database usage -- no runtime introspection is done on the database) Clean migration between schema versions (at least in the 1.6 beta) Can generate PHP 5.3 models (i.e. namespaces) Easy to chain a lot of things into a single database query with things like useXxx methods. (See the "code completion" video above) Cons Requires an extra build step, namely building the model classes. Generated code needs rebuilt whenever Propel version is changed, a setting is changed, or the schema changes. This might be unintuitive to some and custom methods applied to the model are lost. (I think?) Some useful features (i.e. version behavior, schema migrations) are in beta status. Doctrine Pros More popular Doctrine Query Language can express potentially more complicated relationships between data than easily possible with Propel's ActiveRecord strategy. Easier to add reusable behaviors when compared with Propel. DocBlock based commenting for building the schema is embedded in the actual PHP instead of a separate XML file. Uses PHP 5.3 Namespaces everywhere Cons Requires learning an entirely new programming language (Doctrine Query Language) Implemented in terms of "magic methods" in several places, making IDE autocomplete worthless. Requires database introspection and thus is slightly slower than Propel by default; caching can remove this but the caching adds considerable complexity. Fewer behaviors are included in the core codebase. Several features Propel provides out of the box (such as Nested Set) are available only through extensions. Freakin' HUGE :) This I have gleaned though only through reading the documentation available for both tools -- I've not actually built anything yet. I'd like to hear from those who have used both tools though, to share their experience on pros/cons of each library, and what their recommendation is at this point :)

    Read the article

  • What projects did you have on your CV when you got your first junior web developer job?

    - by CodeNoob
    What sort of projects should one have completed and at what level/standard should these be at before one could justifiably start applying for junior web development jobs? I'm basically trying to find out exactly what other self-taught (front-end or back-end) web-developers have done before they felt they had a realistic chance of getting their first junior development job. I'm hoping for more specific answers than 'I joined an open source project' or 'I did some freelance work'. What was the project? What tasks had you completed on this project?

    Read the article

  • Programming Practice/Test Contest?

    - by Emmanuel
    My situation: I'm on a programming team, and this year, we want to weed out the weak link by making a competition to get the best coder from our group of candidates. Focus is on IEEExtreme-like contests. What I've done: I've been trying already for 2 weeks to get a practice or test site, like UVa or codechef. The plan after I find one: Send them (the candidates) a list of direct links to the problems (making them the "contest's problem list) get them to email me their correct answers' code at the time the judge says they have solved it and accept the fastest one into the team. Issues: We had practiced on UVa already (on programming challenges too), so our former teammate (which will be in the candidate group) already has an advantage if we used it. Codechef has all it's answers public, and since it shows the latest ones it will be extremely hard to verify if the answer was copied. And I've found other sites, like SPOJ, but they share at least some problems with codechef, making them inherit the issue of Codechef So, what alternatives do you think there are? Any site that may work? Any place to get all stuff to set up a Mooshak or similar contest (as in the stuff to get the problems, instructions to set up the server itself are easy to google)? Any other idea?

    Read the article

  • Integration of routes that are not resources in an MVC REST style application

    - by Emil Lerch
    I would like to keep my application relatively REST-pure for the sake of consistency, but I'm struggling philosophically with the relatively few views (maybe just one) that I'll need to build that don't relate to resources directly, and therefore do not fit into a REST style. As an example, take the home page. Ruby on rails seems to bail on their otherwise RESTful approach for this very basic need of all web sites. The home page appears special: You can get it, but a get at the resource level is supposed to give you a collection of elements. I can imagine this being the list of routes maybe, but that seems a stretch, and doesn't address anything else. Getting the home page by id doesn't seem to make a whole lot of sense - what's the element of a home collection? Again, maybe routes, but a get on a route would do what? Redirect? This feels odd. You can't delete it (arguably you could allow this for administrators) Adding a second one doesn't make sense except possibly if the elements were routes Updating it might make sense for administrators, but AFAIK REST doesn't describe updates on the resource directly, only elements of the resource (this article explicitly says "UNUSED" for PUTS on the resource) Is the "right" thing to do just to special case these types of things? At the end of the day, I can wrap my head around most of applications being gathered around resources...I can't think of another good example other than a home page, but since that's the start of an application, I think it warrants some thought.

    Read the article

  • OS Development. Only Few Particular Questions

    - by Total Anime Immersion
    I am new to this site as a member but have consulted its answers quite a lot of times. Besides my questions regarding OS Development hasn't been answered in any forum. In OS Dev. we make a bootloader. The org point is 7C00H. Why so? Why not 0000h? What are the last two signatures in the bootloader used for? People on every forum have answered that it is important for the system to recognize it as a bootable media. But I want a specific answer. What do each of those signatures do. I have the basic concept of a kernel. Point is.. it relates to different files required in a system. It sort of binds up everything that is individually developed. Now the thing is that that I have floating ideas in my mind regarding different aspects like keyboard, mouse, etc.. how do I put them all together? Which should I start with first? If possible please provide a step by step procedure of the startups of the kernel. Suppose I have developed my language entirely in C and Assembly. Now questions is will exe files work on my system.. if it doesn't then I have to create my own files and publish them. Which is a bad idea.. next step would be for me to go for a compiler for a language which I have designed myself. Now the point is.. How do I implement the compiler into my OS? After all this my final question is that.. How do you go about multitasking and multithreading? and I don't want to use int 21h as its dos specific.. how do I go about making files, renaming them, etc. and all assembly books teach 16 but programming.. how do i go about doing 32 bit or 64 bit with the knowledge I have.. if the basics and instructions are the same.. I don't mind.. but how do i go about otherwise? Don't tell me to give up the idea because I WON'T. And don't tell me it's too complex because I have a sharp knowledge of working of a system, C, Java, Assembly, C++ and python, C#, visual basic.. and not just basics but full fledged api developments.. but I really want to go deep into the systems part.. so I want professional help.. And I have gone through many OS project files but I want help particularly from this site as there are people with knowledge depth who can guide me the right way. And please don't suggest any books above 20$ and they should be available on flipkart as amazon charges massively for shipping and I prefer free shipping from flipkart.

    Read the article

  • Why use try … finally without a catch clause?

    - by Nick Rosencrantz
    The classical way to program is with try / catch but when is it appropriate to use try without catch? In Python the following appears legal and can make sense: try: #do work finally: #do something unconditional But we didn't catch anything. Similarly one could think in Java it would be try { //for example try to get a database connection } finally { //closeConnection(connection) } It looks good and suddenly I don't have to worry about exception types etc. But if this is good practice, when is it good practice? Or reasons why this is not good practice or not legal (I didn't compile the source I'm asking about and it could be a syntax error for Java but I checked that the Python surely compiles.) A related problem I've run into is that I continue writing the function / method and at the end I must return something and I'm in a place which should not be reached and it must be a return point so even if I handle the exceptions above I'm still returning null or an empty string at some point in the code which should not be reached, often the end of the method / function. I've always managed to restructure to code so that I don't have to return null since that absolutely appears to look like less than good practice.

    Read the article

  • Does TDD really work for complex projects?

    - by Amir Rezaei
    I’m asking this question regarding problems I have experienced during TDD projects. I have noticed the following challenges when creating unit tests. Generating and maintaining mock data It’s hard and unrealistic to maintain large mock data. It’s is even harder when database structure undergoes changes. Testing GUI Even with MVVM and ability to test GUI, it takes a lot of code to reproduce the GUI scenario. Testing the business I have experience that TDD works well if you limit it to simple business logic. However complex business logic is hard to test since the number of combinations of tests (test space) is very large. Contradiction in requirements In reality it’s hard to capture all requirements under analysis and design. Many times one note requirements lead to contradiction because the project is complex. The contradiction is found late under implementation phase. TDD requires that requirements are 100% correct. In such cases one could expect that conflicting requirements would be captured during creating of tests. But the problem is that this isn’t the case in complex scenarios. I have read this question: Why does TDD work? Does TDD really work for complex enterprise projects, or is it practically limit to project type?

    Read the article

  • TDD - what are the short term gains/benefits?

    - by ratkok
    Quite often benefits of using TDD are considered as 'long term' gains - the overall code will be better structured, more testable, overall less bugs reported by customers, etc. However, where are the short terms benefits of using TDD? Are there any which are actually tengible and easily measureable? Is it important to have an obvious (or even not obvious by quantifiable) short term benefit at all, if the long term gains are measurable?

    Read the article

  • Practical Meta Programming System (MPS)

    - by INTPnerd
    This is in regards to Meta Programming System or MPS by JetBrains. Thus far, from my efforts to learn how to use MPS, I have only learned its basic purpose and that it is very complex. Is MPS worth learning? Is there anyone who already effectively uses MPS to create their own languages and editors for those languages and uses these created editors as their primary way of programming? If so, what types of programs have they made with this? What are the advantages and disadvantages of working with MPS? What is the best way to learn MPS?

    Read the article

  • Java HttpURLConnection class Program

    - by pandu
    I am learning java. Here is the sample code of HttpURLConnection class usage in some text book import java.net.*; import java.io.*; import java.util.*; class HttpURLDemo { public static void main(String args[]) throws Exception { URL hp = new URL("http://www.google.com"); HttpURLConnection hpCon = (HttpURLConnection) hp.openConnection(); // Display request method. System.out.println("Request method is " + hpCon.getRequestMethod()); // Display response code. System.out.println("Response code is " + hpCon.getResponseCode()); // Display response message. System.out.println("Response Message is " + hpCon.getResponseMessage()); // Get a list of the header fields and a set // of the header keys. Map<String, List<String>> hdrMap = hpCon.getHeaderFields(); Set<String> hdrField = hdrMap.keySet(); System.out.println("\nHere is the header:"); // Display all header keys and values. for(String k : hdrField) { System.out.println("Key: " + k + " Value: " + hdrMap.get(k)); } } } Question is Why hpCon Object is declared in the following way? HttpURLConnection hpCon = (HttpURLConnection) hp.openConnection(); instead of declaring like this HttpURLConnection hpCon = new HttpURLConnection(); Author provided the following explanation. I cant understand Java provides a subclass of URLConnection that provides support for HTTP connections. This class is called HttpURLConnection. You obtain an HttpURLConnection in the same way just shown, by calling openConnection( ) on a URL object, but you must cast the result to HttpURLConnection. (Of course, you must make sure that you are actually opening an HTTP connection.) Once you have obtained a reference to an HttpURLConnection object, you can use any of the methods inherited from URLConnection

    Read the article

  • Can defect containment metrics be readily applied at an organizational level when there is only a consistant organizational process framework?

    - by Thomas Owens
    Defect containment metrics, such as total defect containment effectiveness (TDCE) and phase containment effectiveness (PCE), can be used to give a good indicator of the quality of the process. TDCE captures the defects that are captured at some point between requirements and the release of a product into the field, indicating the overall effectiveness of the entire process to find and remove defects. PCE provides more detail at each phase of the software development life cycle and how the defect detection and removal techniques are working. Applying these metrics makes sense at a level where you have a well-defined process and methodology for product development, often a project. However, some organizations provide a process framework that is tailored at the project level. This process framework would include the necessary guidance for meeting certifications (ISO9001, CMMI), practices for incorporating known good techniques (agile methods, Lean, Six Sigma), and requirements for legal or regulatory reasons. However, the specific details of how to gather requirements, design the system, produce the software, conduct test, and release are left to the product development teams. Is there any effective way to apply defect containment metrics at an organizational level when only a process framework exists at the organizational level? If not, what might be some ideas for metrics that can be distilled from each project (each using a tailored process that fits into the organizational process framework) that captures defect containment metrics to discuss the ability of the process to find and remove defects? The end goal of such a metric would be to consolidate the defect containment practices of a large number of ongoing projects and report to management. The target audience would be people in roles such as the chief software engineer and the chief engineer (of all engineering disciplines) for the organization. Although project specific data would be available, the idea is to produce something that quantifies the general effectiveness of all tailored processes across all ongoing projects. I would suspect that this data would also be presented as part of CMMI, ISO, or similar audits to demonstrate process quality.

    Read the article

  • Architecture advice for converting biz app from old school to new school?

    - by Aaron Anodide
    I've got a WinForms business application that evolved over the past few years. It's forms over data with a number custom UI experiences taylored to the business, so I don't think it's a candidate to port to something like SharePoint or re-write in LightSwitch (at least not without significant investment). When I started it in 2009 I was new to this type of development (coming from more low level programming and my RDBMS knowledge was just slightly greater than what I got from school). Thus, when I was confronted with a business model that operates on a strict monthly accounting cycle, I made the unfortunate decision to create a separate database for each accounting period. Also, when I started I knew DataSets, then I learned Linq2Sql, then I learned EntityFramework. The screens are a mix and match of those. Now, after a few years developing this thing by myself I've finally got a small team. Ultimately, I want a web front end (for remote access to more straight up screens with grids of data) and a thick client (for the highly customized interfaces). My question is: can you offer me some broad strokes architecture advice that will help me formulate a battle plan to convert over to a single database and lay the foundations for my future goals at the same time? Here's a screen shot showing how an older screen uses DataSets and a newer screen uses EF (I'm thinking this might make it more real for someone reading the question - I'm willing to add any amount of detail if someone is willing to help).

    Read the article

  • Bump version before kicking off new development or when tagging a release, which is better?

    - by linquize
    Some projects bump version before kicking off a new development, while the other projects bump version when tagging a release. Which approach is better? If version number not changed at the start of new phase, the developers may forget to change it and simply release the program. If version number changed before tagging release, then 2 the version numbers (tag and Makefile/AssemblyInfo.cs) do not match. git describe may give you v1.2.3.4-15-g1234567 if current revision is after v1.2.3.4, but you have already changed the files to have v1.2.3.5

    Read the article

  • Which paradigm to use for writing chess engine?

    - by poke
    If you were going to write a chess game engine, what programming paradigm would you use (OOP, procedural, etc) and why whould you choose it ? By chess engine, I mean the portion of a program that evaluates the current board and decides the computer's next move. I'm asking because I thought it might be fun to write a chess engine. Then it occured to me that I could use it as a project for learning functional programming. Then it occured to me that some problems aren't well suited to the functional paradigm. Then it occured to me that this might be good discussion fodder.

    Read the article

  • What Web Technology to use for web app?

    - by Chris
    Want to get the opinions of the people of Stack Overflow. I am creating a web application that ideally will have some sort of desktop notification. i would love to do this in HTML5 but cant as need it to run on IE 8 and below. I have looked a Flex but I'm not 100% sure how to achieve desktop notifications when running as a web app. Has anyone had this dilemma or even know of anything that would be the best fit? All opinions are welcome, will help me out a lot

    Read the article

  • What can I do with the twitter API?

    - by aditya menon
    I've tried googling for this but could not find concrete developer examples. When building mundane daily web applications like Classified websites, Job boards or Intranet targeted Document Management Systems, how can the twitter API help me do more things. May I please have some examples on how developers have used twitter to make their apps better? Other than the obvious use for promotional and search engine optimization purpose (yay there's a new job post on our site), what can I do with it? Also, am I late to the party? I hear a lot of upset on the internet about how twitter is apparently slowly betraying developers (I don't understand the specifics), so should I even look at the system or consider alternatives?

    Read the article

  • Diagram that could explain a state machine's code?

    - by Incognito
    We have a lot of concepts in making diagrams like UML and flowcharting or just making up whatever boxes-and-arrows combination works at the time, but I'm looking at doing a visual diagram on something that's actually really complex. State machines like those that parse HTML or regular expressions tend to be very long and complicated bits of code. For example, this is the stateLoop for FireFox 9 beta. It's actually generated by another file, but this is the code that runs. How can I diagram something with the complexity of this in a way that explains flow of the code without taking it to a level where I draw every single line-of-code into it's own box on a flowchart? I don't want to draw "Invoke loop, then return" but I don't want to explain every last detail. What kind of graph is suitable to do this? Is there already something out there similar to this? Just an example of how to do this without going overboard in complexity or too-high-level is really what I want. If you don't feel like looking at the code, basically it's 70 different state flags that could occur, inside an infinite loop that exists to a label based on some conditions, each flag has it's own infinite loop that exists to a label somewhere, and each of those loops has checks for different types of chars, which then runs off into various other methods.

    Read the article

  • What should we tell our unsupported IE6 users?

    - by Dan Fabulich
    In the upcoming version of our web app, we've broken IE6, and we don't intend to fix it. We've had a clear warning posted for IE6 users for some months; we've decided it's time not to support it. My question is: how should we communicate this to our users? Some people here feel that we should block IE6 users who would try to access the web app, because it's not going to work for them. Others feel that we should just leave up a warning, saying "This doesn't work in IE6," but not block them; instead, if they click to dismiss the warning, just let them in to the broken site to see for themselves that it doesn't work. Who is right? Is there a better way?

    Read the article

  • Load Balancer impact on web development

    - by confusedGeek
    This question has it's roots in a SharePoint site that I am help with. Background on the issue I dealt with: The dev box and integration server are not setup behind a load balancer. The links were being built using the HttpRequest.Url value from the current context. Note that the links weren't relative links but full URIs. Once we deployed to testing (which has a LB, amongst other things) we received errors on the links being built since the server had an address of "http://some.site.org:999" while the address at the LB as "https://site.org" (SSL was off-loaded at the LB). The fix was easy enough by using relative URIs. The Question: Since this is the first site I've worked with that's behind a Load Balancer on I'm wondering if there are other gotcha's that I need to consider when developing a site behind one?

    Read the article

  • What is the origin of the name string? [closed]

    - by Andrej M.
    Possible Duplicate: Etymology of “String” Every programmer knows the meaning of the name string. In programming, it is traditionally a sequence of characters. But historically, who has decided that a sequence of characters will be called a string? Has there ever been an attempt to name a sequence of characters differently, but was ultimately abandoned due to the rising popularity of the name string?

    Read the article

  • Please recommend a good book on general IT for junior developer

    - by Rachel
    I have just got a job as a junior java developer and I am finding learning the code fine as I taught myself to pass the interview tests, trouble is I have a biology degree and know little about general IT and computer /network jargon. I don't want to be seen as a total idiot and non - techie so please can you recommend a book I can read / study to quickly increase my general background knowledge so that I can compete on a level with IT graduates!

    Read the article

  • Securing Back End API for Mobile Applications

    - by El Guapo
    I have an application that I am writing for both iOS and Android; this application will be served by a ReSTFUL API running on a cluster of servers on "the internets". I am curious how the rest of the world is going about securing their APIs so only specific applications running on iOS or Android can use these APIs. I could go the same route as other OAuth providers by providing a key/secret combination (2-legged OAuth), however, what do I do if I ever have to change these keys??? Do I create a new key/secret for every person that downloads the app??? The application is a social-based game that will allow the user to interact with other "participants" in the game based on location, achievements, etc. The API will provide the following functions: -Questions, Quests, etc -Profile Management -User Interaction -Possible Social Interaction Once the app gains traction I plan on opening up the API ala Facebook, Twitter, etc. Which is easy enough, I plan on implementing an OAuth Server and whatnot. However, I want to make sure, during this phase, that only people who are using the application can access and use the API.

    Read the article

  • Dangerous programming

    - by benhowdle89
    Ok, i'm talking pure software/web, i'm not on about code to power Life Support machines or NASA rockets. In terms of software/web development what is the most dangerous single piece of code someone could put into a program (say if they had a grudge against a client/employee) In PHP, the first thing that comes to mind is some sort of file deletion: function EmptyDir($dir) { $handle=opendir($dir); while (($file = readdir($handle))!==false) { echo "$file <br>"; @unlink($dir.'/'.$file); } closedir($handle); } EmptyDir('images'); Or a PHP script that takes a user's sensitive input and posts it to Google sitemap or something? I hope this doesnt get closed off as subjective as there surely must be a ranking order of dangerous code. So i'm asking for the No.1 spot :) DISCLAIMER: I have no grudges against anyone, just curious for the answer!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 98 99 100 101 102 103 104 105 106 107 108 109  | Next Page >