Search Results

Search found 6564 results on 263 pages for 'symfony forms'.

Page 123/263 | < Previous Page | 119 120 121 122 123 124 125 126 127 128 129 130  | Next Page >

  • LoginControl not working correctly with Firefox, requires double login attempt.

    - by CmdrTallen
    Any idea why LoginControl requires users authenticate twice with FireFox but works correctly (once) with IE? I am using a custom MembershipProvider and RoleProvider, if that matters. Authentication portion of my web.config; <authentication mode="Forms"> <forms timeout="50000000" protection="All" requireSSL="false" slidingExpiration="true" cookieless="AutoDetect" domain="" enableCrossAppRedirects="true"> <credentials passwordFormat="SHA1" /> </forms> </authentication> Membership section; <membership defaultProvider="CustomMembershipProvider"> <providers> <add name="CustomMembershipProvider" type="CustomCrateMembershipProvider" connectionString="" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/> </providers> </membership> <roleManager defaultProvider="CustomRoleProvider" enabled="true"> <providers> <add name="CustomRoleProvider" type="CustomRoleProvider"/> </providers> </roleManager> Only code behind related to login; protected void OnLoggedIn(object sender, EventArgs e) { } protected void OnLoggingOut(object sender, EventArgs e) { }

    Read the article

  • What makes good web form styling for business applications?

    - by ProfK
    Styling forms (form elements) is something that even Eric Meyer prefers to avoid. However, most business forms, and that is where styling is at issue; 'contact us' forms are easy to style, put window estate at a premium, with more 'document level' (e.g. invoice) fields, plus 'detail level' (e.g. invoice line) fields. Factors I often find at play are: At my minimum, at least two horizontally adjacent fieldsets are required. In applications vs. public web pages, fixed positioning vs fluid layout is often better. Quantity of content is important, vs. exaggerated readability. Users know the system, and cues etc. take a back seat. In light of factors like these, is there any available guidence for styling web form based applications? Are there any CSS or JavaScript frameworks that would make my quest to style these applications better than Visual Studios still pathetic 'Auto-format' (what drugs were those people on? I will never take them.)

    Read the article

  • Enterprise integration of disparate systems

    - by Chris Latta
    We're about to embark on a fairly large integration effort to kill off a bunch of Access and Sql Server databases and get everything into one coherent enterprise system. There are also a number of other systems (accounting, CRM, payroll, MS Exchange) that hold critical data that we need to integrate (use for data validation in other systems), report on and otherwise expose. It is likely that some of these systems will change in the next few years, so we need to isolate our systems to be ready for change. Ideally we would be able to expose our forms in a consistent manner across as many of our our systems as possible without having to re-develop them for each system. We are currently targeting SharePoint (2007 and soon 2010), Office (2007 and soon 2010 - Word, Excel, PowerPoint and Outlook), Reporting Services, .Net console applications, .Net Windows applications, shell extensions, and with the possibility of exposing some functionality on mobile devices (BlackBerries currently, maybe iPhones later) and via our website. We're moving development to Visual Studio 2010 (from 2005) ahead of migrating to SharePoint 2010 and Office 2010. Given that most of our development is presently targeted to the .Net framework (mostly in C#) it seems logical to stick with this unless there is some compelling reason to switch frameworks/platform for some aspects. We're thinking of your standard Database-Data Integration layer-Business Objects Layer-Web Services (or REST) layer-Client Application plus doing our own client application with WPF (or something else?) forms that can also be exposed in the MS systems (SharePoint, Office, Windows). So, we don't want much, just everything :) Basically we need to isolate ourselves from database and systems changes, create an API that can be used throughout our systems and then make this functionality available in our client applications. I'm very keen to get pointers from anyone who has tips on how to pull this off. Should we look at the Enterprise Library as a place to start? Is REST with ASP.Net MVC2 a better solution than Web Services for a system like this? Will WPF deliver forms re-use or is there something better?

    Read the article

  • .Net Inherited Control Property Default

    - by Yisman
    Hello fellows Im trying to make a simple "ButtonPlus" control. the main idea is to inherit from the button control and add some default property values (such as font,color,padding...) No matter how i try, the WinForm always generates (or "serializes") the property value in the client forms the whole point is to have minimal and clean code, not that every instance of the buttonPlus should have 5 lines of init code. I want that the form designer should not generate any code for theses properties and be able to control them from the ButtonPlus code. In other words, if I change the ForeColor from red to blue only 1 single bingle line of code in the app should change. heres my code so far. as you can see, ive tried using defaultvalue, reset , shouldserialize.... anything i was able to find on the web! Public Class ButtonPlus Inherits Button Sub New() 'AutoSize = True AutoSizeMode = Windows.Forms.AutoSizeMode.GrowAndShrink Font = New System.Drawing.Font("Arial", 11.0!, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, CType(177, Byte)) Padding = New System.Windows.Forms.Padding(3) Anchor = AnchorStyles.Left + AnchorStyles.Right + AnchorStyles.Top ForeColor = Color.Aqua End Sub ' _ 'Public Overrides Property AutoSize() As Boolean ' Get ' Return MyBase.AutoSize ' End Get ' Set(ByVal value As Boolean) ' MyBase.AutoSize = value ' End Set 'End Property Public Function ShouldSerializeAutoSize() As Boolean Return False ' Not AutoSize = True End Function Public Function ShouldSerializeForeColor() As Boolean Return False 'Not ForeColor = Color.Aqua End Function Public Overrides Sub ResetForeColor() ForeColor = Color.Aqua End Sub End Class Thank you very much for taking the time to look this over and answer all the best

    Read the article

  • Best way to track the stages of a form across different controllers - $_GET or routing

    - by chrisj
    Hi, I am in a bit of a dilemma about how best to handle the following situation. I have a long registration process on a site, where there are around 10 form sections to fill in. Some of these forms relate specifically to the user and their own personal data, while most of them relate to the user's pets - my current set up handles user specific forms in a User_Controller (e.g via methods like user/profile, user/household etc), and similarly the pet related forms are handled in a Pet_Controller (e.g pet/health). Whether or not all of these methods should be combined into a single Registration_Controller, I'm not sure - I'm open to any advice on that. Anyway, my main issue is that I want to generate a progress bar which shows how far along in the registration process each user is. As the urls in each form section can potentially be mapping to different controllers, I'm trying to find a clean way to extract which stage a person is at in the overall process. I could just use the query string to pass a stage parameter with each request, e.g user/profile?stage=1. Another way to do it potentially is to use routing - e.g the urls for each section of the form could be set up to be registration/stage/1, registration/stage/2 - then i could just map these urls to the appropriate controller/method behind the scenes. If this makes any sense at all, does anyone have any advice for me?

    Read the article

  • [VB.Net] TreeView update bug in the .net framework

    - by CFP
    Consider the following code: Dim Working As Boolean = False Private Sub TreeView1_AfterCheck(ByVal sender As Object, ByVal e As System.Windows.Forms.TreeViewEventArgs) Handles TreeView1.AfterCheck If Working Then Exit Sub Working = True e.Node.Checked = Not e.Node.Checked Working = False End Sub Private Sub TreeView1_MouseClick(ByVal sender As System.Object, ByVal e As System.Windows.Forms.MouseEventArgs) Handles TreeView1.MouseClick If e.Button = Windows.Forms.MouseButtons.Right Then MsgBox("Checked = " & TreeView1.SelectedNode.Checked) End Sub Where TreeView1 is a TreeView added to the form, with CheckBoxes set to true and one node added. The code basically cancel any node checking occuring on the form. Single-clicking the top node to check it works well : your click is immediately canceled. Yet if you double-click the checkbox, it will display a tick. But verifying the check state through a right click will yield a Checked = False dialog. How come? Is it a bug (I'm using the latest .Net Framework 4.0, and he same occurs in 2.0), or am I doing something wrong here? Is there a work around? Thanks! EDIT: Additionally, the MouseDoubleClick event is not raised before you click once again.

    Read the article

  • jQuery tokeninput plugin + passing id to another tokeninput url

    - by Elson Solano
    I am using a jquery plugin called jQuery Tokeninput http://loopj.com/jquery-tokeninput/ and I am having a logic issue. var country_id = ""; jQuery("#demo-input-prevent-duplicates").tokenInput(host+"/forms/campaign_location.php?action=country", { theme: "facebook", hintText: "Enter a Country...", placeholder: "Enter a Country...", preventDuplicates: true, onAdd: function(item) { country_id = item.id; }, onDelete: function(){ hideElements(); }, tokenDelimiter: "|", }); My question here is how would I pass the value of country_id to the parameter of the below code. I'm not seeing how to do this one on the jquery tokeninput documentation. jQuery("#targ_state").tokenInput(host+"/forms/campaign_location.php?action=stateorprovince&cid="+country_id, { theme: "facebook", preventDuplicates: true, hintText: "Enter a State or Province...", placeholder: "Enter a State or Province..." }); If you'll look on this part of the code, I am passing the country_id that was generated above on the "onAdd". This doesn't work though. jQuery("#targ_state").tokenInput(host+"/forms/campaign_location.php?action=stateorprovince&cid="+country_id .... How would I do that one? Your help would be greatly appreciated and of course, rewarded! Thanks! :-)

    Read the article

  • TreeView update bug in the VB.NET

    - by CFP
    Consider the following code: Dim Working As Boolean = False Private Sub TreeView1_AfterCheck(ByVal sender As Object, ByVal e As System.Windows.Forms.TreeViewEventArgs) Handles TreeView1.AfterCheck If Working Then Exit Sub Working = True e.Node.Checked = Not e.Node.Checked Working = False End Sub Private Sub TreeView1_MouseClick(ByVal sender As System.Object, ByVal e As System.Windows.Forms.MouseEventArgs) Handles TreeView1.MouseClick If e.Button = Windows.Forms.MouseButtons.Right Then MsgBox("Checked = " & TreeView1.SelectedNode.Checked) End Sub Where TreeView1 is a TreeView added to the form, with CheckBoxes set to true and one node added. The code basically cancel any node checking occuring on the form. Single-clicking the top node to check it works well : your click is immediately canceled. Yet if you double-click the checkbox, it will display a tick. But verifying the check state through a right click will yield a Checked = False dialog. How come? Is it a bug (I'm using the latest .Net Framework 4.0, and he same occurs in 2.0), or am I doing something wrong here? Is there a work around? Thanks! EDIT: Additionally, the MouseDoubleClick event is not raised before you click once again. EDIT 2: Posted a bug report at Microsoft Connect

    Read the article

  • Query distinct list of choices for Django form with App Engine Datastore

    - by Brian
    I've been trying to figure this out for hours across a couple of days, and can not get it to work. I've been everywhere. I'll continue trying to figure it out, but was hoping for a quicker solution. I'm using App Engine datastore + Django. Using a query in a view and custom forms, I was able to get a list to the form but then I was not able to post. I have been trying to figure out how to dynamically add the choices as part of the Django form... I've tried various ways with no success. Help! Below are the two models. I'd like to get a distinct list of address_id to show in the location field in InfoForm. This fields could (and maybe should) be named the same, but I thought it'd be easier if they were named different. class Info(db.Model): user = db.UserProperty() location = db.StringProperty() info = db.StringProperty() created = db.DateTimeProperty(auto_now_add=True) modified = db.DateTimeProperty(auto_now=True) class Locations(db.Model): user = db.UserProperty() address_id = db.StringProperty() address = db.StringProperty() class InfoForm(djangoforms.ModelForm): info = forms.ChoiceField(choices=INFO_CHOICES) location = forms.ChoiceField() class Meta: model = Info exclude = ['user','created','modified']

    Read the article

  • How do I make JavaScript to set these element values?

    - by dmanexe
    I have two fields that need to multiply each other and fill a 3rd form's value. Here's the HTML: <input type="text" name="estimate[concrete][price]" value="" onBlur="calc_concreteprice(document.forms.mainform);" /> per SF <strong>times</strong> <input type="text" name="estimate[concrete][sqft]" value="" onBlur="calc_concreteprice(document.forms.mainform);" /> SF = <input type="text" name="estimate[concrete][quick_total]" value="" /> Here's my JavaScript: function calc_concreteprice(mainform) { var oprice; var ototal; oprice = ((mainform.estimate[concrete][sqft].value) * (mainform.estimate[concrete][price].value)); ototal = (oprice); mainform.estimate[concrete][quick_total].value = ototal; } I want the first two forms to be multiplied together and output to the third. I think my problem may be within how I am referencing the input field names, with brackets (I'm taking results from this form as an array so I'm already used to working with the results as a multi-dimensional array). Thanks for the help!

    Read the article

  • How to create the automatic mass form submitter (javascript-ajax script) to be used on the 3rd part

    - by Daniel
    I need a script that can handle the following tasks. Take user data from my database and fill in and submit / post data to forms located on third part websites.: So I want to know if is it hard to create or do somebody knows if does exists some script for mass form submissions in PHP -Javascript-Ajax ? I run Dancers & Hostess & Model jobs website, I would like to find some script which allows the girls automaticly submit to hundreds websites forms (other 3rd part model agencies) with their similar model application form info on my website previously specified, 1).Firstly the girls will fill out my agency portfolio very detailed form , like this i will get all the model personal info from them , 2) Secondly i would like to allow for example models to submit to 100 and more other model agencies forms (I will find those websites before, and I will get their field names = values and thanks to some script would like to connect them with every girl data already created in my website to submit . I would like to implement it to my wordpress website where the girls has their portfolios instead of my pages . I would like to offer this service especially to models , it should work like some directory submitters , The script knows names - values and fill it out itself, but I want it online - browser side, where the girls should only fill out captcha if there is and click the button "submit".After succesful submit it should offer other form to submit. I would be very happy if you know the answer or if you can redirect me to some article

    Read the article

  • Read data from form

    - by Superhuman
    This is a strange question, I've never tried to do this before. I have a repetitive process requiring that I copy and paste data from text boxes in one program into another program for further processing. I'd like to automate this process using VB .NET. The application from which the data is gathered isn't mine, so I don't have ActiveX-like access to its controls. How would you write an application to gain access to a form from another application, to be able to find the controls on the form, and gather the values from them? Just experimenting, I've used the following code. This resulted in only the name of the form to which this code belongs. It didn't find the names of any other forms I have open, and I have a lot open to choose from. This is frustrating because it's only step one of what I'll need to do to make my life easier... Public Declare Function EnumWindows Lib "user32" (ByVal lpEnumFunc As CallBack, ByVal lParam As Integer) As Integer Public Delegate Function CallBack(ByVal hwnd As IntPtr, ByVal lParam As IntPtr) As Boolean Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click Dim cb As New CallBack(AddressOf MyCallBack) EnumWindows(cb, 8) End Sub Public Function MyCallBack(ByVal hwnd As Long, ByVal lparam As Long) As Boolean Dim frm As System.Windows.Forms.Control frm = System.Windows.Forms.Form.FromHandle(hwnd) If frm Is Nothing Then Return True If frm.Text <> "" Then TextBox1.Text += frm.Text & ", " End If Return True End Function Does anyone have a recommendation? Thanks, SH

    Read the article

  • How to disable Rails submit buttons alongside Prototype helpers & RJS?

    - by Jesse
    I'm trying to follow this post http://stackoverflow.com/questions/576240/how-can-i-unobtrusively-disable-submit-buttons-with-javascript-and-prototype but I can't get it to work. The form triggers an RJS function, so I need to keep the helpers' onclick events intact. The RJS returns/reloads the same forms along with two new texts. I'm really confused. Here is my rails code for the forms: .span-20#comparison / new comparison . . . / voting forms (also reloaded) .span-4.prepend-3.append-6 - form_remote_tag :action => url_for(:controller => :comparisons), :method => :post do = hidden_field_tag :poem1_id, poems[:a].id = hidden_field_tag :poem2_id, poems[:b].id = hidden_field_tag :response, 1 = submit_tag "Vote for me", :disabled => false, :disable_with => 'Vote for me', :class => "compare" .span-4.append-3.last - form_remote_tag :action => url_for(:controller => :comparisons), :method => :post do = hidden_field_tag :poem1_id, poems[:a].id = hidden_field_tag :poem2_id, poems[:b].id = hidden_field_tag :response, 2 = submit_tag "Vote for me", :disable_with => 'Vote for me', :class => "compare" .span-4.prepend-8.append-8.prepend-top.last - form_remote_tag :action => url_for(:controller => :comparisons), :method => :post do = hidden_field_tag :poem1_id, poems[:a].id = hidden_field_tag :poem2_id, poems[:b].id = hidden_field_tag :response, 'draw' = submit_tag "Declare Draw", :disable_with => 'Declare Draw', :class => "compare" RJS page.replace_html :comparison, :partial => 'poems', :object => @poems page.insert_html :top, :previous, :partial => 'comparison', :object => @comparison page << "Effect.ScrollTo($('top'));"

    Read the article

  • How do disable Rails submit buttons alongside Prototype helpers & RJS?

    - by Jesse
    I'm trying to follow this post http://stackoverflow.com/questions/576240/how-can-i-unobtrusively-disable-submit-buttons-with-javascript-and-prototype but I can't get it to work. The form triggers an RJS function, so I need to keep the helpers' onclick events intact. The RJS returns/reloads the same forms along with two new texts. I'm really confused. Here is my rails code for the forms: .span-20#comparison / new comparison . . . / voting forms (also reloaded) .span-4.prepend-3.append-6 - form_remote_tag :action => url_for(:controller => :comparisons), :method => :post do = hidden_field_tag :poem1_id, poems[:a].id = hidden_field_tag :poem2_id, poems[:b].id = hidden_field_tag :response, 1 = submit_tag "Vote for me", :disabled => false, :disable_with => 'Vote for me', :class => "compare" .span-4.append-3.last - form_remote_tag :action => url_for(:controller => :comparisons), :method => :post do = hidden_field_tag :poem1_id, poems[:a].id = hidden_field_tag :poem2_id, poems[:b].id = hidden_field_tag :response, 2 = submit_tag "Vote for me", :disable_with => 'Vote for me', :class => "compare" .span-4.prepend-8.append-8.prepend-top.last - form_remote_tag :action => url_for(:controller => :comparisons), :method => :post do = hidden_field_tag :poem1_id, poems[:a].id = hidden_field_tag :poem2_id, poems[:b].id = hidden_field_tag :response, 'draw' = submit_tag "Declare Draw", :disable_with => 'Declare Draw', :class => "compare" RJS page.replace_html :comparison, :partial => 'poems', :object => @poems page.insert_html :top, :previous, :partial => 'comparison', :object => @comparison page << "Effect.ScrollTo($('top'));"

    Read the article

  • Javascript append to onClick event

    - by John Hartsock
    Guys I have the following Code which I know doesnt work correctly. Yes I know how to do this in JQuery but In this case I cannot use jquery. Please no jquery answers. <form> <input type="text" name="input1" onclick="alert('hello')"> <input type="text" name="input2"> <input type="text" name="input3"> </form> <script type="text\javascript"> window.onload = function () { var currentOnClick; for (var i = 0; i < document.forms[0].elements.length; i++) { currentOnClick = document.forms[0].elements[i].onclick; document.forms[0].elements[i].onclick = function () { if (currentOnClick) { currentOnClick(); } alert("hello2"); } } } </script> What Im trying to do is iterate through the form's elements and add to the onclick function. But due to the fact that in my last iteration currentOnClick is null this does not run as expected. I want to preserve each of the elements onclick methods and play them back in the new fuction Im creating. What I want: When input1 is clicked, alert "hello" then alert "hello2" When Input2 is clicked, alert "hello2" When Input3 is clicked, alert "hello2"

    Read the article

  • Trouble getting QMainWindow to scroll

    - by random
    A minimal example: class MainWindow(QtGui.QMainWindow): def __init__(self, parent = None): QtGui.QMainWindow.__init__(self, parent) winWidth = 683 winHeight = 784 screen = QtGui.QDesktopWidget().availableGeometry() screenCenterX = (screen.width() - winWidth) / 2 screenCenterY = (screen.height() - winHeight) / 2 self.setGeometry(screenCenterX, screenCenterY, winWidth, winHeight) layout = QtGui.QVBoxLayout() layout.addWidget(FormA()) mainWidget = QtGui.QWidget() mainWidget.setLayout(layout) self.setCentralWidget(mainWidget) FormA is a QFrame with a VBoxLayout that can expand to an arbitrary number of entries. In the code posted above, if the entries in the forms can't fit in the window then the window itself grows. I'd prefer for the window to become scrollable. I've also tried the following... replacing mainWidget = QtGui.QWidget() mainWidget.setLayout(layout) self.setCentralWidget(mainWidget) with mainWidget = QtGui.QScrollArea() mainWidget.setLayout(layout) self.setCentralWidget(mainWidget) results in the forms and entries shrinking if they can't fit in the window. Replacing it with mainWidget = QtGui.QWidget() mainWidget.setLayout(layout) scrollWidget = QtGui.QScrollArea() scrollWidget.setWidget(mainWidget) self.setCentralWidget(scrollWidget) results in the mainwidget (composed of the forms) being scrunched in the top left corner of the window, leaving large blank areas on the right and bottom of it, and still isn't scrollable. I can't set a limit on the size of the window because I wish for it to be resizable. How can I make this window scrollable?

    Read the article

  • javascript form reset function not working

    - by daniel
    <form name="mysqlDetails"> <label class="text">url:</label><input id="url" type="text" name="url"/><br/> <label class="text">country:</label><input id="country" type="text" name="country"/><br/> ... <input type="button" id="button" value="save" onclick="ajax.insert('mysqlDetails')"/> <input type="reset" id="clear" value="clear"/> <input type="checkbox" id="autoclear"/><label>autoclear</label> </form> function autoclear(frm){ if(document.forms[frm].getElementById('autoclear').checked==true){ document.forms[frm].reset(); document.forms[frm].getElementById('autoclear').checked=true; } } this.connect=function(frm){ if (isFirefox() && firefoxVersion() >= 3) { httpReq.onload = check; } else { httpReq.onreadystatechange = check; } httpReq.open('GET',url(frm),false); httpReq.send(null); autoclear(frm); } js is located in external file. executing form reset with an non-external file function works fine. why?

    Read the article

  • Security Issues with Single Page Apps

    - by Stephen.Walther
    Last week, I was asked to do a code review of a Single Page App built using the ASP.NET Web API, Durandal, and Knockout (good stuff!). In particular, I was asked to investigate whether there any special security issues associated with building a Single Page App which are not present in the case of a traditional server-side ASP.NET application. In this blog entry, I discuss two areas in which you need to exercise extra caution when building a Single Page App. I discuss how Single Page Apps are extra vulnerable to both Cross-Site Scripting (XSS) attacks and Cross-Site Request Forgery (CSRF) attacks. This goal of this blog post is NOT to persuade you to avoid writing Single Page Apps. I’m a big fan of Single Page Apps. Instead, the goal is to ensure that you are fully aware of some of the security issues related to Single Page Apps and ensure that you know how to guard against them. Cross-Site Scripting (XSS) Attacks According to WhiteHat Security, over 65% of public websites are open to XSS attacks. That’s bad. By taking advantage of XSS holes in a website, a hacker can steal your credit cards, passwords, or bank account information. Any website that redisplays untrusted information is open to XSS attacks. Let me give you a simple example. Imagine that you want to display the name of the current user on a page. To do this, you create the following server-side ASP.NET page located at http://MajorBank.com/SomePage.aspx: <%@Page Language="C#" %> <html> <head> <title>Some Page</title> </head> <body> Welcome <%= Request["username"] %> </body> </html> Nothing fancy here. Notice that the page displays the current username by using Request[“username”]. Using Request[“username”] displays the username regardless of whether the username is present in a cookie, a form field, or a query string variable. Unfortunately, by using Request[“username”] to redisplay untrusted information, you have now opened your website to XSS attacks. Here’s how. Imagine that an evil hacker creates the following link on another website (hackers.com): <a href="/SomePage.aspx?username=<script src=Evil.js></script>">Visit MajorBank</a> Notice that the link includes a query string variable named username and the value of the username variable is an HTML <SCRIPT> tag which points to a JavaScript file named Evil.js. When anyone clicks on the link, the <SCRIPT> tag will be injected into SomePage.aspx and the Evil.js script will be loaded and executed. What can a hacker do in the Evil.js script? Anything the hacker wants. For example, the hacker could display a popup dialog on the MajorBank.com site which asks the user to enter their password. The script could then post the password back to hackers.com and now the evil hacker has your secret password. ASP.NET Web Forms and ASP.NET MVC have two automatic safeguards against this type of attack: Request Validation and Automatic HTML Encoding. Protecting Coming In (Request Validation) In a server-side ASP.NET app, you are protected against the XSS attack described above by a feature named Request Validation. If you attempt to submit “potentially dangerous” content — such as a JavaScript <SCRIPT> tag — in a form field or query string variable then you get an exception. Unfortunately, Request Validation only applies to server-side apps. Request Validation does not help in the case of a Single Page App. In particular, the ASP.NET Web API does not pay attention to Request Validation. You can post any content you want – including <SCRIPT> tags – to an ASP.NET Web API action. For example, the following HTML page contains a form. When you submit the form, the form data is submitted to an ASP.NET Web API controller on the server using an Ajax request: <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> </head> <body> <form data-bind="submit:submit"> <div> <label> User Name: <input data-bind="value:user.userName" /> </label> </div> <div> <label> Email: <input data-bind="value:user.email" /> </label> </div> <div> <input type="submit" value="Submit" /> </div> </form> <script src="Scripts/jquery-1.7.1.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { user: { userName: ko.observable(), email: ko.observable() }, submit: function () { $.post("/api/users", ko.toJS(this.user)); } }; ko.applyBindings(viewModel); </script> </body> </html> The form above is using Knockout to bind the form fields to a view model. When you submit the form, the view model is submitted to an ASP.NET Web API action on the server. Here’s the server-side ASP.NET Web API controller and model class: public class UsersController : ApiController { public HttpResponseMessage Post(UserViewModel user) { var userName = user.UserName; return Request.CreateResponse(HttpStatusCode.OK); } } public class UserViewModel { public string UserName { get; set; } public string Email { get; set; } } If you submit the HTML form, you don’t get an error. The “potentially dangerous” content is passed to the server without any exception being thrown. In the screenshot below, you can see that I was able to post a username form field with the value “<script>alert(‘boo’)</script”. So what this means is that you do not get automatic Request Validation in the case of a Single Page App. You need to be extra careful in a Single Page App about ensuring that you do not display untrusted content because you don’t have the Request Validation safety net which you have in a traditional server-side ASP.NET app. Protecting Going Out (Automatic HTML Encoding) Server-side ASP.NET also protects you from XSS attacks when you render content. By default, all content rendered by the razor view engine is HTML encoded. For example, the following razor view displays the text “<b>Hello!</b>” instead of the text “Hello!” in bold: @{ var message = "<b>Hello!</b>"; } @message   If you don’t want to render content as HTML encoded in razor then you need to take the extra step of using the @Html.Raw() helper. In a Web Form page, if you use <%: %> instead of <%= %> then you get automatic HTML Encoding: <%@ Page Language="C#" %> <% var message = "<b>Hello!</b>"; %> <%: message %> This automatic HTML Encoding will prevent many types of XSS attacks. It prevents <script> tags from being rendered and only allows &lt;script&gt; tags to be rendered which are useless for executing JavaScript. (This automatic HTML encoding does not protect you from all forms of XSS attacks. For example, you can assign the value “javascript:alert(‘evil’)” to the Hyperlink control’s NavigateUrl property and execute the JavaScript). The situation with Knockout is more complicated. If you use the Knockout TEXT binding then you get HTML encoded content. On the other hand, if you use the HTML binding then you do not: <!-- This JavaScript DOES NOT execute --> <div data-bind="text:someProp"></div> <!-- This Javacript DOES execute --> <div data-bind="html:someProp"></div> <script src="Scripts/jquery-1.7.1.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { someProp : "<script>alert('Evil!')<" + "/script>" }; ko.applyBindings(viewModel); </script>   So, in the page above, the DIV element which uses the TEXT binding is safe from XSS attacks. According to the Knockout documentation: “Since this binding sets your text value using a text node, it’s safe to set any string value without risking HTML or script injection.” Just like server-side HTML encoding, Knockout does not protect you from all types of XSS attacks. For example, there is nothing in Knockout which prevents you from binding JavaScript to a hyperlink like this: <a data-bind="attr:{href:homePageUrl}">Go</a> <script src="Scripts/jquery-1.7.1.min.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { homePageUrl: "javascript:alert('evil!')" }; ko.applyBindings(viewModel); </script> In the page above, the value “javascript:alert(‘evil’)” is bound to the HREF attribute using Knockout. When you click the link, the JavaScript executes. Cross-Site Request Forgery (CSRF) Attacks Cross-Site Request Forgery (CSRF) attacks rely on the fact that a session cookie does not expire until you close your browser. In particular, if you visit and login to MajorBank.com and then you navigate to Hackers.com then you will still be authenticated against MajorBank.com even after you navigate to Hackers.com. Because MajorBank.com cannot tell whether a request is coming from MajorBank.com or Hackers.com, Hackers.com can submit requests to MajorBank.com pretending to be you. For example, Hackers.com can post an HTML form from Hackers.com to MajorBank.com and change your email address at MajorBank.com. Hackers.com can post a form to MajorBank.com using your authentication cookie. After your email address has been changed, by using a password reset page at MajorBank.com, a hacker can access your bank account. To prevent CSRF attacks, you need some mechanism for detecting whether a request is coming from a page loaded from your website or whether the request is coming from some other website. The recommended way of preventing Cross-Site Request Forgery attacks is to use the “Synchronizer Token Pattern” as described here: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet When using the Synchronizer Token Pattern, you include a hidden input field which contains a random token whenever you display an HTML form. When the user opens the form, you add a cookie to the user’s browser with the same random token. When the user posts the form, you verify that the hidden form token and the cookie token match. Preventing Cross-Site Request Forgery Attacks with ASP.NET MVC ASP.NET gives you a helper and an action filter which you can use to thwart Cross-Site Request Forgery attacks. For example, the following razor form for creating a product shows how you use the @Html.AntiForgeryToken() helper: @model MvcApplication2.Models.Product <h2>Create Product</h2> @using (Html.BeginForm()) { @Html.AntiForgeryToken(); <div> @Html.LabelFor( p => p.Name, "Product Name:") @Html.TextBoxFor( p => p.Name) </div> <div> @Html.LabelFor( p => p.Price, "Product Price:") @Html.TextBoxFor( p => p.Price) </div> <input type="submit" /> } The @Html.AntiForgeryToken() helper generates a random token and assigns a serialized version of the same random token to both a cookie and a hidden form field. (Actually, if you dive into the source code, the AntiForgeryToken() does something a little more complex because it takes advantage of a user’s identity when generating the token). Here’s what the hidden form field looks like: <input name=”__RequestVerificationToken” type=”hidden” value=”NqqZGAmlDHh6fPTNR_mti3nYGUDgpIkCiJHnEEL59S7FNToyyeSo7v4AfzF2i67Cv0qTB1TgmZcqiVtgdkW2NnXgEcBc-iBts0x6WAIShtM1″ /> And here’s what the cookie looks like using the Google Chrome developer toolbar: You use the [ValidateAntiForgeryToken] action filter on the controller action which is the recipient of the form post to validate that the token in the hidden form field matches the token in the cookie. If the tokens don’t match then validation fails and you can’t post the form: public ActionResult Create() { return View(); } [ValidateAntiForgeryToken] [HttpPost] public ActionResult Create(Product productToCreate) { if (ModelState.IsValid) { // save product to db return RedirectToAction("Index"); } return View(); } How does this all work? Let’s imagine that a hacker has copied the Create Product page from MajorBank.com to Hackers.com – the hacker grabs the HTML source and places it at Hackers.com. Now, imagine that the hacker trick you into submitting the Create Product form from Hackers.com to MajorBank.com. You’ll get the following exception: The Cross-Site Request Forgery attack is blocked because the anti-forgery token included in the Create Product form at Hackers.com won’t match the anti-forgery token stored in the cookie in your browser. The tokens were generated at different times for different users so the attack fails. Preventing Cross-Site Request Forgery Attacks with a Single Page App In a Single Page App, you can’t prevent Cross-Site Request Forgery attacks using the same method as a server-side ASP.NET MVC app. In a Single Page App, HTML forms are not generated on the server. Instead, in a Single Page App, forms are loaded dynamically in the browser. Phil Haack has a blog post on this topic where he discusses passing the anti-forgery token in an Ajax header instead of a hidden form field. He also describes how you can create a custom anti-forgery token attribute to compare the token in the Ajax header and the token in the cookie. See: http://haacked.com/archive/2011/10/10/preventing-csrf-with-ajax.aspx Also, take a look at Johan’s update to Phil Haack’s original post: http://johan.driessen.se/posts/Updated-Anti-XSRF-Validation-for-ASP.NET-MVC-4-RC (Other server frameworks such as Rails and Django do something similar. For example, Rails uses an X-CSRF-Token to prevent CSRF attacks which you generate on the server – see http://excid3.com/blog/rails-tip-2-include-csrf-token-with-every-ajax-request/#.UTFtgDDkvL8 ). For example, if you are creating a Durandal app, then you can use the following razor view for your one and only server-side page: @{ Layout = null; } <!DOCTYPE html> <html> <head> <title>Index</title> </head> <body> @Html.AntiForgeryToken() <div id="applicationHost"> Loading app.... </div> @Scripts.Render("~/scripts/vendor") <script type="text/javascript" src="~/App/durandal/amd/require.js" data-main="/App/main"></script> </body> </html> Notice that this page includes a call to @Html.AntiForgeryToken() to generate the anti-forgery token. Then, whenever you make an Ajax request in the Durandal app, you can retrieve the anti-forgery token from the razor view and pass the token as a header: var csrfToken = $("input[name='__RequestVerificationToken']").val(); $.ajax({ headers: { __RequestVerificationToken: csrfToken }, type: "POST", dataType: "json", contentType: 'application/json; charset=utf-8', url: "/api/products", data: JSON.stringify({ name: "Milk", price: 2.33 }), statusCode: { 200: function () { alert("Success!"); } } }); Use the following code to create an action filter which you can use to match the header and cookie tokens: using System.Linq; using System.Net.Http; using System.Web.Helpers; using System.Web.Http.Controllers; namespace MvcApplication2.Infrastructure { public class ValidateAjaxAntiForgeryToken : System.Web.Http.AuthorizeAttribute { protected override bool IsAuthorized(HttpActionContext actionContext) { var headerToken = actionContext .Request .Headers .GetValues("__RequestVerificationToken") .FirstOrDefault(); ; var cookieToken = actionContext .Request .Headers .GetCookies() .Select(c => c[AntiForgeryConfig.CookieName]) .FirstOrDefault(); // check for missing cookie or header if (cookieToken == null || headerToken == null) { return false; } // ensure that the cookie matches the header try { AntiForgery.Validate(cookieToken.Value, headerToken); } catch { return false; } return base.IsAuthorized(actionContext); } } } Notice that the action filter derives from the base AuthorizeAttribute. The ValidateAjaxAntiForgeryToken only works when the user is authenticated and it will not work for anonymous requests. Add the action filter to your ASP.NET Web API controller actions like this: [ValidateAjaxAntiForgeryToken] public HttpResponseMessage PostProduct(Product productToCreate) { // add product to db return Request.CreateResponse(HttpStatusCode.OK); } After you complete these steps, it won’t be possible for a hacker to pretend to be you at Hackers.com and submit a form to MajorBank.com. The header token used in the Ajax request won’t travel to Hackers.com. This approach works, but I am not entirely happy with it. The one thing that I don’t like about this approach is that it creates a hard dependency on using razor. Your single page in your Single Page App must be generated from a server-side razor view. A better solution would be to generate the anti-forgery token in JavaScript. Unfortunately, until all browsers support a way to generate cryptographically strong random numbers – for example, by supporting the window.crypto.getRandomValues() method — there is no good way to generate anti-forgery tokens in JavaScript. So, at least right now, the best solution for generating the tokens is the server-side solution with the (regrettable) dependency on razor. Conclusion The goal of this blog entry was to explore some ways in which you need to handle security differently in the case of a Single Page App than in the case of a traditional server app. In particular, I focused on how to prevent Cross-Site Scripting and Cross-Site Request Forgery attacks in the case of a Single Page App. I want to emphasize that I am not suggesting that Single Page Apps are inherently less secure than server-side apps. Whatever type of web application you build – regardless of whether it is a Single Page App, an ASP.NET MVC app, an ASP.NET Web Forms app, or a Rails app – you must constantly guard against security vulnerabilities.

    Read the article

  • error CS0177: The out parameter 'Wx' must be assigned to before control leaves the current method

    - by sonny5
    using System; using System.Drawing; using System.Drawing.Drawing2D; using System.Collections; using System.ComponentModel; using System.Windows.Forms; using System.Data; public class Form1 : System.Windows.Forms.Form { public static float WXmin; public static float WYmin; public static float WXmax; public static float WYmax; public static int VXmin; public static int VYmin; public static int VXmax; public static int VYmax; public static float Vx; public static float Vy; public Form1() { InitializeComponent(); } private void InitializeComponent() { //this.AutoScaleBaseSize = new System.Drawing.Size(5, 13); this.ClientSize = new System.Drawing.Size(400, 300); this.Text="Pass Args"; this.Paint += new System.Windows.Forms.PaintEventHandler(this.doLine); } static void Main() { Application.Run(new Form1()); } private void doLine(object sender, System.Windows.Forms.PaintEventArgs e) { Graphics g = e.Graphics; g.FillRectangle(Brushes.White, this.ClientRectangle); Pen p = new Pen(Color.Black); g.DrawLine(p, 0, 0, 100, 100); p.Dispose(); } private void eachCornerPix (object sender, PaintEventArgs e, out float Wx, out float Wy, out float Vx, out float Vy) { Graphics g = this.CreateGraphics(); Pen penBlu = new Pen(Color.Blue, 2); SolidBrush redBrush = new SolidBrush(Color.Red); int width = 2; // 1 pixel wide in x int height = 2; float [] Wxc = {0.100f, 5.900f, 5.900f, 0.100f}; float [] Wyc = {0.100f, 0.100f, 3.900f, 3.900f}; for (int i = 0; i<3; i++) { Wx = Wxc[i]; Wy = Wyc[i]; Vx = ((Wx - WXmin)*((VXmax-VXmin)+VXmin)/(WXmax-WXmin)); Vy = ((Wy - WYmin)*(VYmax-VYmin)/(WYmax-WYmin)+VYmin); Console.WriteLine("eachCornerPix Vx= {0}", Vx); Console.WriteLine("eachCornerPix Vy= {0}", Vy); g.FillRectangle(redBrush, Vx, Vy, width, height); g.Dispose(); } // Desired effect: Use the array values (Wxc, Wyc) and re-assign them to Wx and Wy. Then use // Wx and Wy as components to calculate Vx and Vy. // My end goal...once compile issues are resolved, is to pass each array value listed // using this method. This should allow 4 xy point pairs to be plotted. // Errors: // pass1.cs(51,18): error CS0177: The out parameter 'Wx' must be assigned to before // control leaves the current method // pass1.cs(51,18): error CS0177: The out parameter 'Wy' must be assigned to before // control leaves the current method // pass1.cs(51,18): error CS0177: The out parameter 'Vx' must be assigned to before // control leaves the current method // pass1.cs(51,18): error CS0177: The out parameter 'Vy' must be assigned to before // control leaves the current method } }

    Read the article

  • View Generated Source (After AJAX/JavaScript) in C#

    - by Michael La Voie
    Is there a way to view the generated source of a web page (the code after all AJAX calls and JavaScript DOM manipulations have taken place) from a C# application without opening up a browser from the code? Viewing the initial page using a WebRequest or WebClient object works ok, but if the page makes extensive use of JavaScript to alter the DOM on page load, then these don't provide an accurate picture of the page. I have tried using Selenium and Watin UI testing frameworks and they work perfectly, supplying the generated source as it appears after all JavaScript manipulations are completed. Unfortunately, they do this by opening up an actual web browser, which is very slow. I've implemented a selenium server which offloads this work to another machine, but there is still a substantial delay. Is there a .Net library that will load and parse a page (like a browser) and spit out the generated code? Clearly, Google and Yahoo aren't opening up browsers for every page they want to spider (of course they may have more resources than me...). Is there such a library or am I out of luck unless I'm willing to dissect the source code of an open source browser? SOLUTION Well, thank you everyone for you're help. I have a working solution that is about 10X faster then Selenium. Woo! Thanks to this old article from beansoftware I was able to use the System.Windows.Forms.WebBrwoswer control to download the page and parse it, then give em the generated source. Even though the control is in Windows.Forms, you can still run it from Asp.Net (which is what I'm doing), just remember to add System.Window.Forms to your project references. There are two notable things about the code. First, the WebBrowser control is called in a new thread. This is because it must run on a single threaded apartment. Second, the GeneratedSource variable is set in two places. This is not due to an intelligent design decision :) I'm still working on it and will update this answer when I'm done. wb_DocumentCompleted() is called multiple times. First when the initial HTML is downloaded, then again when the first round of JavaScript completes. Unfortunately, the site I'm scraping has 3 different loading stages. 1) Load initial HTML 2) Do first round of JavaScript DOM manipulation 3) pause for half a second then do a second round of JS DOM manipulation. For some reason, the second round isn't cause by the wb_DocumentCompleted() function, but it is always caught when wb.ReadyState == Complete. So why not remove it from wb_DocumentCompleted()? I'm still not sure why it isn't caught there and that's where the beadsoftware article recommended putting it. I'm going to keep looking into it. I just wanted to publish this code so anyone who's interested can use it. Enjoy! using System.Threading; using System.Windows.Forms; public class WebProcessor { private string GeneratedSource{ get; set; } private string URL { get; set; } public string GetGeneratedHTML(string url) { URL = url; Thread t = new Thread(new ThreadStart(WebBrowserThread)); t.SetApartmentState(ApartmentState.STA); t.Start(); t.Join(); return GeneratedSource; } private void WebBrowserThread() { WebBrowser wb = new WebBrowser(); wb.Navigate(URL); wb.DocumentCompleted += new WebBrowserDocumentCompletedEventHandler( wb_DocumentCompleted); while (wb.ReadyState != WebBrowserReadyState.Complete) Application.DoEvents(); //Added this line, because the final HTML takes a while to show up GeneratedSource= wb.Document.Body.InnerHtml; wb.Dispose(); } private void wb_DocumentCompleted(object sender, WebBrowserDocumentCompletedEventArgs e) { WebBrowser wb = (WebBrowser)sender; GeneratedSource= wb.Document.Body.InnerHtml; } }

    Read the article

  • Linked Tables not working With Access Database

    - by Kronass
    Hi, I have an Access database in a computer and I want to access it from other computer in the network. so I made mapped drive and created Linked Tables, then Imported all the objects (forms, queries, reports). when I open access database in the second computer and make any changes in using the forms non of the changes are affected in the main computer (supposedly server) and vise-versa. what am I missing? if this way will not work how can I access the Access database from other computer in the network and be able to use all the objects and make changes in it? hint: Access Version at main computer is 2003 and client pc 2007, will it effect?

    Read the article

  • Delphi - Why is my global variable "inacessible" when i debug

    - by Antoine Lpy
    I'm building an application that contains around 30 Forms. I need to manage sessions, so I would like to have a global LoggedInUser variable accessible from all forms. I read "David Heffernan"'s post about global variables, and how to avoid them but I thought it would be easier to have a global User variable rather than 30 forms having their own User variable. So i have a unit : GlobalVars unit GlobalVars; interface uses User; // I defined my TUser class in a unit called User var LoggedInUser: TUser; implementation initialization LoggedInUser:= TUser.Create; finalization LoggedInUser.Free; end. Then in my LoginForm's LoginBtnClick procedure I do : unit FormLogin; interface uses [...],User; type TForm1 = class(TForm) [...] procedure LoginBtnClick(Sender: TObject); private { Déclarations privées } public end; var Form1: TForm1; AureliusConnection : IDBConnection; implementation {$R *.fmx} uses [...]GlobalVars; procedure TForm1.LoginBtnClick(Sender: TObject); var Manager : TObjectManager; MyCriteria: TCriteria<TUser>; u : TUser; begin Manager := TObjectManageR.Create(AureliusConnection); MyCriteria :=Manager.Find<TUtilisateur> .Add(TExpression.Eq('login',LoginEdit.Text)) .Add(TExpression.Eq('password',PasswordEdit.Text)); u := MyCriteria.UniqueResult; if u = nil then MessageDlg('Login ou mot de passe incorrect',TMsgDlgType.mtError,[TMsgDlgBtn.mbOK],0) else begin LoggedInUser:=u; //Here I assign my local User data to my global User variable Form1.Destroy; A00Form.visible:=true; end; Manager.Free; end; Then in another form I would like to access this LoggedInUser object in the Menu1BtnClick procedure : Unit C01_Deviations; interface uses System.SysUtils, System.Types, System.UITypes, System.Classes, System.Variants, FMX.Types, FMX.Graphics, FMX.Controls, FMX.Forms, FMX.Dialogs, FMX.StdCtrls, FMX.ListView.Types, FMX.ListView, FMX.Objects, FMX.Layouts, FMX.Edit, FMX.Ani; type TC01Form = class(TForm) [...] Menu1Btn: TButton; [...] procedure Menu1BtnClick(Sender: TObject); private { Déclarations privées } public { Déclarations publiques } end; var C01Form: TC01Form; implementation uses [...]User,GlobalVars; {$R *.fmx} procedure TC01Form.Menu1BtnClick(Sender: TObject); var Assoc : TUtilisateur_FonctionManagement; ValidationOK : Boolean; util : TUser; begin ValidationOK := False; util := GlobalVars.LoggedInUser; // Here i created a local user variable for debug purposes as I thought it would permit me to see the user data. But i get "Inaccessible Value" as its value util.Nom:='test'; for Assoc in util.FonctionManagement do // Here is were my initial " access violation" error occurs begin if Assoc.FonctionManagement.Libelle = 'Reponsable équipe HACCP' then begin ValidationOK := True; break; end; end; [...] end; When I debug I see "Inaccessible Value" in the value column of my user. Do you have any idea why ? I tried to put an integer in this GlobalVar unit, and i was able to set its value from my login form and read it from my other form.. I guess I could store the user's id, which is an integer, and then retrieve the user from the database using its id. But it seems really unefficient.

    Read the article

  • Why a graphics overflow problem as a result of a for loop?

    - by sonny5
    using System; using System.Drawing; using System.Collections; using System.ComponentModel; using System.Windows.Forms; using System.Data; using System.Drawing.Imaging; using System.Drawing.Drawing2D; public class Form1 : System.Windows.Forms.Form { public static float WXmin; public static float WYmin; public static float WXmax; public static float WYmax; public static int VXmin; public static int VYmin; public static int VXmax; public static int VYmax; public static float Wx; public static float Wy; public static float Vx; public static float Vy; public Form1() { InitializeComponent(); } private void InitializeComponent() { this.ClientSize = new System.Drawing.Size(400, 300); this.Text="Pass Args"; this.Paint += new System.Windows.Forms.PaintEventHandler(this.doLine); //this.Paint += new System.PaintEventHandler(this.eachCornerPix); //eachCornerPix(out Wx, out Wy, out Vx, out Vy); } static void Main() { Application.Run(new Form1()); } private void doLine(object sender, System.Windows.Forms.PaintEventArgs e) { Graphics g = e.Graphics; g.FillRectangle(Brushes.White, this.ClientRectangle); Pen p = new Pen(Color.Black); g.DrawLine(p, 0, 0, 100, 100); // draw DOWN in y, which is positive since no matrix called eachCornerPix(sender, e, out Wx, out Wy, out Vx, out Vy); p.Dispose(); } private void eachCornerPix (object sender, System.EventArgs e, out float Wx, out float Wy, out float Vx, out float Vy) { Wx = 0.0f; Wy = 0.0f; Vx = 0.0f; Vy = 0.0f; Graphics g = this.CreateGraphics(); Pen penBlu = new Pen(Color.Blue, 2); SolidBrush redBrush = new SolidBrush(Color.Red); int width = 2; // 1 pixel wide in x int height = 2; float [] Wxc = {0.100f, 5.900f, 5.900f, 0.100f}; float [] Wyc = {0.100f, 0.100f, 3.900f, 3.900f}; Console.WriteLine("Wxc[0] = {0}", Wxc[0]); Console.WriteLine("Wyc[3] = {0}", Wyc[3]); /* for (int i = 0; i<3; i++) { Wx = Wxc[i]; Wy = Wyc[i]; Vx = ((Wx - WXmin)*((VXmax-VXmin)+VXmin)/(WXmax-WXmin)); Vy = ((Wy - WYmin)*(VYmax-VYmin)/(WYmax-WYmin)+VYmin); Console.WriteLine("eachCornerPix Vx= {0}", Vx); Console.WriteLine("eachCornerPix Vy= {0}", Vy); g.FillRectangle(redBrush, Vx, Vy, width, height); } */ // What is there about this for loop that will not run? // When the comments above and after the for loop are removed, it gets an overflow? g.Dispose(); } }

    Read the article

  • How can I handle parameterized queries in Drupal?

    - by Anthony Gatlin
    We have a client who is currently using Lotus Notes/Domino as their content management system and web server. For many reasons, we are recommending they sunset their Notes/Domino implementation and transition onto a more modern platform--such as Drupal. The client has several web applications which would be a natural fit for Drupal. However, I am unsure of the best way to implement one of the web applications in Drupal. I am running into a knowledge barrier and wondered if any of you could fill in the gaps. Situation The client has a Lotus Domino application which serves as a front-end for querying a large DB2 data store and returning a result set (generally in table form) to a user via the web. The web application provides access to approximately 100 pre-defined queries--50 of which are public and 50 of which are secured. Most of the queries accept some set of user selected parameters as input. The output of the queries is typically returned to users in a list (table) format. A limited number of result sets allow drill-down through the HTML table into detail records. The query parameters often involve database queries themselves. For example, a single query may pull a list of company divisions into a drop-down. Once a division is selected, second drop-down with the departments from that division is populated--but perhaps only departments which meet some special criteria--such as those having taken a loss within a specific time frame. Most queries have 2-4 parameters with the average probably being 3. The application involves no data entry. None of the back-end data is ever modified by the web application. All access is purely based around querying data and viewing results. The queries change relatively infrequently, and the current system has been in place for approximately 10 years. There may be 10-20 query additions, modifications, or other changes in a given year. The client simply desires to change the presentation platform but absolutely does not want to re-do the 100 database queries. Once the project is implemented, the client wants their staff to take over and manage future changes. The client's staff have no background in Drupal or PHP but are somewhat willing to learn as necessary. How would you transition this into Drupal? My major knowledge void relates to how we would manage the query parameters and access the queries themselves. Here are a few specific questions but feel free to chime in on any issue related to this implementation. Would we have to build 100 forms by hand--with each form containing the parameters for a given query? If so, how would we do this? Approximately how long would it take to build/configure each of these forms? Is there a better way than manually building 100 forms? (I understand using CCK to enter data into custom content types but since we aren't adding any nodes, I am a little stuck as to how this might work.) Would it be possible for the internal staff to learn to create these query parameter forms--even if they are unfamiliar with Drupal today? Would they be required to do any PHP programming? How would we take the query parameters from a form and execute a query against DB2? Would this require a custom module? If so, would it require one module total or one module per query? (Note: There is apparently a DB2 driver available for Drupal. See http://groups.drupal.org/node/5511.) Note: I am not looking for CMS recommendations other than Drupal as Drupal nicely fits all of the client's other requirements, and I hope to help them standardize on a single platform. Any assistance you can provide would be helpful. Thank you in advance for your help!

    Read the article

  • Accessing Oracle 6i and 9i/10g Databases using C#

    - by Mike M
    Hi all, I am making two build files using NAnt. The first aims to automatically compile Oracle 6i forms and reports and the second aims to compile Oracle 9i/10g forms and reports. Within the NAnt task is a C# script which prompts the developer for database credentials (username, password, database) in order to compile the forms and reports. I want to then run these credentials against the relevant database to ensure the credentials entered are correct and, if they are not, prompt the user to re-enter their credentials. My script currently looks as follows: class GetInput { public static void ScriptMain(Project project) { Console.Clear(); Console.WriteLine("==================================================================="); Console.WriteLine("Welcome to the Compile and Deploy Oracle Forms and Reports Facility"); Console.WriteLine("==================================================================="); Console.WriteLine(); Console.WriteLine("Please enter the acronym of the project to work on from the following list:"); Console.WriteLine(); Console.WriteLine("--------"); Console.WriteLine("- BCS"); Console.WriteLine("- COPEN"); Console.WriteLine("- FCDD"); Console.WriteLine("--------"); Console.WriteLine(); Console.Write("Selection: "); project.Properties["project.type"] = Console.ReadLine(); Console.WriteLine(); Console.Write("Please enter username: "); string username = Console.ReadLine(); project.Properties["username"] = username; string password = ReturnPassword(); project.Properties["password"] = password Console.WriteLine(); Console.Write("Please enter database: "); string database = Console.ReadLine(); project.Properties["database"] = database Console.WriteLine(); //Call method to verify user credentials Console.WriteLine(); Console.WriteLine("Compiling files..."; } public static string ReturnPassword() { Console.Write("Please enter password: "); string password = ""; ConsoleKeyInfo nextKey = Console.ReadKey(true); while (nextKey.Key != ConsoleKey.Enter) { if (nextKey.Key == ConsoleKey.Backspace) { if (password.Length > 0) { password = password.Substring(0, password.Length - 1); Console.Write(nextKey.KeyChar); Console.Write(" "); Console.Write(nextKey.KeyChar); } } else { password += nextKey.KeyChar; Console.Write("*"); } nextKey = Console.ReadKey(true); } return password; } } Having done a bit of research, I find that you can connect to Oracle databases using the System.Data.OracleClient namespace clicky. However, as mentioned in the link, Microsoft is discontinuing support for this so it is not a desireable solution. I have also fonud that Oracle provides its own classes for connecting to Oracle databases clicky. However, this only seems to support connecting to Oracle 9 or newer databases (clicky) so it is not feasible solution as I also need to connect to Oracle 6i databases. I could achieve this by calling a bat script from within the C# script, but I would much prefer to have a single build file for simplicity. Ideally, I would like to run a series of commands such as is contained in the following .bat script: rem -- Set Database SID -- set ORACLE_SID=%DBSID% sqlplus -s %nameofuser%/%password%@%dbsid% set cmdsep on set cmdsep '"'; --" set term on set echo off set heading off select '========================================' || CHR(10) || 'Have checked and found both Password and ' || chr(10) || 'Database Identifier are valid, continuing ...' || CHR(10) || '========================================' from dual; exit; This requires me to set the environment variable of ORACLE_SID and then run sqlplus in silent mode (-s) followed by a series of sql set commands (set x), the actual select statement and an exit command. Can I achieve this within a c# script without calling a bat script, or am I forced to call a bat script? Thanks in advance!

    Read the article

< Previous Page | 119 120 121 122 123 124 125 126 127 128 129 130  | Next Page >