Search Results

Search found 17731 results on 710 pages for 'programming practices'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 168/710 | < Previous Page | 164 165 166 167 168 169 170 171 172 173 174 175  | Next Page >

  • "do it all" page structure and things to watch out for?

    - by Andrew Heath
    I'm still getting my feet wet in PHP (my 1st language) and I've reached the competency level where I can code one page that handles all sorts of different related requests. They generally have a structure like this: (psuedo code) <?php include 'include/functions.php'; IF authorized IF submit (add data) ELSE IF update (update data) ELSE IF list (show special data) ELSE IF tab switch (show new area) ELSE display vanilla (show default) ELSE "must be registered/logged-in" ?> <HTML> // snip <?php echo $output; ?> // snip </HTML> and it all works nicely, and quite quickly which is cool. But I'm still sorta feeling my way in the dark... and would like some input from the pros regarding this type of page design... is it a good long-term structure? (it seems easily expanded...) are there security risks particular to this design? are there corners I should avoid painting myself into? Just curious about what lies ahead, really...

    Read the article

  • What should a developer know before building a public web site?

    - by Joel Coehoorn
    What things should a programmer implementing the technical details of a web site address before making the site public? If Jeff Atwood can forget about HttpOnly cookies, sitemaps, and cross-site request forgeries all in the same site, what important thing could I be forgetting as well? I'm thinking about this from a web developer's perspective, such that someone else is creating the actual design and content for the site. So while usability and content may be more important than the platform, you the programmer have little say in that. What you do need to worry about is that your implementation of the platform is stable, performs well, is secure, and meets any other business goals (like not cost too much, take too long to build, and rank as well with Google as the content supports). Think of this from the perspective of a developer who's done some work for intranet-type applications in a fairly trusted environment, and is about to have his first shot and putting out a potentially popular site for the entire big bad world wide web. Also: I'm looking for something more specific than just a vague "web standards" response. I mean, HTML, JavaScript, and CSS over HTTP are pretty much a given, especially when I've already specified that you're a professional web developer. So going beyond that, Which standards? In what circumstances, and why? Provide a link to the standard's specification. This question is community wiki, so please feel free to edit that answer to add links to good articles that will help explain or teach each particular point.

    Read the article

  • VB Classes Best Practice - give all properties values?

    - by Becky Franklin
    Sorry if this is a bit random, but is it good practice to give all fields of a class a value when the class is instanciated? I'm just wondering if its better practice to have a constuctor that takes no parameters and gives all the fields default values, or whether fields that have values should be assigned and others left alone until required? I hope that makes sense, Becky

    Read the article

  • JDBC/OSGi and how to dynamically load drivers without explicitly stating dependencies in the bundle?

    - by Chris
    Hi, This is a biggie. I have a well-structured yet monolithic code base that has a primitive modular architecture (all modules implement interfaces yet share the same classpath). I realize the folly of this approach and the problems it represents when I go to deploy on application servers that may have different conflicting versions of my library. I'm dependent on around 30 jars right now and am mid-way though bnding them up. Now some of my modules are easy to declare the versioned dependencies of, such as my networking components. They statically reference classes within the JRE and other BNDded libraries but my JDBC related components instantiate via Class.forName(...) and can use one of any number of drivers. I am breaking everything up into OSGi bundles by service area. My core classes/interfaces. Reporting related components. Database access related components (via JDBC). etc.... I wish for my code to be able to still be used without OSGi via single jar file with all my dependencies and without OSGi at all (via JARJAR) and also to be modular via the OSGi meta-data and granular bundles with dependency information. How do I configure my bundle and my code so that it can dynamically utilize any driver on the classpath and/or within the OSGi container environment (Felix/Equinox/etc.)? Is there a run-time method to detect if I am running in an OSGi container that is compatible across containers (Felix/Equinox/etc.) ? Do I need to use a different class loading mechanism if I am in a OSGi container? Am I required to import OSGi classes into my project to be able to load an at-bundle-time-unknown JDBC driver via my database module? I also have a second method of obtaining a driver (via JNDI, which is only really applicable when running in an app server), do I need to change my JNDI access code for OSGi-aware app servers?

    Read the article

  • "Nearly divisible"

    - by bobobobo
    I want to check if a floating point value is "nearly" a multiple of 32. E.g. 64.1 is "nearly" divisible by 32, and so is 63.9. Right now I'm doing this: #define NEARLY_DIVISIBLE 0.1f float offset = fmodf( val, 32.0f ) ; if( offset < NEARLY_DIVISIBLE ) { // its near from above } // if it was 63.9, then the remainder would be large, so add some then and check again else if( fmodf( val + 2*NEARLY_DIVISIBLE, 32.0f ) < NEARLY_DIVISIBLE ) { // its near from below } Got a better way to do this?

    Read the article

  • Separation of concerns and authentication

    - by Tom Gilder
    I'm trying to be a Good Developer and separate my concerns out. I've got an ASP.NET MVC project with all my web code, and a DAL project with all the model code. Sometimes code in the DAL needs to check if the current user is authorized to perform some actions, by checking something like CurrentUser.IsAdmin. For the web site, the current is derived from the Windows username (from HttpContext.Current.User.Identity), but this is clearly a web concern and shouldn't be coupled to the DAL. What's the best pattern to loosely couple the authentication? Should the DAL be asking the MVC code for a username, or the MVC be telling the DAL? Are there advantages or disadvantages to one or the other? Thank you!

    Read the article

  • Can per-user randomized salts be replaced with iterative hashing?

    - by Chas Emerick
    In the process of building what I'd like to hope is a properly-architected authentication mechanism, I've come across a lot of materials that specify that: user passwords must be salted the salt used should be sufficiently random and generated per-user ...therefore, the salt must be stored with the user record in order to support verification of the user password I wholeheartedly agree with the first and second points, but it seems like there's an easy workaround for the latter. Instead of doing the equivalent of (pseudocode here): salt = random(); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword, salt); Why not use the hash of the username as the salt? This yields a domain of salts that is well-distributed, (roughly) random, and each individual salt is as complex as your salt function provides for. Even better, you don't have to store the salt in the database -- just regenerate it at authentication-time. More pseudocode: salt = hash(username); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword); (Of course, hash in the examples above should be something reasonable, like SHA-512, or some other strong hash.) This seems reasonable to me given what (little) I know of crypto, but the fact that it's a simplification over widely-recommended practice makes me wonder whether there's some obvious reason I've gone astray that I'm not aware of.

    Read the article

  • Alternatives to using web.config to store settings (for complex solutions)

    - by Brian MacKay
    In our web applications, we seperate our Data Access Layers out into their own projects. This creates some problems related to settings. Because the DAL will eventually need to be consumed from perhaps more than one application, web.config does not seem like a good place to keep the connection strings and some of the other DAL-related settings. To solve this, on some of our recent projects we introduced a third project just for settings. We put the setting in a system of .Setting files... With a simple wrapper, the ability to have different settings for various enviroments (Dev, QA, Staging, Production, etc) was easy to achieve. The only problem there is that the settings project (including the .Settings class) compiles into an assembly, so you can't change it without doing a build/deployment, and some of our customers want to be able to configure their projects without Visual Studio. So, is there a best practice for this? I have that sense that I'm reinventing the wheel. Some solutions such as storing settings in a fixed directory on the server in, say, our own XML format occurred to us. But again, I would rather avoid having to re-create encryption for sensitive values and so on. And I would rather keep the solution self-contained if possible. EDIT: The original question did not contain the really penetrating reason that we can't (I think) use web.config ... That puts a few (very good) answers out of context, my bad.

    Read the article

  • HELP!! Ruby & RoR Resources?

    - by aaroninfidel
    Hello, I've been a PHP Developer for a few years now and I've recently been interested in learning Ruby & Rails but I've found a lot of the resources I've found seem to be dated and not for Rails 2.0 or Ruby 1.8.6 etc... can anyone point me in the right direction? I'm running OSX 10.6 with the default ruby & rails installation. Thanks!

    Read the article

  • Throwing exception vs returning null value with switch statement

    - by Greg
    So I have function that formats a date to coerce to given enum DateType{CURRENT, START, END} what would be the best way to handling return value with cases that use switch statement public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... default:throw new ("Something strange happend"); } } OR throw excpetion at the end public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... } //It will never reach here, just to make compiler happy throw new IllegalArgumentException("Something strange happend"); } OR return null public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... } return null; } What would be the best practice here ? Also all the enum values will be handled in the case statement

    Read the article

  • Buddy List: Relational Database Table Design

    - by huntaub
    So, the modern concept of the buddy list: Let's say we have a table called Person. Now, that Person needs to have many buddies (of which each buddy is also in the person class). The most obvious way to construct a relationship would be through a join table. i.e. buddyID person1_id person2_id 0 1 2 1 3 6 But, when a user wants to see their buddy list, the program would have to check the column 'person1_id' and 'person2_id' to find all of their buddies. Is this the appropriate way to implement this kind of table, or would it be better to add the record twice.. i.e. buddyID person1_id person2_id 0 1 2 1 2 1 So that only one column has to be searched. Thanks in advance.

    Read the article

  • Why is it preferable to call a static method statically from within an instance of the method's clas

    - by javanix
    If I create an instance of a class in Java, why is it preferable to call a static method of that same class statically, rather than using this.method()? I get a warning from Eclipse when I try to call static method staticMethod() from within the custom class's constructor via this.staticMethod(). public MyClass() { this.staticMethod(); } vs public MyClass() { MyClass.staticMethod(); } Can anyone explain why this is a bad thing to do? It seems to me like the compiler should already have allocated an instance of the object, so statically allocating memory would be unneeded overhead.

    Read the article

  • Security implications of writing files using PHP

    - by susmits
    I'm currently trying to create a CMS using PHP, purely in the interest of education. I want the administrators to be able to create content, which will be parsed and saved on the server storage in pure HTML form to avoid the overhead that executing PHP script would incur. Unfortunately, I could only think of a few ways of doing so: Setting write permission on every directory where the CMS should want to write a file. This sounds like quite a bad idea. Setting write permissions on a single cached directory. A PHP script could then include or fopen/fread/echo the content from a file in the cached directory at request-time. This could perhaps be carried out in a Mediawiki-esque fashion: something like index.php?page=xyz could read and echo content from cached/xyz.html at runtime. However, I'll need to ensure the sanity of $_GET['page'] to prevent nasty variations like index.php?page=http://www.bad-site.org/malicious-script.js. I'm personally not too thrilled by the second idea, but the first one sounds very insecure. Could someone please suggest a good way of getting this done?

    Read the article

  • Java 'Prototype' pattern - new vs clone vs class.newInstance

    - by Guillaume
    In my project there are some 'Prototype' factories that create instances by cloning a final private instance. The author of those factories says that this pattern provides better performance than calling 'new' operator. Using google to get some clues about that, I've found nothing really relevant about that. Here is a small excerpt found in a javdoc from an unknown project javdoc from an unknown project Sadly, clone() is rather slower than calling new. However it is a lot faster than calling java.lang.Class.newInstance(), and somewhat faster than rolling our own "cloner" method. For me it's looking like an old best practice of the java 1.1 time. Does someone know more about this ? Is this a good practice to use that with 'modern' jvm ?

    Read the article

  • How does this code break the Law of Demeter?

    - by Dave Jarvis
    The following code breaks the Law of Demeter: public class Student extends Person { private Grades grades; public Student() { } /** Must never return null; throw an appropriately named exception, instead. */ private synchronized Grades getGrades() throws GradesException { if( this.grades == null ) { this.grades = createGrades(); } return this.grades; } /** Create a new instance of grades for this student. */ protected Grades createGrades() throws GradesException { // Reads the grades from the database, if needed. // return new Grades(); } /** Answers if this student was graded by a teacher with the given name. */ public boolean isTeacher( int year, String name ) throws GradesException, TeacherException { // The method only knows about Teacher instances. // return getTeacher( year ).nameEquals( name ); } private Grades getGradesForYear( int year ) throws GradesException { // The method only knows about Grades instances. // return getGrades().getForYear( year ); } private Teacher getTeacher( int year ) throws GradesException, TeacherException { // This method knows about Grades and Teacher instances. A mistake? // return getGradesForYear( year ).getTeacher(); } } public class Teacher extends Person { public Teacher() { } /** * This method will take into consideration first name, * last name, middle initial, case sensitivity, and * eventually it could answer true to wild cards and * regular expressions. */ public boolean nameEquals( String name ) { return getName().equalsIgnoreCase( name ); } /** Never returns null. */ private synchronized String getName() { if( this.name == null ) { this.name == ""; } return this.name; } } Questions How is the LoD broken? Where is the code breaking the LoD? How should the code be written to uphold the LoD?

    Read the article

  • send credentials with url, possible?

    - by Dejan.S
    Hi. I got a web service that I protect with basic authentication and use ssl. to make it easy for the clients that are gone use this web service I want to skip the 401 and send the credentials with the url (I would like so the customer can access the web service with url from their code / web app), question is this possible? I know about headers but a lot of the clients gone use this do not got the proper developing team to do code. thanks

    Read the article

  • Java operator overloading

    - by nimcap
    Not using operators makes my code obscure. (aNumber / aNother) * count is better than aNumber.divideBy(aNother).times(count) After 6 months of not writing a single comment I had to write a comment to the simple operation above. Usually I refactor until I don't need comment. And this made me realize that it is easier to read and perceive math symbols and numbers than their written forms. For example TWENTY_THOUSAND_THIRTEEN.plus(FORTY_TWO.times(TWO_HUNDERED_SIXTY_ONE)) is more obscure than 20013 + 42*261 So do you know a way to get rid of obscurity while not using operator overloading in Java? Update: I did not think my exaggeration on comments would cause such trouble to me. I am admitting that I needed to write comment a couple of times in 6 months. But not more than 10 lines in total. Sorry for that. Update 2: Another example: budget.plus(bonusCoefficient.times(points)) is more obscure than budget + bonusCoefficient * points I have to stop and think on the first one, at first sight it looks like clutter of words, on the other hand, I get the meaning at first look for the second one, it is very clear and neat. I know this cannot be achieved in Java but I wanted to hear some ideas about my alternatives.

    Read the article

  • Controls added in the designer are null during Page_Load

    - by mwright
    All of the names below are generic and not the actual names used. I have a custom UserControl with a Panel that contains a a couple Labels, both .aspx controls. .aspx: <asp:Panel runat="server"> <asp:Label ID="label1" runat="server"> </asp:Label> </asp:Panel> <asp:Panel runat="server"> <asp:Label ID="label2" runat="server"> </asp:Label> </asp:Panel> Codebehind: private readonly Object object; protected void Page_Load(object sender, EventArgs e) { // These are the lines that are failing // label1 and label2 are null label1.Text = object.Value1; label2.Text = object.Value2; } public ObjectRow(Object objectToDisplay) { object = objectToDisplay; } On another page, in the code behind, I create a new instance of the custom user control. protected void Page_Load(object sender, EventArgs e) { CustomControl control = new CustomControl(object); } The user control takes the parameter and attempts to set the labels based off of the object passed in. The labels that it tries to assign the values to are however, null. Is this an ASP.net lifecycle issue that I'm not understanding? My understanding based on the Microsoft ASP.net lifecycle page was that page controls were available after the Page_Initialization. What is the proper way to do this? Is there a better way?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 164 165 166 167 168 169 170 171 172 173 174 175  | Next Page >