Search Results

Search found 14074 results on 563 pages for 'programmers'.

Page 178/563 | < Previous Page | 174 175 176 177 178 179 180 181 182 183 184 185 | Next Page >

Can HTML injection be a security issue?

- by tkbx

I recently came across a website that generates a random adjective, surrounded by a prefix and suffix entered by the user. For example, if the user enters "123" for prefix, and "789" for suffix, it might generate "123Productive789". I've been screwing around with it, and I thought I might try something out: I entered this into the prefix field: <a href="javascript:window.close();">Click</a><hr /> And, sure enough, I was given the link, then an <hr>, then a random adjective. What I'm wondering is, could this be dangerous? There must be many more websites out there that have this issue, are all of them vulnerable to some sort of php injection?

Read the article
Is it customary to write Java domain objects / data transfer objects with public member variables on mobile platforms?

- by Sean Mickey

We performed a code review recently of mobile application Java code that was developed by an outside contractor and noticed that all of the domain objects / data transfer objects are written in this style: public class Category { public String name; public int id; public String description; public int parentId; } public class EmergencyContact { public long id; public RelationshipType relationshipType; public String medicalProviderType; public Contact contact; public String otherPhone; public String notes; public PersonName personName; } Of course, these members are then accessed directly everywhere else in the code. When we asked about this, the developers told us that this is a customary performance enhancement design pattern that is used on mobile platforms, because mobile devices are resource-limited environments. It doesn't seem to make sense; accessing private members via public getters/setters doesn't seem like it could add much overhead. And the added benefits of encapsulation seem to outweigh the benefits of this coding style. Is this generally true? Is this something that is normally done on mobile platforms for the reasons given above? All feedback welcome and appreciated -

Read the article
junior / professional / senior categorization

- by oozoo

Hey guys, is it just me or is the categorization of developer levels highly subjective? I get the feeling that every company tries to hire experienced developers as juniors because they don't know $technology. For example my own career: I switched technologies a couple of times, while sticking to java as a programming language. For example I first worked for 3 years using JavaSE technologies, the next company I worked for hired me as junior because I didn't have JavaEE experience - while still selling me as professional level to customers (I work in consulting). The next company hired me again as junior because I didn't have SAP experience - they mostly work with SAP Java technologies which is definitely a niche. Still, they are selling all their technology consultants for exactly the same rate while paying them significantly different wages. Now when switching jobs again I feel like this whole thing is going to start all over again because I don't have Spring experience or Oracle knowledge. tl;dr = is my observation totally off base that companies are just using these categorizations as means to keep down wages?

Read the article
cygwin GNU make .net program piping inconsistent behavior

- by Codism

This question may sound like a superuser question but I feel there is something related to programming. Anyway, my computer had a fresh installation of Win 7 64 and cygwin recently. Now I observed some problem with pipe handling in gnu make file. The following is the Makefile I use to reproduce the issue: all: fsutil | cat my-dotnet-console.exe | cat The problem is: for the first command line, the piping works every time but for the second command line, the piping barely works - I got no result for the second command for most cases, regardless of the environment (cmd or bash) in which the make file is invoked. However, if I copy paste the second command line into cmd (or bash), the pipe works every time. The following is my .net program: static void Main(string[] args) { Console.WriteLine(new string('a', 40)); Console.Out.Flush(); } The make version is 3.82.90 but the same problem was observed in a previous version (because of the windows path handling problem in 3.82.9, I replaced make.exe with a previous version). I don't know the exact cygwin version I have installed but the current version on cygwin.com is 1.7.11-1. Currently, my work around is to redirect the output to a temporary file but it would be great if I can avoid the temporary file. Thanks

Read the article
Version control and personal configuration file

- by Erel Segal Halevi

Our project uses a user-specific configuration file. This file is currently not in version control, since it is different for each user. The problem is, whenever a developer adds a new module that requires configuration, or changes the name of an existing modules, the other developers get errors because their private configuration files are not updated. To solve the problem, we thought of working with two configuration files: a default/global configuration file that will be in version control and will be updated regularly by each developer that adds a new module, and a private configuration file that will be kept out of version control and will contain only the user-specific changes. However, this still seems like an ad-hoc solution. Can you propose a better solution? What do the professionals do?

Read the article
What is a generic term for name/identifier? (as opposed to label)

- by d3vid

I need to refer to a number of things that have both an identifier value (used in code and configuration), and a human-readable label. These things include: database columns dropdown items subapplications objects stored in a dictionary I want two unambiguous terms. One to refer to the identifier/value/key. One to refer to the label. As you can see, I'm pretty settled on the latter :) For the former, identifier seems best (not everything is strictly a key, and value and name could refer to the label; although, identifier usually refers only to a variable name), but I would prefer to follow an established practice if there is one. Is there an established term for this? (Please provide a source.) If not, are there any examples of a choice from a significant source (Java APIs, MSDN, a big FLOSS project)? (I wasn't sure if this should be posted here or to English Language & Usage. I thought this was the more appropriate expert audience. Happy to migrate if not.)

Read the article
Automatically analyze excel files

- by dole doug

I have to replicate a manual generation of a large number of excel files. I started to manually track the relations between cells ( files, formulas, etc). I also had a talk with the person which generates those files. For now I have a general understanding about how the excel files are generated, but "devil is in the details". I assume that I can write a script which will generate the hierarchy between cells and files, but this might require the same effort as manually noticing the relations. Also, I'm afraid that I'm not too experienced and my app is more prone to error approach than a manual analyze. How to handle this problem? Do you know about an open source project which analyze the excel files in a recursive mode following the formulas ?

Read the article
MVVM - child windows and data contexts

- by GlenH7

Should a child window have it's own data context (View-Model) or use the data context of the parent? More broadly, should each View have its own View-Model? Are there are any rules to guide making that decision? What if the various View-Models will be accessing the same Model? I haven't been able to find any consistent guidance on my question. The MS definition of MVVM appears to be silent on child windows. For one example, I have created a warning message notification View. It really didn't need a data context since it was passed the message to display. But if I needed to fancy it up a bit, I would have tapped the parent's data context. I have run into another scenario that needs a child window and is more complicated than the notification box. The parent's View-Model is already getting cluttered, so I had planned on generating a dedicated VM for the child window. But I can't find any guidance on whether this is a good idea or what the potential consequences may be. FWIW, I happen to be working in Silverlight, but I don't know that this question is strictly a Silverlight issue.

Read the article
Is this possible?

- by PythonNewbie2

Hello, I'm exploring some technologies and JSP with JSF 2.0 and Primefaces seems really cool. I'm new to all of these, but I'm a fast learner. I wondering if I can create the web app I want withh JSP/JSF/Primefaces or should I be looking to different technologies? If I should, which ones do you recommend? Here's a basic description of the app: Users log in with their username and password (maybe I can somehow incorporate google OPENID)? With a really nice UI, they will be presented a large list of questions specific to a certain category, for example, JSP. When they click on any of these questions, a little input opens up below it to allow the user to put in a link. If the link they enter has the same question on that webpage the URL points to, they will be awarded one point. This question then disappears and gets added to a different page that has a list of all correctly linked questions. On the right side of the screen, there will be a leaderboard with the usernames of the people with the top ten points. Is this possible with JSP/JSF/Primefaces, or should I be looking elsewhere for a different web technology? The idea is relatively simple - to be able to compile links to external websites for specific questions. I know I can build the UI easily with Primefaces. What I'm not sure is if JSP/JSF gives the ability to parse HTML at a certain URL to see if it contains words. I can do this with python easily by using urllib. Any help would be appreciated!!! What would be more helpful than a "Yes" or "No" answer would be links to where I can see sample code of external HTML parsing. Your input is truly appreciated! Thanks!

Read the article
what receives an ajax call?

- by jbcolmenares

I'm making a site which should (a) take information from the user in the form of files and forms, (b) take that data to the server to be run on a C application, and (c) take the result back and show it to the user. I was told to look for AJAX for the communication with the server. BTW, I'm using rails. I'm trying to understand how AJAX works. From what I understand so far, with rails is pretty easy to make the call. What I can't figure out is, what waits for that call? what process the call? If I understand correctly, with rails I could make a function in ruby and make it so it's called through AJAX, which means -or so I understand- that it gets executed on the server. If I were using PHP, would I need to make an http server to wait for the AJAX calls? I just don't find information about what waits for the call, and that information is processed. Any links, comments or books are welcome!

Read the article
How to use Mercurial's LargeFiles extension? [migrated]

- by DuncanBoehle

I use Mercurial for game development, and I'm trying to use the LargeFiles extension included in Mercurial 2.0 to keep track of large binary assets. Unfortunately there isn't a whole lot of documentation on the extension, so I'm not sure how people are expected to use it. For example, is there any way to safely clean out the .hg/largefiles directory? If I'm on the tip revision, and expect to always have internet access, then I don't need the old versions of largefiles cluttering up the repository, since that's the whole point of using the LargeFiles extension. Also, how do I have more fine-grained control over where the largefile store is? I can only assume that it's created somewhere on the computer that ran hg init, but I have no idea about the details. Thanks!

Read the article
Is Perforce as good as merging as DVCSs?

- by dukeofgaming

I've heard that Perforce is very good at merging, I'm guessing this has to do with that it tracks changes in the form of changelists where you can add differences across several files in a single blow. I think this implies Perforce gathers more metadata and therefore has more information to do smarter merging (at least smarter than Subversion, being Perforce centralized). Since this is similar to how Mercurial and Git handle changes (I know DVCSs track content rather than files), I was wondering if somebody knew what were the subtle differences that makes Perforce better or worse than a DVCS like Mercurial or Git.

Read the article
How to organize a programming course?

- by Bogdan Gavril

I've been given the task to train our manual testers to become developers in test (write test automation!). some have basic programing knowledge (either dabbling in PHP or reading stuff) and some who have no experience. Note that I do have teaching experience, but with real students, not employees, and one concern is that they will not put extra hours except the 20% management gave them for the transition. Language to be taught and used: C# We have 8 hours per week to do this and should decide if they will make it in 2 months. I am thinking of a combined approach: use a manual such as Head First C# (although I'm not happy with the labs, they're mostly games and I don't want to add UI complexities) have them read from the manual do labs with them, solving more and more difficult problems and explain the theoretical stuff as well have them do a bigger project towards the end Some questions: do you have a better suggestion as far as manuals go? do you have a better aproach? Focus less on labs? what kind of assesments should I use and how often? should I let them do a bigger project (bank system or small game) and how much time should I invest in that? ideeas on labs? other resources ? Any other tips would be most welcomed! Thanks!

Read the article
Starting a career in mobile development in next 5 months?

- by Jungle Hunter

I will be starting my career shortly and have the opportunity to being my career in mobility. I have an option to be in more traditional fields (the ones that have been around for quite some time now like web development and Java apps development). What are the pros and cons of both? Also, if I do choose mobility, then I might be presented with the option of iOS or Android. Pros and cons of choosing each? Period: Joining in next 5 months. Mobility company profile: Major consulting company.

Read the article
What techniques are used in solving code golf problems?

- by Lord Torgamus

"Regular" golf vs. code golf: Both are competitions. Both have a well-defined set of rules, which I'll leave out for simplicity. Both have well-defined goals; in short, "use fewer hits/characters than your competitors." To win matches, athletic golfers rely on equipment Some situations call for a sand wedge; others, a 9-iron. techniques The drive works better when your feet are about shoulder width apart and your arms are relaxed. and strategies Sure, you could take that direct shortcut to the hole... but do you really want to risk the water hazard or sand bunker when those trees are in the way and the wind is so strong? It might be better to go around the long way. What do code golfers have that's analagous to athletic golfers' equipment, techniques and strategies? Sample answer to get this started: use the right club! Choose GolfScript instead of C#.

Read the article
Hosting WCF over internet

- by user1876804

I am pretty new to exposing the WCF services hosted on IIS over internet. I will be deploying a WCF service over IIS(6 or 7) and would like to expose this service over the internet. This will be hosted in a corporate network having firewall, I want this service to be accessible over the internet(should be able to pass through the firewall) I did some research on this and some of the pointers I got: 1. I could use wsHTTPBinding or nettcpbinding (the client is intended to be .net client). Which of the bindings is preferable. 2. To overcome the corporate I came across DMZ server, what is the purpose of this and do I really need to use this). 3. I will be passing some files between the client and server, and the client needs to know the progress of the processing on server and the end result. I know this is a very broad question to ask, but could anyone give me pointers where I could start on this and what approach to take for this problem.

Read the article
Would you refactor this and if so, would you charge your client?

- by Julius

I am working on a freelance job at home. The client wants me to write some new functionality for his CMS, but it is taking me a lot of time to figure out what the code is doing, because it is written in a very unreadable style. Below is just an example of what I mean. The previous programmer made extensive use of anonymous functions, of eval(), he uses deeply nested ternary operators, he didn't indent code, didn't use comments, and he uses funny constructions like misusing the behaviour of logical operators || and && for creating if/else conditions (the second condition of && only gets tested if the first one is true, opening the possibility to use && as an if/else construction). All in all it's insane code and it's costing me a lot of time to find out how the current code works. return ($this->main->context != "ajax" || in_array($this->type, $this->definition->ajax)) ? eval('return method_exists($this,"Show'.ucfirst($this->type).'") ? $this->Show'.ucfirst($this->type).'('.(count($args) ? join(",",array_map(create_function('$a','return (is_numeric($a) || preg_match("/^array/",$a)) ? $a : "\"".$a."\"";'),$args)) : "").') : null;') : ''; Would you refactor this code and how would you handle this sort of thing with your client, I mean financially?

Read the article
Are certification courses worth it?

- by Bill Williams

I'm planning on getting certification in Database Development for SQL Server (MSTC - 70-433). I'm a junior level report writer at a new job and the company is offering to pay the majority, if not all, of training course fees. The course is five days. I noticed that MS has a self-paced training kit (book) that I could use. I'm wondering if this would be a better option because it will allow me to go as quick as possible. I've also heard about video training sessions (Lynda.com) but they seem to go at slow pace. My questions are: What should I expect at a certification course? Is it hands-on training? Small classes with personal feedback or not? Would I be better off learning at my own pace using the training kit? (I'd rather this not turn into a certifications are pointless discussion..)

Read the article
Why isn't the source code of programs shown in research papers released?

- by Antoine

Is there a reason why the source code of programs shown in research papers are not released ? I understand that research papers are more about the general idea of accomplishing something than implementation details, but I don't get why they don't release the code. For example, in this paper ends with: Results The human line drawing system is implemented through the Qt framework in C++ using OpenGL, and runs on a 2.00 GHz Intel dual core processor workstation without any additional hardware assistance. We can interactively draw lines while the system synthesizes the new path and texture. Do they keep the source code closed intentionally because of a monetization they intend to make with it, or because of copyright ?

Read the article
Is Java free/open source or not?

- by user1598390

On November 13, 2006, Sun released much of Java as free and open source software, (FOSS), under the terms of the GNU General Public License (GPL). On May 8, 2007, Sun finished the process, making all of Java's core code available under free software/open-source distribution terms, aside from a small portion of code to which Sun did not hold the copyright. OpenJDK (Open Java Development Kit) is a free and open source implementation of the Java programming language. It is the result of an effort Sun Microsystems began in 2006. The implementation is licensed under the GNU General Public License (GNU GPL) with a linking exception. Why there are still people that say Java is not open source or free as in free speech ? Am I missing something? Is Java still privative ?

Read the article
Carpool logical architecture

- by enrmarc

I'm designing a carpool system (drivers can publish their routes and passengers can subscribe to them) with WebServices(axis2) and Android clients (ksoap2). I have been having problems with the logical architecture of the system and I wondered if this architecture is fine. And another question: for that architecture (if it is ok), how would be the packages structure? I suppose something like that: (In android) package org.carpool.presentation *All the activities here (and maybe mvc pattern) (In the server) package org.carpool.services *Public interfaces (for example: register(User user), publishRoute(Route route) ) package org.carpool.domain *Pojos (for example: User.java, Route.java, etc) package org.carpool.persistence *Dao Interface and implementation (jdbc or hibernate)

Read the article
Customizing configuration with Dependency Injection

- by mathieu

I'm designing a small application infrastructure library, aiming to simplify development of ASP.NET MVC based applications. Main goal is to enforce convention over configuration. Hovewer, I still want to make some parts "configurable" by developpers. I'm leaning towards the following design: public interface IConfiguration { SomeType SomeValue; } // this one won't get registered in container protected class DefaultConfiguration : IConfiguration { public SomeType SomeValue { get { return SomeType.Default; } } } // declared inside 3rd party library, will get registered in container protected class CustomConfiguration : IConfiguration { public SomeType SomeValue { get { return SomeType.Custom; } } } And the "service" class : public class Service { private IConfiguration conf = new DefaultConfiguration(); // optional dependency, if found, will be set to CustomConfiguration by DI container public IConfiguration Conf { get { return conf; } set { conf = value; } } public void Configure() { DoSomethingWith( Conf ); } } There, the "configuration" part is clearly a dependency of the service class, but it this an "overuse" of DI ?

Read the article
responsibility for storage

- by Stefano Borini

A colleague and I were brainstorming about where to put the responsibility of an object to store itself on the disk in our own file format. There are basically two choices: object.store(file) fileformatWriter.store(object) The first one gives the responsibility of serialization on the disk to the object itself. This is similar to the approach used by python pickle. The second groups the representation responsibility on a file format writer object. The data object is just a plain data container (eventually with additional methods not relevant for storage). We agreed on the second methodology, because it centralizes the writing logic from generic data. We also have cases of objects implementing complex logic that need to store info while the logic is in progress. For these cases, the fileformatwriter object can be passed and used as a delegate, calling storage operations on it. With the first pattern, the complex logic object would instead accept the raw file, and implement the writing logic itself. The first method, however, has the advantage that the object knows how to write and read itself from any file containing it, which may also be convenient. I would like to hear your opinion before starting a rather complex refactoring.

Read the article
Proposal for a new position at work

- by Seth P.

I have an idea at work for a new Product Manager position at our office. I work with several developers, and it would be helpful to have someone working in a type of "Scrum Master" capacity, dividing out assignments and making sure they get complete. This position does not currently exist, however I feel that I have enough evidence to indicate that it be very helpful for our business. What is the best way to present this proposal to my boss? Is there a specific template that you know of for new position? It should be able to describe the qualification for the position, their responsibilities, and what metrics we would use to measure them. Thanks. UPDATE++++ With Anna's suggestion, I gave more details about this specific position. However, I would ideally like the most generic way to present a new position to my boss.

Read the article
How to deal with cargo-cult programming attitude?

- by Aivar

I have some students (in introductory programming course) who see programming language as a set of magic spells, which must be cast in order to achieve some effect (instead of seeing it as a flexible medium for expressing his idea of solution). They tend to copy-paste code from previous similarly sounding assignments without considering the essence of the problem. Can anyone recommend some exercises or analogies to make those students more confident that they can and should understand the structure and meaning of each piece of code they write?

Read the article

< Previous Page | 174 175 176 177 178 179 180 181 182 183 184 185 | Next Page >