Search Results

Search found 16554 results on 663 pages for 'programmers identity'.

Page 189/663 | < Previous Page | 185 186 187 188 189 190 191 192 193 194 195 196  | Next Page >

• Do we set the bar too high by requiring that code tests not suffer from buffer overflow?

  - by brice

  We are currently recruiting for a Junior Developer position working mainly in C on Linux. As part of the process, we require candidates to complete a code test at their leisure in C. So far we have rejected two candidates on the basis that their code, although readable and in one case rather idiomatic, suffered from buffer overflow errors due to unbounded buffer writes. Are buffer overflows acceptable from a graduate developer? Are we setting the bar too high? What is the expected capability of graduate/Junior engineers? [Edit]: We explicitly ask for error-checked, production quality code. We provide a test & build framework for the candidates

  Read the article

• Checking for cross-site scripting vulnerabilities in Perl web applications

  - by David Scholefield

  I'm putting together some notes for a dev team on how to write secure Perl code - especially taking into account the current OWASP top 10 web application vulnerabilities. For cross-site scripting I've included information on ensuring that all output to the browser is checked and escaped where necessary, but I'm looking for more automated mechanisms that would mean a developer doesn't have to think about every output statement and, potentially, miss one. Perl's 'taint' function sounds like it should be a help because it distrusts all user input, but it doesn't complain on tainted data being output to the browser. Apart from checking all output statements individually (probably by calling a generic sanitizing function) does anyone have any ideas on how Perl can help with this with existing libraries or techniques?

  Read the article

• Refactoring this code that produces a reverse-lookup hash from another hash

  - by Frank Joseph Mattia

  This code is based on the idea of a Form Object http://blog.codeclimate.com/blog/2012/10/17/7-ways-to-decompose-fat-activerecord-models/ (see #3 if unfamiliar with the concept). My actual code in question may be found here: https://gist.github.com/frankjmattia/82a9945f30bde29eba88 The code takes a hash of objects/attributes and creates a reverse lookup hash to keep track of their delegations to do this. delegate :first_name, :email, to: :user, prefix: true But I am manually creating the delegations from a hash like this: DELEGATIONS = { user: [ :first_name, :email ] } At runtime when I want to look up the translated attribute names for the objects, all I have to go on are the delegated/prefixed (have to use a prefix to avoid naming collisions) attribute names like :user_first_name which aren't in sync with the rails i18n way of doing it: en: activerecord: attributes: user: email: 'Email Address' The code I have take the above delegations hash and turns it into a lookup table so when I override human_attribute_name I can get back the original attribute name and its class. Then I send #human_attribute_name to the original class with the original attribute name as its argument. The code I've come up with works but it is ugly to say the least. I've never really used #inject so this was a crash course for me and am quite unsure if this code effective way of solving my problem. Could someone recommend a simpler solution that does not require a reverse lookup table or does that seem like the right way to go? Thanks, - FJM

  Read the article

• How can I compare between web development technologies?

  - by Steve

  I would like experts to explain for me how can I compare between web development tools or technologies in order to be able to choose the right one. I'm tired from searching always in the regular way: X Technology vs Y Technology. I'm tired from peoples' biased opinions and usually I don't find a fair comparison. I have decided to put my question here about how can I compare them so you may identify to me the main standards for comparisons so I can compare them by myself and becoming able to choose the technology that is appropriate for the project I will develop. Note: in web development technologies I mean server side languages (e.g. PHP). One important requirement for me that can be defined as major one is cost efficiency and I mean that I don't care about the cost in the near future or the current cost, but what is more important for me is the cost in the future. If, for example, the site becomes one of the most 100 visited sites.   So, how can I compare the cost of different technologies for a future status of a site (such as being very famous site) so I can scale my option easily without missing a good technology like what happened with some sites when they chose not the most effective tool.

  Read the article

• ASP.NET MVC ....or.... PHP, Python, Ruby, Java...?

  - by Muaz Khan

  I’m using ASP.NET MVC in C# and jQuery as well as Ajax. A lot of other web technologies confuse me: PHP, Python, Ruby, Java (or C++) etc. What is your opinion about ASP.NET MVC? Should I choose something else? Today, everyone says, “PHP” is worldly used language..!! And that’s true!!! I’m confused, much confused about my future career. I’m worried I’m not going in right direction! Or for making my future brighter, whether I should choose something else other than ASP.NET MVC and C#. And what would that something else be? I want to be a web developer that can do everything with web (and for web). I’m worried if I’m wasting my time with ASP.NET MVC!!!

  Read the article

• How would you explain that software engineering is more specialized than other engineering fields?

  - by Spencer K

  I work with someone who insists that any good software engineer can develop in any software technology, and experience in a particular technology doesn't matter to building good software. His analogy was that you don't have to have knowledge of the product being built to know how to build an assembly line that manufactures said product. In a way it's a compliment to be viewed with an eye such that "if you're good, you're good at everything", but in a way it also trivializes the profession, as in "Codemonkey, go sling code". Without experience in certain software frameworks, you can get in trouble fast, and that's important. I tried explaining this, but he didn't buy it. Any different views or thoughts on this to help explain that my experience in one thing, doesn't translate to all things?

  Read the article

• Cross platform mobile development VS Native Mobile Development: Present And Future.

  - by MobileDev123

  I just completed one year in Smart phone development, working on BlackBerry and Android and also developed one application exclusively targeted to nokia feature phones. And just a month ago I come to know about Titanium Appcelerator tool that enables cross platform development, but there are some developers who complain about it's sub-par functionalities. Even a little bit experience of mine says that developing in native environment rather than these cross platform tools will give you more advantages by giving a developer a chance to add more features with better performance. Do you have same experience? Or you find such cross development tools really useful regarding to advance functionality and performance? As porting (or co developing) same application to different mobile platform is common thing nowadays, what do you think will these cross platform tools evolve and force developers to get a hands on approach on them or majority will stick to the native development environment?

  Read the article

• Is there a design pattern for chained observers?

  - by sharakan

  Several times, I've found myself in a situation where I want to add functionality to an existing Observer-Observable relationship. For example, let's say I have an Observable class called PriceFeed, instances of which are created by a variety of PriceSources. Observers on this are notified whenever the underlying PriceSource updates the PriceFeed with a new price. Now I want to add a feature that allows a (temporary) override to be set on the PriceFeed. The PriceSource should still update prices on the PriceFeed, but for as long as the override is set, whenever a consumer asks PriceFeed for it's current value, it should get the override. The way I did this was to introduce a new OverrideablePriceFeed that is itself both an Observer and an Observable, and that decorates the actual PriceFeed. It's implementation of .getPrice() is straight from Chain of Responsibility, but how about the handling of Observable events? When an override is set or cleared, it should issue it's own event to Observers, as well as forwarding events from the underlying PriceFeed. I think of this as some kind of a chained observer, and was curious if there's a more definitive description of a similar pattern.

  Read the article

• Advantages and disadvantages of building a single page web application

  - by ryanzec

  I'm nearing the end of a prototyping/proof of concept phase for a side project I'm working on, and trying to decide on some larger scale application design decisions. The app is a project management system tailored more towards the agile development process. One of the decisions I need to make is whether or not to go with a traditional multi-page application or a single page application. Currently my prototype is a traditional multi-page setup, however I have been looking at backbone.js to clean up and apply some structure to my Javascript (jQuery) code. It seems like while backbone.js can be used in multi-page applications, it shines more with single page applications. I am trying to come up with a list of advantages and disadvantages of using a single page application design approach. So far I have: Advantages All data has to be available via some sort of API - this is a big advantage for my use case as I want to have an API to my application anyway. Right now about 60-70% of my calls to get/update data are done through a REST API. Doing a single page application will allow me to better test my REST API since the application itself will use it. It also means that as the application grows, the API itself will grow since that is what the application uses; no need to maintain the API as an add-on to the application. More responsive application - since all data loaded after the initial page is kept to a minimum and transmitted in a compact format (like JSON), data requests should generally be faster, and the server will do slightly less processing. Disadvantages Duplication of code - for example, model code. I am going to have to create models both on the server side (PHP in this case) and the client side in Javascript. Business logic in Javascript - I can't give any concrete examples on why this would be bad but it just doesn't feel right to me having business logic in Javascript that anyone can read. Javascript memory leaks - since the page never reloads, Javascript memory leaks can happen, and I would not even know where to begin to debug them. There are also other things that are kind of double edged swords. For example, with single page applications, the data processed for each request can be a lot less since the application will be asking for the minimum data it needs for the particular request, however it also means that there could be a lot more small request to the server. I'm not sure if that is a good or bad thing. What are some of the advantages and disadvantages of single page web applications that I should keep in mind when deciding which way I should go for my project?

  Read the article

• What are the advantages of the delegate pattern over the observer pattern?

  - by JoJo

  In the delegate pattern, only one object can directly listen to another object's events. In the observer pattern, any number of objects can listen to a particular object's events. When designing a class that needs to notify other object(s) of events, why would you ever use the delegate pattern over the observer pattern? I see the observer pattern as more flexible. You may only have one observer now, but a future design may require multiple observers.

  Read the article

• Why do companies opensource their code?

  - by Fahad Uddin

  I have seen many big companies like Facebook, Twitter and LinkedIn opensource their code. I was curious to understand why would any company share their code to the world. One reason I understood that it makes the people better understand their API. Still, I am a little confused as any other company/person can use their code to find a vulnerability inside and get their site down. Why do such big companies take this risk then?

  Read the article

• Is it possible to migrate struts/spring based application to GWT?

  - by Satish Pandey

  I am using the combination of spring, spring-security, struts and iBatis in my application. Now I am looking to migrate the struts UI to GWT. The new combination must be spring, spring-security, GWT and iBatis. I applied a layered approach to develop my application. In Controller/UI layer i am using Struts. I want to replace struts and use GWT in Controller/UI layer. Is is possible to use GWT without affecting another layers DAO/BL/SL?

  Read the article

• How do you go about training a replacement?

  - by SnOrfus

  I recently asked about leaving a position and got a lot of great answers. One of the common threads was that being around to train the new person would be expected and could go a long way. Now considering that (I think) most people don't stay at a company for a long time after they've given notice, and it will take time for the company to interview/hire one - that leaves for a short amount of time to get someone up to speed. I've also never trained anyone before. I did a bunch of tutoring in University and College, but teaching a language/technology is far different from training someone to replace you on your job. So the question is: how do you go about training someone to replace you in a, potentially, short amount of time?

  Read the article

• JADE Multiple Agents

  - by Umar niaz

  Is it is necessary to run jade instance on remote machine to communicate agents remotely? As I know that something must be running on remote machine to execute particular program but what if we want to create agent on local machine and send or distribute it on remote machine without running program on remote machine? Is it possible and if not, then what is solution? Do we need to run an instance of agent or jade on client machine to communicate agents remotely?

  Read the article

• How do I mashup Google Maps with geolocated photos from one or more social networks?

  - by PureCognition

  I'm working on a proof of concept for a project, and I need to pin random photos to a Google Map. These photos can come from another social network, but need to be non-porn. I've done some research so far, Google's Image Search API is deprecated. So, one has to use the Custom Search API. A lot of the images aren't photos, and I'm not sure how well it handles geolocation yet. Twitter seems a little more well suited, except for the fact that people can post pictures of pretty much anything. I was also going to look into the API's for other networks such as Flickr, Picasa, Pinterest and Instagram. I know there are some aggregate services out there that might have done some of this mash-up work for me as well. If there is anyone out there that has a handle on social APIs and where I should look for this type of solution, I would really appreciate the help. Also, in cases where server-side implementation matters, I'm a .NET developer by experience.

  Read the article

• Looking for tips on managing complexity with SCM repositories

  - by Philip Regan

  I am a solo developer in my department and I have a lot of individual projects, all created and managed by me. I started using SVN at ProjectLocker via Versions on the Mac a couple years ago when the variety of projects started getting unwieldy. Scenario 1: Now I have a process that is of reasonable complexity it can be broken up into multiple smaller applications and they all share files. In one phase, there is a single shared file—a constants file—that is shared between a Cocoa app and an iPhone app framework. In the second phase, the iPhone app framework will be used to create individual apps of the same ilk—controller classes and what not will all be the same—but with different content in each. The problem that I am running across is that the file in the first phase is in one repository with the application that started it, and the app framework is in a second, separate repository. Scenario 2: I have another application framework that partially relies on code from an open source project. This is all internal, non-commerical work, but again, the application framework is going to be used to create a variety of unique products and processes. So, now I have an internally managed repository and an externally managed one out of my control. I make little changes to the open source code to meet the needs of my framework when there is an update I download, but I never commit back into the external repository (though, now that I think about it, I don't think I'm committing it to mine either. Oops). The Problem I have all of this set up on my production Mac quite nicely, but duplicating and subsequently maintaining that environment on my laptop has been challenging. For Scenario 1, I've thought of merging these two projects together into the same repository because they are, for all intents and purposes inextricably linked. But, Scenario 2, I think I'm stuck just managing files as best I can. The Question I'm wondering if anyone has any tips on how to manage either of these situations, as well as other complex SCM scenarios when it comes to linking various files from various repositories together. My familiarity with SVN only comes from my work with Versions. It's been great, but I'm a little out of my depth here.

  Read the article

• Sequence for authentication on a decoupled client?

  - by A T

  Using a sequence diagram and example code could you explain to me how authentication works when the client is completely separated from the server? I.e.: you haven't generated any of the client using a server-side template engine, rather you are communicating using REST (SOAP xor HTTP) xor RPC (XML xor JSON) with javascript on the client-side. Specifically I would like to know the sequence of: Authenticating using basic auth (user+pass) with "my" server Authenticating using OAuth2, e.g.: with Facebook, with facebook's server then whatever extra steps are needed for "my" server And how it could be implemented. (feel free to use psuedo-code [like below] or [preferably] prototyped simply using BackboneJS, AngularJS, EmberJS, BatmanJS, AgilityJS, SammyJS xor ActiveJS. if cookie.status in [Expired, Tampered, Wrong IP, Invalid, Not Found]: try auth(user,pass): if user is in my db: try authenticate(user,pass) if successful: login user # give session-cookie here? else: present user with "auth failed" msg else if user not in db: redirect to "edit-profile" page PS: I have written an example (editable) auth sequence diagram; based on facebooks' documentation.

  Read the article

• Looking for a C# implementation of (Pk) Zip32

  - by bukko

  I need to implement Zip32 (PK compatible) in C#. I can't just call a separate dll or exe because (1) I don't want to write the uncompressed file to disk and (2) I want to avoid the possibly that someone could wrap that library - either of these would compromise security. My ideal solution would be to find a C# implementation of the Zip32 algorithm which I could use, and just modify it so I can pass a byte array or something. Does anyone have any suggestions or (I dare but hope) examples of C# PKZip implementations?

  Read the article

• How much is modern programming still tied to underyling digital logic?

  - by New Talk

  First of all: I've got no academic background. I'm working primarily with Java and Spring and I'm also fond of web programming and relational databases. I hope I'm using the right terms and I hope that this vague question makes some sense. Today the following question came to my mind: How much is modern programming still tied to the underlying digital logic? With modern programming I mean concepts like OOP, AOP, Java 7, AJAX, … I hope you get the idea. Do they no longer need the digital logic with which computers are working internally? Or is binary logic still ubiquitous when programming this way? If I'd change the inner workings of a computer overnight, would it matter, because my programming techniques are already that abstract? P. S.: With digital logic I mean the physical representation of everything "inside" the computer as zeroes and ones. Changed "binary" to "digital".

  Read the article

• Backbone.js, Rails and code duplication

  - by Matteo Pagliazzi

  I'm building a web app and I need a JS framework like Backbone.js to work with my backend rovided by Rails that mostly return JSON objects after DB queries. Searching on the web I've discovered Backbone which seems to be complete, quite populare and actively developed but I've noticed that a lot of things done by Backbone are simply a duplicte of the works done by Rails: for example validation and models. My idea of "perfect" (for my actual needs) JS mvc (it can't be called mvc but i don't have any other names) is something really simple that has a function for each action in my Rails controller that are triggered by a specific event (user/hash changes, click on a button...) and send requests to the server that respond with a JSON object then I'll load a template or execute some JS code. Do you have any concern/suggestion about my idea? Do you know some "micro" js framework like what i have described? If you have worked with backone.js + rails what can you suggest me?

  Read the article

• DI/IoC in Java for a .NET'er used to Castle.Windsor

  - by Ciddan

  Is there a Java DI container that works in a similar way to the most excellent Castle.Windsor container on the .NET side? The Java containers I've had a look at all seem to rely on annotations (Guice) within my services, which I don't dig all that much - I'd like to go POJO all the way if possible. Spring on the other hand can do without the annotations, but it requires a lot of XML. XML configuration != maintainability. One of the really nice things about Castle.Windsor is the wiring you're able to set up in code with Installers, auto wiring based on naming conventions and whatnot. Ideally the container should also support lifecycle management and configuration; i.e. registering components as transient, singleton, pooled etc. Another bonus would be support for interceptors. Any tips would be greatly appreciated.

  Read the article

• Why was Android's ContentProvider created?

  - by satur9nine

  The title sums up my question, but to elaborate basically what I want to understand is why the Android designers want apps that need to work with shared data to use a Content Provider rather than just accessing the SQLite database directly? The only reason I can think of is security because certain files can by accessed only be certain processes and in that way the Content Provider is the gatekeeper that ensures each app has the proper privileges before allowing read and/or write access to the database file. Is that the primary reason why ContentProvider was created?

  Read the article

• Is "no installation" software a good thing?

  - by Yaron Naveh

  I am building an application that will, hopefully, be used by developers. To be appealing to developers I want it to be lightweight, small in size, and with no installation (e.g. xcopy). I trust more an application without installation to not put garbage in my registry, to be lightweight etc. My friend thinks the opposite: An installer puts shortcuts on the desktop / menu for me, it ensures cleanup via the uninstaller, and seems more official. I'm curious - what is everyone's take on this?

  Read the article

• When would I use pseudocode instead of flowchart?

  - by user1276078

  I'm a student working with various techniques of programming, and I've come across pseudocode and flowchart. I know that these are both used in order to think through the problem before actually programming, but I have a few questions with this. When would I use pseudocode to plan out and when would I use flowcharts? Or is it better to do both before actually programming. Particularly for a small arcade sort of game in JAVA since that is my next project. I've noticed that pseudocode is very similar to the actual code rather than flowcharts. Would this make pseudocoding better because you essentially copy/paste the pseudocode into your program (of course, you have to change it to fit the language. I understand that part). Is it practical to use both of these while programming? Particularly the same game mentioned earlier. Thanks.

  Read the article

• Organizing code for iOS app development

  - by KronoS

  I've been developing an app for the iOS platform, and as I've been going along, I've noticed that I've done a terrible job of keeping my files (.h, .m, .mm) organized. Is there any industry standards or best practices when it comes to organizing files for an iOS project? My files include custom classes (beside the view controllers), customized View Controllers, third-party content, code that works only on iOS 5.0+ and code that works on previous versions. What I'm looking for is a solution to keep things organized in a manner that others (or myself in years to come) can look at this and understand the basic structure of the application and not get lost in the multiple files found therein.

  Read the article

< Previous Page | 185 186 187 188 189 190 191 192 193 194 195 196  | Next Page >