Search Results

Search found 17731 results on 710 pages for 'programming practices'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 195/710 | < Previous Page | 191 192 193 194 195 196 197 198 199 200 201 202  | Next Page >

  • Make a Method of the Business Layer secure. best practice / best pattern [.net/c#]

    - by gsharp
    Hi We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-) Thanks for you help.

    Read the article

  • Manually setting object's position or have the object do it all?

    - by N. Lucas
    I'm stuck thinking about the best way to go about setting a line segment's position, I have a class Line(length, angle, previous) being called from a class Polygon.. Right now I have: public function Line(length:Number, angle:Number, previous:Line = null) { if (previous != null) { this.x = previous.end.x; this.y = previous.end.y; } /**/ } Now, is this the best practice or should I be doing: Polygon.addLine(length:Number, angle:Number):void { var previous = _line[_line.length - 1]; // Array containing all Lines var line:Line = new Line(length, angle, previous); line.x = previous.end.x; line.y = previous.end.y; /**/ }

    Read the article

  • Is this 2D array initialization a bad idea?

    - by Brendan Long
    I have something I need a 2D array for, but for better cache performance, I'd rather have it actually be a normal array. Here's the idea I had but I don't know if it's a terrible idea: const int XWIDTH = 10, YWIDTH = 10; int main(){ int * tempInts = new int[XWIDTH * YWIDTH]; int ** ints = new int*[XWIDTH]; for(int i=0; i<XWIDTH; i++){ ints[i] = &tempInts[i*YWIDTH]; } // do things with ints delete[] ints[0]; delete[] ints; return 0; } So the idea is that instead of newing a bunch of arrays (and having them placed in different places in memory), I just point to an array I made all at once. The reason for the delete[] (int*) ints; is because I'm actually doing this in a class and it would save [trivial amounts of] memory to not save the original pointer. Just wondering if there's any reasons this is a horrible idea. Or if there's an easier/better way. The goal is to be able to access the array as ints[x][y] rather than ints[x*YWIDTH+y].

    Read the article

  • Recommendations with hierarchical data on non-relational databases?

    - by Luki
    I'm developing an web application that uses a non-relational database as a backend (django-nonrel + AppEngine). I need to store some hierarchical data (projects/subproject_1/subproject_N/tasks), and I'm wondering which pattern should I use. For now I thought of: Adjacency List (store the item's parent id) Nested sets (store left and right values for the item) In my case, the depth of nesting for a normal user will not exceed 4-5 levels. Also, on the UI, I would like to have a pagination for the items on the first level, to avoid to load too many items at the first page load. From what I understand so far, nested sets are great when the hierarchy is used more for displaying. Adjacency lists are great when editing on the tree is done often. In my case I guess I need the displaying more than the editing (when using nested sets, even if the display would work great, the above pagination could complicate things on editing). Do you have any thoughts and advice, based on your experience with the non-relational databases?

    Read the article

  • How to test a site rigorously?

    - by Sarfraz
    Hello, I recently created a big portal site. It's time for putting it to test. How do you guys test a site rigorously? What are the ways and tools for that? Can we sort of mimic hundreds of virtual users visiting the site to see its load handling? The test should be for both security and speed Thanks in advance.

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern

    - by gsharp
    We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-)

    Read the article

  • Giving the script tag an ID

    - by The Code Pimp
    Hi guys, i came across a scenario where giving a <script> element an "ID" would solve a problem easily. However, after reading about the script tag at w3schools and quirksmode, it seems doing so could have some unforeseen consequences. Has anyone come across any of these issues with modern browsers such as Chrome, Safari, FF3 up and IE 7 up? Thanks

    Read the article

  • [Design Question] When to open a link on a new window?

    - by Ian
    Hi All, When designing a web application/web site, is there an accepted practice on when to open a link on a new window? Currently, if the site being linked to is outside the domain (say Google.com), I am always launching it on a new window. If the page being linked is within the same domain, I open it on the current active window. I've read somewhere the opening links on a new window explicitly is being frowned upon. Thanks!

    Read the article

  • Should I make sure arguments aren't null before using them in a function.

    - by Nathan W
    The title may not really explain what I'm really trying to get at, couldn't really think of a way to describe what I mean. I was wondering if it is good practice to check the arguments that a function accepts for nulls or empty before using them. I have this function which just wraps some hash creation like so. Public Shared Function GenerateHash(ByVal FilePath As IO.FileInfo) As String If (FilePath Is Nothing) Then Throw New ArgumentNullException("FilePath") End If Dim _sha As New Security.Cryptography.MD5CryptoServiceProvider Dim _Hash = Convert.ToBase64String(_sha.ComputeHash(New IO.FileStream(FilePath.FullName, IO.FileMode.Open, IO.FileAccess.Read))) Return _Hash End Function As you can see I just takes a IO.Fileinfo as an argument, at the start of the function I am checking to make sure that it is not nothing. I'm wondering is this good practice or should I just let it get to the actual hasher and then throw the exception because it is null.? Thanks.

    Read the article

  • Delphi: How to avoid EIntOverflow underflow when subtracting?

    - by Ian Boyd
    Microsoft already says, in the documentation for GetTickCount, that you could never compare tick counts to check if an interval has passed. e.g.: Incorrect (pseudo-code): DWORD endTime = GetTickCount + 10000; //10 s from now ... if (GetTickCount > endTime) break; The above code is bad because it is suceptable to rollover of the tick counter. For example, assume that the clock is near the end of it's range: endTime = 0xfffffe00 + 10000 = 0x00002510; //9,488 decimal Then you perform your check: if (GetTickCount > endTime) Which is satisfied immediatly, since GetTickCount is larger than endTime: if (0xfffffe01 > 0x00002510) The solution Instead you should always subtract the two time intervals: DWORD startTime = GetTickCount; ... if (GetTickCount - startTime) > 10000 //if it's been 10 seconds break; Looking at the same math: if (GetTickCount - startTime) > 10000 if (0xfffffe01 - 0xfffffe00) > 10000 if (1 > 10000) Which is all well and good in C/C++, where the compiler behaves a certain way. But what about Delphi? But when i perform the same math in Delphi, with overflow checking on ({Q+}, {$OVERFLOWCHECKS ON}), the subtraction of the two tick counts generates an EIntOverflow exception when the TickCount rolls over: if (0x00000100 - 0xffffff00) > 10000 0x00000100 - 0xffffff00 = 0x00000200 What is the intended solution for this problem? Edit: i've tried to temporarily turn off OVERFLOWCHECKS: {$OVERFLOWCHECKS OFF}] delta = GetTickCount - startTime; {$OVERFLOWCHECKS ON} But the subtraction still throws an EIntOverflow exception. Is there a better solution, involving casts and larger intermediate variable types?

    Read the article

  • Why are there magic attributes exposed in the Servlet spec?

    - by Brabster
    It's always seemed a little at odds with the principles of Java that the Java Servlet Spec (2.5 version here) includes a set of magic attributes containing info about included resources, namely: javax.servlet.include.request_uri javax.servlet.include.context_path javax.servlet.include.servlet_path javax.servlet.include.path_info javax.servlet.include.query_string It's not even specifically pointed out in the API documentation, only in the spec where it is a must for correct implementation. This approach feels very wrong, an exposed implementation detail that clients will use and depend on. Why is this information exposed in this way?

    Read the article

  • Learning Javascript in one weekend?

    - by dueyfinster
    Similiar to this question, I am wondering if experienced Javascript developers have any websites they use with examples to get the basics of Javascript down in 24/28 hours? I have looked at Douglas Crockford's Google Tech Talk and I bought the book "Javascript: the good parts" but I haven't had time to read it.

    Read the article

  • How strict should I be in the "do the simplest thing that could possible work" while doing TDD

    - by Support - multilanguage SO
    For TDD you have to Create a test that fail Do the simplest thing that could possible work to pass the test Add more variants of the test and repeat Refactor when a pattern emerge With this approach you're supposing to cover all the cases ( that comes to my mind at least) but I'm wonder if am I being too strict here and if it is possible to "think ahead" some scenarios instead of simple discover them. For instance, I'm processing a file and if it doesn't conform to a certain format I am to throw an InvalidFormatException So my first test was: @Test void testFormat(){ // empty doesn't do anything... processor.validate("empty.txt"); try { processor.validate("invalid.txt"); assert false: "Should have thrown InvalidFormatException"; } catch( InvalidFormatException ife ) { assert "Invalid format".equals( ife.getMessage() ); } } I run it and it fails because it doesn't throw an exception. So the next thing that comes to my mind is: "Do the simplest thing that could possible work", so I : public void validate( String fileName ) throws InvalidFormatException { if(fileName.equals("invalid.txt") { throw new InvalidFormatException("Invalid format"); } } Doh!! ( although the real code is a bit more complicated, I found my self doing something like this several times ) I know that I have to eventually add another file name and other test that would make this approach impractical and that would force me to refactor to something that makes sense ( which if I understood correctly is the point of TDD, to discover the patterns the usage unveils ) but: Q: am I taking too literal the "Do the simplest thing..." stuff?

    Read the article

  • Does it ever make sense to make a fundamental (non-pointer) parameter const?

    - by Scott Smith
    I recently had an exchange with another C++ developer about the following use of const: void Foo(const int bar); He felt that using const in this way was good practice. I argued that it does nothing for the caller of the function (since a copy of the argument was going to be passed, there is no additional guarantee of safety with regard to overwrite). In addition, doing this prevents the implementer of Foo from modifying their private copy of the argument. So, it both mandates and advertises an implementation detail. Not the end of the world, but certainly not something to be recommended as good practice. I'm curious as to what others think on this issue. Edit: OK, I didn't realize that const-ness of the arguments didn't factor into the signature of the function. So, it is possible to mark the arguments as const in the implementation (.cpp), and not in the header (.h) - and the compiler is fine with that. That being the case, I guess the policy should be the same for making local variables const. One could make the argument that having different looking signatures in the header and source file would confuse others (as it would have confused me). While I try to follow the Principle of Least Astonishment with whatever I write, I guess it's reasonable to expect developers to recognize this as legal and useful.

    Read the article

  • In ASP.NET MVC Should A Form Post To Itself Or Another Action?

    - by Sohnee
    Which of these two scenario's is best practice in ASP.NET MVC? 1 Post to self In the view you use using (Html.BeginForm) { ... } And in the controller you have [HttpGet] public ActionResult Edit(int id) [HttpPost] public ActionResult Edit(EditModel model) 2 Post from Edit to Save In the view you use using (Html.BeginForm("Save", "ControllerName")) { And in the controller you have [HttpGet] public ActionResult Edit(int id) [HttpPost] public ActionResult Save(EditModel model) Summary I can see the benefits of each of these, the former gives you a more restful style, with the same address being used in conjunction with the correct HTTP verb (GET, POST, PUT, DELETE and so on). The latter has a URL schema that makes each address very specific. Which is the correct way to do this?

    Read the article

  • Sharing a database connection with included classes in a Sinatra application

    - by imightbeinatree
    I'm converting a part of a rails application to its own sinatra application. It has some beefy work to do and rather than have a million helps in app.rb, I've separated some of it out into classes. Without access to rails I'm rewriting finder several methods and needing access to the database inside of my class. What's the best way to share a database connection between your application and a class? Or would you recommend pushing all database work into its own class and only having the connection established there? Here is what I have in in app.rb require 'lib/myclass' configure :production do MysqlDB = Sequel.connect('mysql://user:password@host:port/db_name') end I want to access it in lib/myclass.rb class Myclass def self.find_by_domain_and_stub(domain, stub) # want to do a query here end end I've tried several things but nothing that seems to work well enough to even include as an example.

    Read the article

  • Constructor Overload Problem in C++ Inherrentance

    - by metdos
    Here my code snippet: class Request { public: Request(void); ……….. } Request::Request(void) { qDebug()<<"Request: "<<"Hello World"; } class LoginRequest :public Request { public: LoginRequest(void); LoginRequest(QDomDocument); …………… } LoginRequest::LoginRequest(void) { qDebug()<<"LoginRequest: "<<"Hello World"; requestType=LOGIN; requestId=-1; } LoginRequest::LoginRequest(QDomDocument doc){ qDebug()<<"LoginRequest: "<<"Hello World with QDomDocument"; LoginRequest::LoginRequest(); xmlDoc_=doc; } When call constructor of Overrided LoginRequest LoginRequest *test=new LoginRequest(doc); I came up with this result: Request: Hello World LoginRequest: Hello World with QDomDocument Request: Hello World LoginRequest: Hello World Obviously both constructor of LoginRequest called REquest constructor. Is there any way to cape with this situation? I can construct another function that does the job I want to do and have both constructors call that function. But I wonder is there any solution?

    Read the article

  • Best way to store configuration settings outside of web.config

    - by Wil
    I'm starting to consider creating a class library that I want to make generic so others can use it. While planning it out, I came to thinking about the various configuration settings that I would need. Since the idea is to make it open/shared, I wanted to make things as easy on the end user as possible. What's the best way to setup configuration settings without making use of web.config/app.config?

    Read the article

  • What is the best practice when coding math class/functions ?

    - by Isaac Clarke
    Introductory note : I voluntarily chose a wide subject. You know that quote about learning a cat to fish, that's it. I don't need an answer to my question, I need an explanation and advice. I know you guys are good at this ;) Hi guys, I'm currently implementing some algorithms into an existing program. Long story short, I created a new class, "Adder". An Adder is a member of another class representing the physical object actually doing the calculus , which calls adder.calc() with its parameters (merely a list of objects to do the maths on). To do these maths, I need some parameters, which do not exist outside of the class (but can be set, see below). They're neither config parameters nor members of other classes. These parameters are D1 and D2, distances, and three arrays of fixed size : alpha, beta, delta. I know some of you are more comfortable reading code than reading text so here you go : class Adder { public: Adder(); virtual Adder::~Adder(); void set( float d1, float d2 ); void set( float d1, float d2, int alpha[N_MAX], int beta[N_MAX], int delta[N_MAX] ); // Snipped prototypes float calc( List& ... ); // ... inline float get_d1() { return d1_ ;}; inline float get_d2() { return d2_ ;}; private: float d1_; float d2_; int alpha_[N_MAX]; // A #define N_MAX is done elsewhere int beta_[N_MAX]; int delta_[N_MAX]; }; Since this object is used as a member of another class, it is declared in a *.h : private: Adder adder_; By doing that, I couldn't initialize the arrays (alpha/beta/delta) directly in the constructor ( int T[3] = { 1, 2, 3 }; ), without having to iterate throughout the three arrays. I thought of putting them in static const, but I don't think that's the proper way of solving such problems. My second guess was to use the constructor to initialize the arrays Adder::Adder() { int alpha[N_MAX] = { 0, -60, -120, 180, 120, 60 }; int beta[N_MAX] = { 0, 0, 0, 0, 0, 0 }; int delta[N_MAX] = { 0, 0, 180, 180, 180, 0 }; set( 2.5, 0, alpha, beta, delta ); } void Adder::set( float d1, float d2 ) { if (d1 > 0) d1_ = d1; if (d2 > 0) d2_ = d2; } void Adder::set( float d1, float d2, int alpha[N_MAX], int beta[N_MAX], int delta[N_MAX] ) { set( d1, d2 ); for (int i = 0; i < N_MAX; ++i) { alpha_[i] = alpha[i]; beta_[i] = beta[i]; delta_[i] = delta[i]; } } My question is : Would it be better to use another function - init() - which would initialize arrays ? Or is there a better way of doing that ? My bonus question is : Did you see some mistakes or bad practice along the way ?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 191 192 193 194 195 196 197 198 199 200 201 202  | Next Page >