Search Results

Search found 88696 results on 3548 pages for 'code injection'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 21/3548 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • Bad Design? Constructor of composition uses `this`

    - by tanascius
    Example: class MyClass { Composition m_Composition; void MyClass() { m_Composition = new Composition( this ); } } I am interested in using depenency-injection here. So I will have to refactor the constructor to something like: void MyClass( Composition composition ) { m_Composition = composition; } However I get a problem now, since the Composition-object relies on the object of type MyClass which is just created. Can a dependency container resolve this? Is it supposed to do so? Or is it just bad design from the beginning on?

    Read the article

  • How do I maintain a really poorly written code base?

    - by onlineapplab.com
    Recently I got hired to work on existing web application because of NDA I'm not at liberty to disclose any details but this application is working online in sort of a beta testing stage before official launch. We have a few hundred users right now but this number is supposed to significantly increase after official launch. The application is written in PHP (but it is irrelevant to my question) and is running on a dual xeon processor standalone server with severe performance problems. I have seen a lot of bad PHP code but this really sets new standards, especially knowing how much time and money was invested in developing it. it is as badly coded as possible there is PHP, HTML, SQL mixed together and code is repeated whenever it is necessary (especially SQL queries). there are not any functions used, not mentioning any OOP there are four versions of the app (desktop, iPhone, Android + other mobile) each version has pretty much the same functionality but was created by copying the whole code base, so now there are some differences between each version and it is really hard to maintain the database is really badly designed, which is causing severe performance problems also for fixing some errors in PHP code there is a lot of database triggers used which are updating data on SELECT and on INSERT so any testing is a nightmare Basically, any sin of a bad programming you can imagine is there for example it is not only possible to use SQL injections in literally every place but you can log into app if you use a login which doesn't exist and an empty password. The team which created this app is not working on it any more and there is an outsourced team which suggested that there are some problems but was never willing to deal with the elephant in the room partially because they've got a very comfortable contract and partially due to lack of skills (just my opinion). My job was supposed to be fixing some performance problems and extending existing functionality but first thing I was asked to do was a review of the existing code base. I've made my review and it was quite a shock for the management but my conclusions were after some time finally confirmed by other programmers. Management made it clear that it is not possible to start rewriting this app from scratch (which in my opinion should be done). We have to maintain its operable state and at the same time fix performance errors and extend the functionality. My question is, as I don't want just to patch the existing code, how to transform this into properly written app while keeping the existing code working at the same time? My plan is: Unify four existing versions into common code base (fixing only most obvious errors). Redesign db and use triggers to populate it with data (so data will be maintained in two formats at the same time) All new functionality will be written as separate project. Step by step transfer existing functionality into the new project After some time everything will be in the new project Some explanation about #2, right now it is practically impossible to make any updates in existing db any change requires reviewing whole code and making changes in many places. Is such plan feasible at all? Another solution is to walk away and leave the headache to someone else.

    Read the article

  • How should be test with phpunit for xss + sql injection?

    - by Yosef
    Hi, How should be test with phpunit php web application for xss + sql injection? I thinking to find program that output xss+ other attacks to test my application forms. This program/service should be all time updated with new xss and other new attacks. Does such service/program exist, if not how it done today? Please give some examples if you can. (I use php 5.3 + zend framework + mysql) Thanks, Yosef

    Read the article

  • Must Dependency Injection come at the expense of Encapsulation?

    - by urig
    If I understand correctly, the typical mechanism for Dependency Injection is to inject either through a class' constructor or through a public property (member) of the class. This exposes the dependency being injected and violates the OOP principle of encapsulation. Am I correct in identifying this tradeoff? How do you deal with this issue? Please also see my answer to my own question below.

    Read the article

  • Basis for claim that the number of bugs per line of code is constant regardless of the language used

    - by Matt R
    I've heard people say (although I can't recall who in particular) that the number of bugs per line of code is roughly constant regardless of what language is used. What is the research that backs this up? Edited to add: I don't have access to it, but apparently the authors of this paper "asked the question whether the number of bugs per lines of code (LOC) is the same for programs written in different programming languages or not."

    Read the article

  • Projects with browsable source using dependency injection w/ guice?

    - by André
    I often read about dependency injection and I did research on google and I understand in theory what it can do and how it works, but I'd like to see an actual code base using it (Java/guice would be preferred). Can anyone point me to an open source project, where I can see, how it's really used? I think browsing the code and seeing the whole setup shows me more than the ususal snippets in the introduction articles you find around the web. Thanks in advance!

    Read the article

  • Avoiding SQL Injection in SQL query with Like Operator using parameters?

    - by MikeJ
    Taking over some code from my predecessor and I found a query that uses the Like operator: SELECT * FROM suppliers WHERE supplier_name like '%'+name+%'; Trying to avoid SQL Injection problem and parameterize this but I am not quite sure how this would be accomplished. Any suggestions ? note, I need a solution for classic ADO.NET - I don't really have the go-ahead to switch this code over to something like LINQ.

    Read the article

  • How to Inject code in c# method calls from a separate app

    - by Fusspawn
    I was curious if anyone knew of a way of monitoring a .Net application's runtime info (what method is being called and such) and injecting extra code to be run on certain methods from a separate running process. say i have two applications: app1.exe that for simplicity's sake could be class Program { static void Main(string[] args) { while(true){ Somefunc(); } } static void Somefunc() { Console.WriteLine("Hello World"); } } and I have a second application that I wish to be able to detect when Somefunc() from application 1 is running and inject its own code, class Program { static void Main(string[] args) { while(true){ if(App1.SomeFuncIsCalled) InjectCode(); } } static void InjectCode() { App1.Console.WriteLine("Hello World Injected"); } } So The result would be Application one would show Hello World Hello World Injected I understand its not going to be this simple ( By a long shot ) but I have no idea if it's even possible and if it is where to even start. Any suggestions ? I've seen similar done in java, But never in c#. EDIT: To clarify, the usage of this would be to add a plugin system to a .Net based game that I do not have access to the source code of.

    Read the article

  • QR Codes for Files on Google Code

    - by Synetech inc.
    Hi, When you download files from Google Code now (example), in addition to the text version of the SHA1 hash, it includes a QR code of it. The device that the file was downloaded to is the one that has to hash the file. But, if it can download the file (ie, has access to the webpage), it also has access to the text version of the hash, so the QR code seems completely useless—and more work to decode when the raw text is available. How would reading the hash into a mobile phone allow you to verify the file you download to the computer? Or if you download the file to the phone, how would you use the phone to take a picture of the QR code displayed on the webpage on its own screen? Does anyone know what the point to the QR code is or how you would use it to verify the downloaded file (I don’t mean QR codes in general, but specifically in this context).

    Read the article

  • What to watch out for when writing code at an Interview?

    - by Philip
    Hi, I have read that at a lot of companies you have to write code at an interview. On the one hand I see that it makes sense to ask for a work sample. On the other hand: What kind of code do you expect to be written in 5 minutes? And what if they tell me "Write an algorithm that does this and that" but I cannot think of a smart solution or even write code that doesn't semantically work? I am particularly interested in that question because I do not have that much commercial programming experience, 2 years part-time, one year full-time. (But I am interested in programming languages since nearly 15 years though usually I was more concentrated in playing with the language rather than writing large applications...) And actually I consider my debugging and problem solving skills much better than my coding skills. I sometimes see myself not writing the most beautiful code when looking back, but on the other hand I often come up with solutions for hard problems. And I think I am very good at optimizing, fixing, restructuring existing code, but I have problems with writing new applications from scratch. The software design sucks... ;-) Therefore I don't feel comfortable when thinking about this code writing situation at an interview... So what do the interviewers expect? What kind of information about my code writing are they interested in? Philip

    Read the article

  • Rawr Code Clone Analysis&ndash;Part 0

    - by Dylan Smith
    Code Clone Analysis is a cool new feature in Visual Studio 11 (vNext).  It analyzes all the code in your solution and attempts to identify blocks of code that are similar, and thus candidates for refactoring to eliminate the duplication.  The power lies in the fact that the blocks of code don't need to be identical for Code Clone to identify them, it will report Exact, Strong, Medium and Weak matches indicating how similar the blocks of code in question are.   People that know me know that I'm anal enthusiastic about both writing clean code, and taking old crappy code and making it suck less. So the possibilities for this feature have me pretty excited if it works well - and thats a big if that I'm hoping to explore over the next few blog posts. I'm going to grab the Rawr source code from CodePlex (a World Of Warcraft gear calculator engine program), run Code Clone Analysis against it, then go through the results one-by-one and refactor where appropriate blogging along the way.  My goals with this blog series are twofold: Evaluate and demonstrate Code Clone Analysis Provide some concrete examples of refactoring code to eliminate duplication and improve the code-base Here are the initial results:   Code Clone Analysis has found: 129 Exact Matches 201 Strong Matches 300 Medium Matches 193 Weak Matches Also indicated is that there was a total of 45,181 potentially duplicated lines of code that could be eliminated through refactoring.  Considering the entire solution only has 109,763 lines of code, if true, the duplicates lines of code number is pretty significant. In the next post we’ll start examining some of the individual results and determine if they really do indicate a potential refactoring.

    Read the article

  • How do you stay productive when dealing with extremely badly written code?

    - by gaearon
    I don't have much experience in working in software industry, being self-taught and having participated in open source before deciding to take a job. Now that I work for money, I also have to deal with some unpleasant stuff, which is normal of course. Recently I was assigned to add logging to a large SharePoint project which is written by some programmer who obviously was learning to code on the job. After 2 years of collaboration, the client switched to our company, but the damage was done, and now somehow I need to maintain this code. Not that the code was too hard to read. Despite problems - each project has one class with several copy-pasted methods, enormous if nestings, Systems Hungarian, undisposed connections — it's still readable. However, I found myself absolutely unproductive despite working on something as simple as adding logging. Basically, I just need to go through the code step by step and add some trace calls. However, the idiocy of the code is so annoying that I get tired within 10 minutes of starting. In the beginning, I used to add using constructs, reduce nesting by reversing if's, rename the variables to readable names—but the project is large, and eventually I gave up. I know this is not the task I should be doing, but at least reducing the mess gave me some kind of psychological reward so I could keep going. Now the trick stopped working, and I still have 60% of my work to do. I started having headaches after work, and I no longer get the feeling of satisfaction I used to get - which would usually allow me to code for 10 hours straight and still feel fresh. This is not just one big rant, for I really do have an actual question: Is there a way to stay productive and not to fight the windmills? Is there some kind of psychological trick to stay focused on the task, instead of thinking “How stupid is that?” each time I see another clever trick by the previous programmer? The problem with adding logging is that I actually have to understand what the code does, and doing so hurts my brain in an unpleasant fashion.

    Read the article

  • Which reference provides your definition of "elegant" or "beautiful" code?

    - by Donnied
    This question is phrased in a very specific way - it asks for references. There was a similar question posted which was closed because it was considered a duplicate to a good code question. The Programmers FAQ points out that answers should have references - or its just an unproductive sharing of (seemingly) baseless opinions. There is a difference between shortest code and most elegant code. This becomes clear in several seminal texts: Dijkstra, E. W. (1972). The humble programmer. Communications of the ACM, 15(10), 859–866. Kernighan, B. W., & Plauger, P. J. (1974). Programming style: Examples and counterexamples. ACM Comput. Surv., 6(4), 303–319. Knuth, D. E. (1984). Literate programming. The Computer Journal, 27(2), 97–111. doi:10.1093/comjnl/27.2.97 They all note the importance of clarity over brevity. Kernighan & Plauger (1974) provide descriptions of "good" code, but "good code" is certainly not synonymous with "elegant". Knuth (1984) describes the impo rtance of exposition and "excellence of style" to elegant programs. He cites Hoare - who describes that code should be self documenting. Dijkstra (1972) indicates that beautiful programs optimize efficiency but are not opaque. This sort of conversation is qulaitatively different than a random sharing of opinions. Therefore, the question - Which reference provides your definition of "elegant" or "beautiful" code? "Which *reference*" is not subjective - anything else will most likely shut the thread down, so please supply *references* not opinions.

    Read the article

  • How would you react if someone told you your code is a mess?

    - by newbie
    I am a good programmer, or so I thought before. I always love to program. And I want to learn many things about programming to make me a better programmer. I studied programming for 1 year and now I am working as a programmer for almost 2 years. So in short, I have almost 3 years programming experience. Our team is composed of 5 programmers, and 4 of us are new, 1 has more than 3 year experience. We've been working for a program for almost a year now and nobody ever review my code and I was given a page to work with. We never had a code review and we are all new so we don't know what is a clean code looks like. I think programmers learn by themselves? We deployed our program to the program without thorough testing. Now it is tight and we need an approval and code review first before we make changes with the code. For the first time, someone reviews my code and he says it is a mess. I feel so sad and hurt. I really love programming and making them say something like that really hurts me. I really want to improve myself. But it seems like I'm not a genius programmer like in the movies. Can you give me advise on how to be better? Have you ever experience something criticizing your code and you feel really hurt? What do you do on those events.. Thank you

    Read the article

  • Copy-and-Pasted Test Code: How Bad is This?

    - by joshin4colours
    My current job is mostly writing GUI test code for various applications that we work on. However, I find that I tend to copy and paste a lot of code within tests. The reason for this is that the areas I'm testing tend to be similar enough to need repetition but not quite similar enough to encapsulate code into methods or objects. I find that when I try to use classes or methods more extensively, tests become more cumbersome to maintain and sometimes outright difficult to write in the first place. Instead, I usually copy a big chunk of test code from one section and paste it to another, and make any minor changes I need. I don't use more structured ways of coding, such as using more OO-principles or functions. Do other coders feel this way when writing test code? Obviously I want to follow DRY and YAGNI principles, but I find that test code (automated test code for GUI testing anyway) can make these principles tough to follow. Or do I just need more coding practice and a better overall system of doing things? EDIT: The tool I'm using is SilkTest, which is in a proprietary language called 4Test. As well, these tests are mostly for Windows desktop applications, but I also have tested web apps using this setup as well.

    Read the article

  • [StructureMap] Xml configuration or Configuration through code?

    - by Amith George
    I personally like the option to configure StructureMap from C# code. From what I understand, one of the advantages of DI, is that we can easily swap in a new concrete instance. But, if the configuration is defined in code, then the concrete instances are hardcoded in the dll. So, practically, its as good as having hard coded the dependencies, right? I know, during testing it makes life easier... My point is, wouldnt it be better to use xml configuration instead? you want to plugin a new concrete instance? simply have your installer overwrite the structuremap.config file with the new one. So, what is the preferred way to configure StructureMap? Extra: Am forced to use C# configuration for the time being because I dont know how to pass the connection string to instance. I can write the connectionstring in the config file, but i would like to reuse the connectionstring defined in app.config.

    Read the article

  • Using IoC and Dependency Injection, how do I wrap an existing implementation with a new layer of imp

    - by Dividnedium
    I'm trying to figure out how this would be done in practice, so as not to violate the Open Closed principle. Say I have a class called HttpFileDownloader that has one function that takes a url and downloads a file returning the html as a string. This class implements an IFileDownloader interface which just has the one function. So all over my code I have references to the IFileDownloader interface and I have my IoC container returning an instance of HttpFileDownloader whenever an IFileDownloader is Resolved. Then after some use, it becomes clear that occasionally the server is too busy at the time and an exception is thrown. I decide that to get around this, I'm going to auto-retry 3 times if I get an exception, and wait 5 seconds in between each retry. So I create HttpFileDownloaderRetrier which has one function that uses HttpFileDownloader in a for loop with max 3 loops, and a 5 second wait between each loop. So that I can test the "retry" and "wait" abilities of the HttpFileDownloadRetrier I have the HttpFileDownloader dependency injected by having the HttpFileDownloaderRetrier constructor take an IFileDownloader. So now I want all Resolving of IFileDownloader to return the HttpFileDownloaderRetrier. But if I do that, then HttpFileDownloadRetrier's IFileDownloader dependency will get an instance of itself and not of HttpFileDownloader. So I can see that I could create a new interface for HttpFileDownloader called IFileDownloaderNoRetry, and change HttpFileDownloader to implement that. But that means I'm changing HttpFileDownloader, which violates Open Closed. Or I could implement a new interface for HttpFileDownloaderRetrier called IFileDownloaderRetrier, and then change all my other code to refer to that instead of IFileDownloader. But again, I'm now violating Open Closed in all my other code. So what am I missing here? How do I wrap an existing implementation (downloading) with a new layer of implementation (retrying and waiting) without changing existing code? Here's some code if it helps: public interface IFileDownloader { string Download(string url); } public class HttpFileDownloader : IFileDownloader { public string Download(string url) { //Cut for brevity - downloads file here returns as string return html; } } public class HttpFileDownloaderRetrier : IFileDownloader { IFileDownloader fileDownloader; public HttpFileDownloaderRetrier(IFileDownloader fileDownloader) { this.fileDownloader = fileDownloader; } public string Download(string url) { Exception lastException = null; //try 3 shots of pulling a bad URL. And wait 5 seconds after each failed attempt. for (int i = 0; i < 3; i++) { try { fileDownloader.Download(url); } catch (Exception ex) { lastException = ex; } Utilities.WaitForXSeconds(5); } throw lastException; } }

    Read the article

  • Database Activity Monitoring Part 2 - SQL Injection Attacks

    If you think through the web sites you visit on a daily basis the chances are that you will need to login to verify who you are. In most cases your username would be stored in a relational database along with all the other registered users on that web site. Hopefully your password will be encrypted and not stored in plain text.

    Read the article

  • How would you know if you've written readable and easily maintainable code?

    - by KyelJmD
    How would one know if the code he has created is easily maintainable and readable? Of course in your point of view (the one who actually wrote the code) your code is readable and maintainable, but we should be true to ourselves here. How would we know if we've written pretty messy and unmaintainable code? Are there any constructs or guidelines to know if we have developed a messy piece of software?

    Read the article

  • What is the oldest living piece of unaltered production code? [closed]

    - by user1598390
    It's come to my mind that parts of the code in, say, Unix, has maybe passed unaltered from one version or flavor into another. Maybe some pieces of the source code of the ls command is the same, unaltered, than was written years ago. Have any of you read or learn about this ? What would be the oldest living piece of unaltered production code still running, passing from version through version of a program or system ? Will the code we write outlive us for decades ?

    Read the article

  • Castle Windsor Dependency Injection with MVC4

    - by Renso
    Problem:Installed MVC4 on my local and ran a MVC3 app and got an error where Castle Windsor was unable to resolve any controllers' constructor injections. It failed with "No component for supporting the service....".As soon as I uninstall MVC4 beta, the problem vanishes like magic?!I also tried to upgrade to NHibernate 3 and Castle and Castle Windsor to version 3 (from version 2), but since I use Rhino Commons, that is not possible as the Rhino Commons project looks like is no longer supported and requests to upgrade it to work with NHibernate version 3 two years ago has gone unanswered. The problem is that Rhino Commons (the older version) references a method in Castle version 2 that has been depreciated in version 3: "CreateContainer("windsor.boo")' threw an exception of type 'System.MissingMethodException."Hope this helps anyone else who runs into this issue. Btw I used NuGet package manager to install the correct packages so I know that is not the issue.

    Read the article

  • How do I take responsibility for my code when colleague makes unnecessary improvements without notice?

    - by Jesslyn
    One of my teammates is a jack of all trades in our IT shop and I respect his insight. However, sometimes he reviews my code (he's second in command to our team leader, so that's expected) without a heads up. So sometimes he reviews my changes before they complete the end goal and makes changes right away... and has even broken my work once. Other times, he has made unnecessary improvements to some of my code that is 3+ months old. This annoys me for a few reasons: I am not always given a chance to fix my mistakes He has not taken the time to ask me what I was trying to accomplish when he is confused, which could affect his testing or changes I don't always think his code is readable Deadlines are not an issue and his current workload doesn't require any work in my projects other than reviewing my code changes. Anyways, I have told him in the past to please keep me posted if he sees something in my work that he wants to change so that I could take ownership of my code (maybe I should have said "shortcomings") and he's not been responsive. I fear that I may come off as aggressive when I ask him to explain his changes to me. He's just a quiet person who keeps to himself, but his actions continue. I don't want to banish him from making code changes (not like I could), because we are a team--but I want to do my part to help our team. Added clarifications: We share 1 development branch. I do not wait until all my changes complete a single task because I risk losing some significant work--so I make sure my changes build and do not break anything. My concern is that my teammate doesn't explain the reason or purpose behind his changes. I don't think he should need my blessing, but if we disagree on an approach I thought it would be best to discuss the pros and cons and make a decision once we both understand what is going on. I have not discussed this with our team lead yet as I would prefer to resolve personal disagreements without getting management involved unless it is necessary. Since my concern seemed more of personal issue than a threat to our work, I chose to not bother the team lead. I am working on code review process ideas--to help promote the benefits of more organized code reviews without making it all about my pet peeves.

    Read the article

  • Database Context and Singleton injection with IoC

    - by zaitsman
    All of the below relates to a ASP.NET c# app. I have a Singleton Settings MemoryCache that reads values from database on first access and caches these, then invalidates them using SQL Service Broker message and re-reads as required. For the purposes of standard controllers, i create my Db Context in a request scope. However, this obviously means that i can't use the same context in the Settings Cache class, since that is a singleton and we have a scope collision. At the moment, i ended up with two db contexts - the Controllers get it via IoC container, whereas a Singleton just creates it's own. However, i am not satisfied with this approach (mostly due to the way i feel about two contexts, the cache doesn't set anything on the db hence concurrency is not an issue as much). What is a better way to do it?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >