Search Results

Search found 1430 results on 58 pages for 'risk assesment'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 22/58 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • What production-ready SaaS (recurring billing) solutions are available for Rails?

    - by Benjamin Manns
    I am working on a software-as-a-service (SaaS) application and I am looking for a billing plugin of some sort that will manage my subscriptions, customers, and recurring billing. There is the RailsKits SaaS kit ($249.00), but I prefer to use open source software. I have also found maccman's saasy, but the phrase "At the moment this is alpha code - use at your own risk" makes me a tad bit nervous.

    Read the article

  • How much abstraction is too much?

    - by Daniel Bingham
    In an Object Oriented Program: How much abstraction is too much? How much is just right? I have always been a nuts and bolts kind of guy. I understood the concept behind high levels of encapsulation and abstraction, but always felt instinctively that adding too much would just confuse the program. I always tried to shoot for an amount of abstraction that left no empty classes or layers. And where in doubt, instead of adding a new layer to the hierarchy, I would try and fit something into the existing layers. However, recently I've been encountering more highly abstracted systems. Systems where everything that could require a representation later in the hierarchy gets one up front. This leads to a lot of empty layers, which at first seems like bad design. However, on second thought I've come to realize that leaving those empty layers gives you more places to hook into in the future with out much refactoring. It leaves you greater ability to add new functionality on top of the old with out doing nearly as much work to adjust the old. The two risks of this seem to be that you could get the layers you need wrong. In this case one would wind up still needing to do substantial refactoring to extend the code and would still have a ton of never used layers. But depending on how much time you spend coming up with the initial abstractions, the chance of screwing it up, and the time that could be saved later if you get it right - it may still be worth it to try. The other risk I can think of is the risk of over doing it and never needing all the extra layers. But is that really so bad? Are extra class layers really so expensive that it is much of a loss if they are never used? The biggest expense and loss here would be time that is lost up front coming up with the layers. But much of that time still might be saved later when one can work with the abstracted code rather than more low level code. So when is it too much? At what point do the empty layers and extra "might need" abstractions become overkill? How little is too little? Where's the sweet spot? Are there any dependable rules of thumb you've found in the course of your career that help you judge the amount of abstraction needed?

    Read the article

  • Using [assembly: System.Runtime.CompilerServices.InternalsVisibleTo("System.Windows")] To expose Int

    - by Anthony
    Ok so I had a qustion awhile back regarding Silverlight 4 Data Binding with anonymous types, one of the answers was to use [assembly: System.Runtime.CompilerServices.InternalsVisibleTo("System.Windows")] in your AssemblyInfo.cs file. I tried this and it works! I know I'm making all my internal properties classes and methods visible to the System.Windows Assembley. But what kind of risk is this with the following in mind: The product is a hosted silverlight based web application, so it wont be distributed. Thanks in advance

    Read the article

  • Rails 2.3.5, Ruby 1.9, SQLite 3 incompatible character encodings: UTF-8 and ASCII-8BIT

    - by Daniil Harik
    Hello, I know that question with same title has been asked almost 6 month ago. I have Googled for this problem and I have not found any working solution. Has there been any fixes for this very critical problem? I need to get my website running ASAP. Just to get the site up and running I'm even ready to add utf8 conversion methods to all my variables or risk to upgrade to Rails 3 beta Thank You in advance!

    Read the article

  • URLScan and percent signs

    - by Hobbes
    So I just ran into a stupid problem in which users could not download files that had a percent sign in it. It wound up being URLScan. I had to un-set two things in urlscan.ini: 1) Set VerifyNormalization to 0 (disabled) 2) Remove the percent sign from the "DenyUrlSequences" section Do an iisreset, and it problem solved. But the big question is: How much of a security risk is this?

    Read the article

  • Open Source Alternative to ASP.NET membership

    - by Tony Lenzi
    I'm currently supporting a Python web app with increasingly complicated user/role/permission management requirements. Currently, we are rolling our own user, groups, permissions, etc. code and supporting database. I'd like to find something like ASP.NET membership that can help manage user authentication and authorization, rather than risk security issues in continuing to create an increasingly complicated custom solution. Are there any similar projects out there worth taking a look at?

    Read the article

  • SQL Server stored procedures - update column based on variable name..?

    - by ClarkeyBoy
    Hi, I have a data driven site with many stored procedures. What I want to eventually be able to do is to say something like: For Each @variable in sproc inputs UPDATE @TableName SET @variable.toString = @variable Next I would like it to be able to accept any number of arguments. It will basically loop through all of the inputs and update the column with the name of the variable with the value of the variable - for example column "Name" would be updated with the value of @Name. I would like to basically have one stored procedure for updating and one for creating. However to do this I will need to be able to convert the actual name of a variable, not the value, to a string. Question 1: Is it possible to do this in T-SQL, and if so how? Question 2: Are there any major drawbacks to using something like this (like performance or CPU usage)? I know if a value is not valid then it will only prevent the update involving that variable and any subsequent ones, but all the data is validated in the vb.net code anyway so will always be valid on submitting to the database, and I will ensure that only variables where the column exists are able to be submitted. Many thanks in advance, Regards, Richard Clarke Edit: I know about using SQL strings and the risk of SQL injection attacks - I studied this a bit in my dissertation a few weeks ago. Basically the website uses an object oriented architecture. There are many classes - for example Product - which have many "Attributes" (I created my own class called Attribute, which has properties such as DataField, Name and Value where DataField is used to get or update data, Name is displayed on the administration frontend when creating or updating a Product and the Value, which may be displayed on the customer frontend, is set by the administrator. DataField is the field I will be using in the "UPDATE Blah SET @Field = @Value". I know this is probably confusing but its really complicated to explain - I have a really good understanding of the entire system in my head but I cant put it into words easily. Basically the structure is set up such that no user will be able to change the value of DataField or Name, but they can change Value. I think if I were to use dynamic parameterised SQL strings there will therefore be no risk of SQL injection attacks. I mean basically loop through all the attributes so that it ends up like: UPDATE Products SET [Name] = '@Name', Description = '@Description', Display = @Display Then loop through all the attributes again and add the parameter values - this will have the same effect as using stored procedures, right?? I dont mind adding to the page load time since this is mainly going to affect the administration frontend, and will marginly affect the customer frontend.

    Read the article

  • Oracle Coding Standards Feature Implementation

    - by Mike Hofer
    Okay, I have reached a sort of an impasse. In my open source project, a .NET-based Oracle database browser, I've implemented a bunch of refactoring tools. So far, so good. The one feature I was really hoping to implement was a big "Global Reformat" that would make the code (scripts, functions, procedures, packages, views, etc.) standards compliant. (I've always been saddened by the lack of decent SQL refactoring tools, and wanted to do something about it.) Unfortunatey, I am discovering, much to my chagrin, that there doesn't seem to be any one widely-used or even "generally accepted" standard for PL-SQL. That kind of puts a crimp on my implementation plans. My search has been fairly exhaustive. I've found lots of conflicting documents, threads and articles and the opinions are fairly diverse. (Comma placement, of all things, seems to generate quite a bit of debate.) So I'm faced with a couple of options: Add a feature that lets the user customize the standard and then reformat the code according to that standard. —OR— Add a feature that lets the user customize the standard and simply generate a violations list like StyleCop does, leaving the SQL untouched. In my mind, the first option saves the end-users a lot of work, but runs the risk of modifying SQL in potentially unwanted ways. The second option runs the risk of generating lots of warnings and doing no work whatsoever. (It'd just be generally annoying.) In either scenario, I still have no standard to go by. What I'd need to know from you guys is kind of poll-ish, but kind of not. If you were going to use a tool of this nature, what parts of your SQL code would you want it to warn you about or fix? Again, I'm just at a loss due to a lack of a cohesive standard. And given that there isn't anything out there that's officially published by Oracle, I think this is something the community could weigh in on. Also, given the way that voting works on SO, the votes would help to establish the popularity of a given "refactoring." P.S. The engine parses SQL into an expression tree so it can robustly analyze the SQL and reformat it. There should be quite a bit that we can do to correct the format of the SQL. But I am thinking that for the first release of the thing, layout is the primary concern. Though it is worth noting that the thing already has refactorings for converting keywords to upper case, and identifiers to lower case.

    Read the article

  • Legacy code - when to move on

    - by Mmarquee
    My team and support a large number of legacy applications all of which are currently functional but problematic to support and maintain. They all depend on code that the compiler manufacture has officially no support for. So the question is should we leave the code as is, and risk a new compiler breaking our code, or should we bite the bullet and update all the code?

    Read the article

  • MFS Agile Process Template Work Items

    - by devdept
    Where can I find a practical example on how to use Bug, Risk, Scenario, Task and Quality of Service Requirement work items? On MSDN documentation I found this topic: http://msdn.microsoft.com/en-us/library/bb668962.aspx but it is not enough for me to deeply understand when to use one or the other. Thanks!

    Read the article

  • Uploading PDF or .doc and security

    - by Kamo
    I have a script that lets the user upload text files (PDF or doc) to the server, then the plan is to convert them to raw text. But until the file is converted, it's in its raw format, which makes me worried about viruses and all kinds of nasty things. Any ideas what I need to do to minimize the risk of these unknown files. How to check if it's clean, or if it's even the format it claims to be and that it does not crash the server.

    Read the article

  • website design - graphics files

    - by mb08
    Hi Friends, I have a website to be designed and have most of the material ready with me. I have shortlisted a designer who is ready to start. The question I have is, should I hand over the original .psd graphics files of logo etc to the designer. Is it ok to hand over the .psds or is there any risk in doing so that I should be aware of and cover with an agreement... thanks in advance.. mb

    Read the article

  • Are there any programming related diseases?

    - by Ranhiru
    When you play Tennis, you have the risk of getting tennis elbow... In the sea, you can get sea-sick... Are there any programmer/programming related sicknesses out there? Apart from carpal tunnel syndrome which happens from excessive typing, back pains and eye strains from sitting in one place and never moving your body/eyes. are there any phobias, disorders etc??

    Read the article

  • MSQL upgrade on Ubuntu - any heads ups?

    - by Rob Sedge
    I am needing to upgrade MYSQL on Ubuntu, it is a production server and naturally cautious. My many googles look to be essentially saying that I need to : 1) Backup my current mysql database and tables/data 2) Uninstall current mysql 3) Install new MYSQL 5+ 4) Restore Databases/ tables and data 5) Hope and Pray I got it right ?? Something doesn't seem right, sounds like a lot of down time and risk Am I missing something / or any simple solutions? Upgrading from mSQL 4 to 5 on Ubuntu 10 Many Thanks, Rob

    Read the article

  • mysqli_stmt_bind_param SQL Injection

    - by profitphp
    Is there still an injection risk when using prepared statements and mysqli_stmt_bind_param? For example: $malicious_input = 'bob"; drop table users'; mysqli_stmt_bind_param($stmt, 's', $malicious_input); Behind the scenes does mysqli_stmt_bind_param pass this query string to mysql: SET @username = "bob"; drop table users"; Or does it perform the SET command through the API, or use some type of protection to keep this from happening?

    Read the article

  • Disposing the members that implement IDisposable.

    - by Amby
    In my Dispose methods (like the one below), everytime i want to call someObj.Dispose() i also have a check for someObj!=null. Is that because of bad design on my part? Is their a cleaner way to ascertain that Dispose of all the members (implementing IDisposable) being used in an object is called without having a risk of NullReference exception ? protected void Dispose(bool disposing) { if (disposing) { if (_splitTradePopupManager != null) { _splitTradePopupManager.Dispose(); } } } Thanks for your interest.

    Read the article

  • How to RESTful delete record Asp.Net Mvc 2

    - by Picflight
    I have delete links in my Asp.Net Mvc2 application. /{controller}/Delete/{id} It seems using link to delete has a security risk. Don’t use Delete Links because they create Security Holes I found this Implementing RESTful Routes & Controllers in ASP.NET MVC 2.0 but I am not sure how to implement a simple delete functionality using the new HttpDeleteAttribute class. Are there any examples on deleting, the RESTful approach?

    Read the article

  • What production-ready SaaS (recurring billing) solutions are available for Rails?

    - by Benjamin Manns
    I am working on a software-as-a-service (SaaS) application and I am looking for a billing plugin of some sort that will manage my subscriptions, customers, and recurring billing. There is the RailsKits SaaS kit ($249.00), but I prefer to use open source software. I have also found maccman's saasy, but the phrase "At the moment this is alpha code - use at your own risk" makes me a tad bit nervous.

    Read the article

  • When using SQL Compact on Windows Mobile, do you store the sdf file on a storage card?

    - by Michal Drozdowicz
    Having had some Sql Compact db corruption issues in the past and gone through the article on these, I got the idea that storing the database sdf file on a storage card significantly increases the risk of data loss due to db corruption. Do you store the sdf file on a storage card? Have you had any issues caused by it? What should I pay attention to when recommending a particular brand or model of an SD card wrt the stability and security for use with SQL Compact?

    Read the article

  • Generate a JasperReport for a specific user

    - by user530846
    I'm looking at using the JasperReport Web Services to create user specific reports. As opposed to getting a user to supply the name of the user to use for the query (and therefore expose a risk of users viewing each others data), I'd like within JasperReport to pull out their identity from their (Basic) authentication details from the web service run report call and then use their user name as a query parameter when running the report. Is there any documentation or examples on how this can be achieved?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >