Search Results

Search found 8253 results on 331 pages for 'secure coding'.

Page 24/331 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

  • Should I use C style in C++?

    - by c.hughes
    As I've been developing my position on how software should be developed at the company I work for, I've come to a certain conclusion that I'm not entirely sure of. It seems to me that if you are programming in C++, you should not use C style anything if it can be helped and you don't absolutely need the performance improvement. This way people are kept from doing things like pointer arithmetic or creating resources with new without any RAII, etc. If this idea was enforced, seeing a char* would possibly be a thing of the past. I'm wondering if this is a conclusion others have made? Or am I being too puritanical about this?

    Read the article

  • Should I reuse variables?

    - by IAdapter
    Should I reuse variables? I know that many best practice say you should not do it, however later when different developer is debugging the code and have 3 variables that look a like and only difference is that they are created in different places in the code he might be confused. unit-testing is a great example of this. However I do know that best practice are most of the time against it. For example they say not to "overide" method parameters. Best practice are even are against nulling the previous variables (in Java there is Sonar that has warning when you assign null to variable that you don't need to do it to call garbage collector since Java6. you cant always control what warnings are turned off, most of the time the default is on)

    Read the article

  • conventions for friend methods in Perl

    - by xenoterracide
    Perl doesn't support a friend relationship between objects, nor does it support private or protected methods. What is usually done for private methods is to prefix the name with an underscore. I occasionally have methods that I think of as friend methods. Meaning that I expect them to be used by a specific object, or an object with a specific responsibility, but I'm not sure if I should make that method public (meaning foo ) or private ( _foo ) or if there's a better convention? is there a convention for friend methods?

    Read the article

  • Case Class naming convention

    - by KChaloux
    In my recent adventures in Scala, I've found case classes to be a really nice alternative to enums when I need to include a bit of logic or several values with them. I often find myself writing structures that look like this, however: object Foo{ case class Foo(name: String, value: Int, other: Double) val BAR = Foo("bar", 1, 1.0) val BAZ = Foo("baz", 2, 1.5) val QUUX = Foo("quux", 3, 1.75) } I'm primarily worried here about the naming of the object and the case class. Since they're the same thing, I end up with Foo.Foo to get to the inner class. Would it be wise to name the case class something along the lines of FooCase instead? I'm not sure if the potential ambiguity might mess with the type system if I have to do anything with subtypes or inheritance.

    Read the article

  • Join the Dark Side of Visual Studio 2010

    - by InfinitiesLoop
    Hard to believe it’s been so long, but it was almost 4 years ago when I published Join the Dark Side of Visual Studio . That was when a lot of people were still using VS2003, and importing and exporting environment settings required a custom add-in, VSStyler, which has since fallen off the planet and is hard to find (link, anyone? Let me know). Three versions of VS later, and I’m still using and loving the dark side. Pleased, I am (haha). In fact, that article for one reason or another is still one...(read more)

    Read the article

  • Where does the "mm" come from in GTKmm, glibmm, etc

    - by Cole Johnson
    I understand that the "mm" suffix [in various GTK-associated C++ binding libraries] means "minus minus," but where exactly does it come from? I understand that there is a programming language called "C--," but if there were bindings (and I'm pretty sure I've seen some), they would be suffixed "--". TL;DR: Is there some page on gnu.org that explains the "mm" suffix in various C++ bindings or is it just a de facto standard adopted by the open source community with no reasoning behind it?

    Read the article

  • Please help me give this principle a name

    - by Brent Arias
    As a designer, I like providing interfaces that cater to a power/simplicity balance. For example, I think the LINQ designers followed that principle because they offered both dot-notation and query-notation. The first is more powerful, but the second is easier to read and follow. If you disagree with my assessment of LINQ, please try to see my point anyway; LINQ was just an example, my post is not about LINQ. I call this principle "dial-able power". But I'd like to know what other people call it. Certainly some will say "KISS" is the common term. But I see KISS as a superset, or a "consumerism" practice. Using LINQ as my example again, in my view, a team of programmers who always try to use query notation over dot-notation are practicing KISS. Thus the LINQ designers practiced "dial-able power", whereas the LINQ consumers practice KISS. The two make beautiful music together. I'll give another example. Imagine a C# logging tool that has two signatures allowing two uses: void Write(string message); void Write(Func<string> messageCallback); The purpose of the two signatures is to fulfill these needs: //Every-day "simple" usage, nothing special. myLogger.Write("Something Happened" + error.ToString() ); //This is performance critical, do not call ToString() if logging is //disabled. myLogger.Write( () => { "Something Happened" + error.ToString() }); Having these overloads represents "dial-able power," because the consumer has the choice of a simple interface or a powerful interface. A KISS-loving consumer will use the simpler signature most of the time, and will allow the "busy" looking signature when the power is needed. This also helps self-documentation, because usage of the powerful signature tells the reader that the code is performance critical. If the logger had only the powerful signature, then there would be no "dial-able power." So this comes full-circle. I'm happy to keep my own "dial-able power" coinage if none yet exists, but I can't help think I'm missing an obvious designation for this practice. p.s. Another example that is related, but is not the same as "dial-able power", is Scott Meyer's principle "make interfaces easy to use correctly, and hard to use incorrectly."

    Read the article

  • Website where you can see how other programmers write their code

    - by CuiPengFei
    I remember seeing a website where people upload videos of themselves writing code. However, I can not find that site now. The purpose is to see how others code, to see how they refactor their code, to see how they use their paradigms, etc. Update: I remember that the video contains almost no audio, it's only one guy writing code, making mistakes, typos, fixing mistakes. If I read the final code, I can figure out how it works, but if I see how the code was wrote and what kind of mistakes were made along the way, then I can better understand it. I guess this is the main reason that they make this kind of video.

    Read the article

  • How to name an subclass that add a minor, detailed thing?

    - by Louis Rhys
    What is the most concise (yet descriptive) way of naming a subclass that only add a specific minor thing to the parent? I encountered this case a lot in WPF, where sometime I have to add a small functionality to an out-of-the-box control for specific cases. Example: TreeView doesn't change the SelectedItem on right-click, but I have to make one that does in my application. Some possible names are TreeViewThatChangesSelectedItemOnRightClick (way too wordy and maybe difficult to read because there is so many words concantenated together) TreeView_SelectedItemChangesOnRightClick (slightly more readable, but still too wordy and the underscore also breaks the normal convention for class names) TreeViewThatChangesSIOnRC (non-obvious acronym), ExtendedTreeView (more concise, but doesn't describe what it is doing. Besides, I already found a class called this in the library, that I don't want to use/modify in my application). LouisTreeView, MyTreeView, etc. (doesn't describe what it is doing). It seems that I can't find a name which sounds right. What do you do in situation like this?

    Read the article

  • Programming by dictation?

    - by Andrew M
    ie. you speak out the code, and someone else across the room types it in Anyone tried this? Obviously the person taking the dictation would need to be a coder too, so you didn't have to explain everything and go into tedious detail (not 'open bracket, new line...' but more like 'create a new class called myParser that takes three arguments, first one is...'). I thought of it because sometimes I'm too easily distracted at my computer. Surrounded by buttons, instant gratification a click away, the world at my fingertips. To get stuff done, I want to get away, write my code on paper. But that would mean losing access to necessary resources, and necessitate tedious typing-up later on. The solution? Dictate. Pros: no chance to check reddit, stackexchange, gmail, etc. code while you pace the room, lie down, play billiards, whatever train your brain to think more abstractedly (have to visualize things if you can't just see the screen) skip the tedious details (closing brackets etc.) the typist gets to shadow a more experienced programmer and learn how they work the typist can provide assistance/suggestions external pressure of typist expecting instructions, urging you to stay focussed Cons might be too hard might not work any better rather inefficient use of assisting programmer need to find/pay someone to do this

    Read the article

  • Self Documenting Code Vs. Commented Code

    - by Phill
    I had a search but didn't find what I was looking for, please feel free to link me if this question has already being asked. Earlier this month this post was made: http://net.tutsplus.com/tutorials/php/why-youre-a-bad-php-programmer/ Basically to sum it up, you're a bad programmer if you don't write comments. My personal opinion is that code should be descriptive and mostly not require comment's unless the code cannot be self describing. In the example given // Get the extension off the image filename $pieces = explode('.', $image_name); $extension = array_pop($pieces); The author said this code should be given a comment, my personal opinion is the code should be a function call that is descriptive: $extension = GetFileExtension($image_filename); However in the comments someone actually made just that suggestion: http://net.tutsplus.com/tutorials/php/why-youre-a-bad-php-programmer/comment-page-2/#comment-357130 The author responded by saying the commenter was "one of those people", i.e, a bad programmer. What are everyone elses views on Self Describing Code vs Commenting Code?

    Read the article

  • Are More Comments Better in High-Turnover Environments?

    - by joshin4colours
    I was talking with a colleague today. We work on code for two different projects. In my case, I'm the only person working on my code; in her case, multiple people work on the same codebase, including co-op students who come and go fairly regularly (between every 8-12 months). She said that she is liberal with her comments, putting them all over the place. Her reasoning is that it helps her remember where things are and what things do since much of the code wasn't written by her and could be changed by someone other than her. Meanwhile, I try to minimize the comments in my code, putting them in only in places with a unobvious workaround or bug. However, I have a better understanding of my code overall, and have more direct control over it. My opinion in that comments should be minimal and the code should tell most of the story, but her reasoning makes sense too. Are there any flaws in her reasoning? It may clutter the code but it ultimately could be quite helpful if there are many people working on it in the short- to medium-run.

    Read the article

  • Style bits vs. Separate bool's

    - by peterchen
    My main platform (WinAPI) still heavily uses bits for control styles etc. (example). When introducing custom controls, I'm permanently wondering whether to follow that style or rather use individual bool's. Let's pit them against each other: enum EMyCtrlStyles { mcsUseFileIcon = 1, mcsTruncateFileName = 2, mcsUseShellContextMenu = 4, }; void SetStyle(DWORD mcsStyle); void ModifyStyle(DWORD mcsRemove, DWORD mcsAdd); DWORD GetStyle() const; ... ctrl.SetStyle(mcsUseFileIcon | mcsUseShellContextMenu); vs. CMyCtrl & SetUseFileIcon(bool enable = true); bool GetUseFileIcon() const; CMyCtrl & SetTruncteFileName(bool enable = true); bool GetTruncteFileName() const; CMyCtrl & SetUseShellContextMenu(bool enable = true); bool GetUseShellContextMenu() const; ctrl.SetUseFileIcon().SetUseShellContextMenu(); As I see it, Pro Style Bits Consistent with platform less library code (without gaining complexity), less places to modify for adding a new style less caller code (without losing notable readability) easier to use in some scenarios (e.g. remembering / transferring settings) Binary API remains stable if new style bits are introduced Now, the first and the last are minor in most cases. Pro Individual booleans Intellisense and refactoring tools reduce the "less typing" effort Single Purpose Entities more literate code (as in "flows more like a sentence") No change of paradim for non-bool properties These sound more modern, but also "soft" advantages. I must admit the "platform consistency" is much more enticing than I could justify, the less code without losing much quality is a nice bonus. 1. What do you prefer? Subjectively, for writing the library, or for writing client code? 2. Any (semi-) objective statements, studies, etc.?

    Read the article

  • C# return variables

    - by pb01
    In a debate regarding return variables, some members of the team prefer a method to return the result directly to the caller, whereas others prefer to declare a return variable that is then returned to the caller (see code examples below) The argument for the latter is that it allows a developer that is debugging the code to find the return value of the method before it returns to the caller thereby making the code easier to understand: This is especially true where method calls are daisy-chained. Are there any guidelines as to which is the most efficient and/or are there any other reasons why we should adopt one style over another? Thanks private bool Is2(int a) { return a == 2; } private bool Is3(int a) { var result = a == 3; return result; }

    Read the article

  • Calling methods on Objects

    - by Mashael
    Let's say we have a class called 'Automobile' and we have an instance of that class called 'myCar'. I would like to ask why do we need to put the values that our methods return in a variable for the object? Why just don't we call the method? For example: Why should we write: string message = myCar.SpeedMessage(); Console.WriteLine(message); instead of: Console.WriteLine(myCar.SpeedMessage());

    Read the article

  • C/C++: Who uses the logical operator macros from iso646.h and why?

    - by Jaime Soto
    There has been some debate at work about using the merits of using the alternative spellings for C/C++ logical operators in iso646.h: and && and_eq &= bitand & bitor | compl ~ not ! not_eq != or || or_eq |= xor ^ xor_eq ^= According to Wikipedia, these macros facilitate typing logical operators in international (non-US English?) and non-QWERTY keyboards. All of our development team is in the same office in Orlando, FL, USA and from what I have seen we all use the US English QWERTY keyboard layout; even Dvorak provides all the necessary characters. Supporters of using the iso646.h macros claim we should them because they are part of the C and C++ standards. I think this argument is moot since digraphs and trigraphs are also part of these standards and they are not even supported by default in many compilers. My rationale for opposing these macros in our team is that we do not need them since: Everybody on our team uses the US English QWERTY keyboard layout; C and C++ programming books from the US barely mention iso646.h, if at all; and new developers may not be familiar with iso646.h (this is expected if they are from the US). /rant Finally, to my set of questions: Does anyone in this site use the iso646.h logical operator macros? Why? What is your opinion about using the iso646.h logical operator macros in code written and maintained on US English QWERTY keyboards? Is my digraph and trigraph analogy a valid argument against using iso646.h with US English QWERTY keyboard layouts? EDIT: I missed two similar questions in StackOverflow: Is anybody using the named boolean operators? Which C++ logical operators do you use: and, or, not and the ilk or C style operators? why?

    Read the article

  • Simple vs Complex (but performance efficient) solution - which one to choose and when?

    - by ManojGumber
    I have been programming for a couple of years and have often found myself at a dilemma. There are two solutions - one is simple one i.e. simple approach, easier to understand and maintain. It involves some redundancy, some extra work (extra IO, extra processing) and therefore is not the most optimal solution. but other uses a complex approach,difficult to implement, often involving interaction between lot of modules and is a performance efficient solution. Which solution should I strive for when I do not have hard performance SLA to meet and even the simple solution can meet the performance SLA? I have felt disdain among my fellow developers for simple solution. Is it good practice to come up with most optimal complex solution if your performance SLA can be met by a simple solution?

    Read the article

  • Is it bad idea to use flag variable to search MAX element in array?

    - by Boris Treukhov
    Over my programming career I formed a habit to introduce a flag variable that indicates that the first comparison has occured, just like Msft does in its linq Max() extension method implementation public static int Max(this IEnumerable<int> source) { if (source == null) { throw Error.ArgumentNull("source"); } int num = 0; bool flag = false; foreach (int num2 in source) { if (flag) { if (num2 > num) { num = num2; } } else { num = num2; flag = true; } } if (!flag) { throw Error.NoElements(); } return num; } However I have met some heretics lately, who implement this by just starting with the first element and assigning it to result, and oh no - it turned out that STL and Java authors have preferred the latter method. Java: public static <T extends Object & Comparable<? super T>> T max(Collection<? extends T> coll) { Iterator<? extends T> i = coll.iterator(); T candidate = i.next(); while (i.hasNext()) { T next = i.next(); if (next.compareTo(candidate) > 0) candidate = next; } return candidate; } STL: template<class _FwdIt> inline _FwdIt _Max_element(_FwdIt _First, _FwdIt _Last) { // find largest element, using operator< _FwdIt _Found = _First; if (_First != _Last) for (; ++_First != _Last; ) if (_DEBUG_LT(*_Found, *_First)) _Found = _First; return (_Found); } Are there any preferences between one method or another? Are there any historical reasons for this? Is one method more dangerous than another?

    Read the article

  • Static classes and/or singletons -- How many does it take to become a code smell?

    - by Earlz
    In my projects I use quite a lot of static classes. These are usually classes that naturally seem to fit into a single-instance type of thing. Many times I use static classes and recently I've started using some singletons. How many of these does it take to become a code smell? For instance, in my recent project which has a lot of static classes is an Authentication library for ASP.Net. I use a static class for a helper class that fixes ASP.Net error codes so it can be used like CustomErrorsFixer.Fix(Context); Or my authentication class itself is a static class //in global.asax's begin_application Authentication.SomeState="blah"; Authentication.SomeOption=true; //etc //in global.asax's begin_request Authentication.Authenticate(); When are static or singleton classes bad to use? Am I doing it wrong, or am I just in a project that by definition has very little per-instance state associated with it? The only per-instance state I have is stored in HttpContext.Current.Items like so: /// <summary> /// The current user logged in for the HTTP request. If there is not a user logged in, this will be null. /// </summary> public static UserData CurrentUser{ get{ return HttpContext.Current.Items["fscauth_currentuser"] as UserData; //use HttpContext.Current as a little place to persist static data for this request } private set{ HttpContext.Current.Items["fscauth_currentuser"]=value; } }

    Read the article

  • When to write an explicit return statement in Groovy?

    - by Roland Schneider
    At the moment I am working on a Groovy/Grails project (which I'm quite new in) and I wonder whether it is good practice to omit the return keyword in Groovy methods. As far as I know you have to explicitly insert the keyword i.e. for guard clauses, so should one use it also everywhere else? In my opinion the additional return keyword increases readability. Or is it something you just have to get used to? What is your experience with that topic? Some examples: def foo(boolean bar) { // Not consistent if (bar) { return positiveBar() } negativeBar() } def foo2() { // Special Grails example def entitiy = new Entity(foo: 'Foo', bar: 'Bar') entity.save flush: true // Looks strange to me this way entity }

    Read the article

  • The problems with Avoiding Smurf Naming classes with namespaces

    - by Daniel Koverman
    I pulled the term smurf naming from here (number 21). To save anyone not familiar the trouble, Smurf naming is the act of prefixing a bunch of related classes, variables, etc with a common prefix so you end up with "a SmurfAccountView passes a SmurfAccountDTO to the SmurfAccountController", etc. The solution I've generally heard to this is to make a smurf namespace and drop the smurf prefixes. This has generally served me well, but I'm running into two problems. I'm working with a library with a Configuration class. It could have been called WartmongerConfiguration but it's in the Wartmonger namespace, so it's just called Configuration. I likewise have a Configuration class which could be called SmurfConfiguration, but it is in the Smurf namespace so that would be redundant. There are places in my code where Smurf.Configuration appears alongside Wartmonger.Configuration and typing out fully qualified names is clunky and makes the code less readable. It would be nicer to deal with a SmurfConfiguration and (if it was my code and not a library) WartmongerConfiguration. I have a class called Service in my Smurf namespace which could have been called SmurfService. Service is a facade on top of a complex Smurf library which runs Smurf jobs. SmurfService seems like a better name because Service without the Smurf prefix is so incredibly generic. I can accept that SmurfService was already a generic, useless name and taking away smurf merely made this more apparent. But it could have been named Runner, Launcher, etc and it would still "feel better" to me as SmurfLauncher because I don't know what a Launcher does, but I know what a SmurfLauncher does. You could argue that what a Smurf.Launcher does should be just as apparent as a Smurf.SmurfLauncher, but I could see `Smurf.Launcher being some kind of class related to setup rather than a class that launches smurfs. If there is an open and shut way to deal with either of these that would be great. If not, what are some common practices to mitigate their annoyance?

    Read the article

  • Programming in academic environment vs industry environment [closed]

    - by user200340
    Possible Duplicate: Differences between programming in school vs programming in industry? This is a general discussion about programming in the industry environment. The background story is that my colleague sent me a very interesting article called "10 Things Entrepreneurs Don’t Learn in College." The first point in that post is about the author's experience of programming in the academic environment vs industry environment. After finishing a 4 year Computer Science degree course, I am currently working in the academic environment as a developer, mainly writing Java, J2EE, Javascript code. I know there are differences between academic programming and industry programming, but I was shocked after reading that post. Trying to avoid this happening on me in the future, or the others. Can anyone from industry give some general advice about how to program in industry. For example, What exactly happens when a task is received? What is the flow from the beginning to the end? What are the main differences between the programming in industry and academia? Is it more structured? Are more frameworks used? It would be great if some code examples could be given. Thanks.

    Read the article

  • Is there a resource that explains the benefits of layered programming?

    - by P.Brian.Mackey
    Some developers I know favor what I would call a procedural programming style. I recognize that procedural programming has its uses, albeit not in the business application world of .NET programming. So let's say we have a winform application with a buttonclick event. The buttonclick handles everything from the UI configuration to the database call and data manipulation. So you end up with a method that is 100's of lines of code long. Outside the fact that this code can't be considered test-able for various reasons, this style of programming is fragile to change. I can talk bout OO, Anti-patterns, etc. The problem is that any distinct topic I can dream up requires a great deal of explanation to understand the potential benefits. Outside of finding a new job (lots of businesses program this way), how can I teach these kinds of developers how to write better code? Obviously we can't sit around a round table and discuss pro's and con's all day due to time constraints and real work that has to be done. Although, training and intense training is the only thing I can think of to fix these problems. Not to say I write perfect code, I most certainly do not. I do believe there are certain best practices that should be followed as a rule E.G. OO in the context of .NET. The most common excuse I hear is "we can't write code fast enough if we do it like that".

    Read the article

  • Code maintenance: keeping a bad pattern when extending new code for being consistent or not ?

    - by Guillaume
    I have to extend an existing module of a project. I don't like the way it has been done (lots of anti-pattern involved, like copy/pasted code). I don't want to perform a complete refactor. Should I: create new methods using existing convention, even if I feel it wrong, to avoid confusion for the next maintainer and being consistent with the code base? or try to use what I feel better even if it is introducing another pattern in the code ? Precison edited after first answers: The existing code is not a mess. It is easy to follow and understand. BUT it is introducing lots of boilerplate code that can be avoided with good design (resulting code might become harder to follow then). In my current case it's a good old JDBC (spring template inboard) DAO module, but I have already encounter this dilemma and I'm seeking for other dev feedback. I don't want to refactor because I don't have time. And even with time it will be hard to justify that a whole perfectly working module needs refactoring. Refactoring cost will be heavier than its benefits. Remember: code is not messy or over-complex. I can not extract few methods there and introduce an abstract class here. It is more a flaw in the design (result of extreme 'Keep It Stupid Simple' I think) So the question can also be asked like that: You, as developer, do you prefer to maintain easy stupid boring code OR to have some helpers that will do the stupid boring code at your place ? Downside of the last possibility being that you'll have to learn some stuff and maybe you will have to maintain the easy stupid boring code too until a full refactoring is done)

    Read the article

  • How to deal with ad-hoc mindsets?

    - by Rotian
    I joined a dev team of six two month ago. People are nice, all is good. But more and more I observe an ad-hoc mindset. Stuff gets quick fixed, at the cost of future usability, there is little testing and two people happily admitted, that they like to carry the knowledge around in their head, rather than to write it down. How to deal with this? I'd like to lead by example, but time is limited - I like architecting and actually implementing the stuff. But I'm afraid the ad-hoc mindset infects me and rather than striving for clearness and simplicity in design and code - which isn't simple to establish - I get pulled down the drain of an endless spiral of hacks on hacks - which no outsider can uncouple - just for schedule's and management's sake.

    Read the article

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >