Search Results

Search found 4593 results on 184 pages for 'constructor injection'.

Page 3/184 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Can higher-order functions in FP be interpreted as some kind of dependency injection?

    - by Giorgio
    According to this article, in object-oriented programming / design dependency injection involves a dependent consumer, a declaration of a component's dependencies, defined as interface contracts, an injector that creates instances of classes that implement a given dependency interface on request. Let us now consider a higher-order function in a functional programming language, e.g. the Haskell function filter :: (a -> Bool) -> [a] -> [a] from Data.List. This function transforms a list into another list and, in order to perform its job, it uses (consumes) an external predicate function that must be provided by its caller, e.g. the expression filter (\x -> (mod x 2) == 0) [1, 2, 3, 4, 5, 6, 7, 8, 9, 10] selects all even numbers from the input list. But isn't this construction very similar to the pattern illustrated above, where the filter function is the dependent consumer, the signature (a -> Bool) of the function argument is the interface contract, the expression that uses the higher-order is the injector that, in this particular case, injects the implementation (\x -> (mod x 2) == 0) of the contract. More in general, can one relate higher-order functions and their usage pattern in functional programming to the dependency injection pattern in object-oriented languages? Or in the inverse direction, can dependency injection be compared to using some kind of higher-order function?

    Read the article

  • Questioning one of the arguments for dependency injection: Why is creating an object graph hard?

    - by oberlies
    Dependency injection frameworks like Google Guice give the following motivation for their usage (source): To construct an object, you first build its dependencies. But to build each dependency, you need its dependencies, and so on. So when you build an object, you really need to build an object graph. Building object graphs by hand is labour intensive (...) and makes testing difficult. But I don't buy this argument: Even without dependency injection, I can write classes which are both easy to instantiate and convenient to test. E.g. the example from the Guice motivation page could be rewritten in the following way: class BillingService { private final CreditCardProcessor processor; private final TransactionLog transactionLog; // constructor for tests, taking all collaborators as parameters BillingService(CreditCardProcessor processor, TransactionLog transactionLog) { this.processor = processor; this.transactionLog = transactionLog; } // constructor for production, calling the (productive) constructors of the collaborators public BillingService() { this(new PaypalCreditCardProcessor(), new DatabaseTransactionLog()); } public Receipt chargeOrder(PizzaOrder order, CreditCard creditCard) { ... } } So there may be other arguments for dependency injection (which are out of scope for this question!), but easy creation of testable object graphs is not one of them, is it?

    Read the article

  • SQL Injection When Using MySQLi Prepared Statements

    - by Sev
    If all that is used to do any and all database queries is MySQLi prepared statements with bound parameters in a web-app, is sql injection still possible? Notes I know that there are other forms of attack other than sql-injection, but my question is specific to sql-injection attacks on that particular web application only.

    Read the article

  • Rails SQL injection?

    - by yuval
    In Rails, when I want to find by a user given value and avoid SQL injection (escape apostrophes and the like) I can do something like this: Post.all(:conditions => ['title = ?', params[:title]]) I know that an unsafe way of doing this (possible SQL injection) is this: Post.all(:conditions => "title = #{params[:title]}") My question is, does the following method prevent SQL injection or not? Post.all(:conditions => {:title => params[:title]})

    Read the article

  • Avoid SQL Injection with Parameters

    - by simonsabin
    The best way to avoid SQL Injection is with parameters. With parameters you can’t get SQL Injection. You only get SQL Injection where you are building a SQL statement by concatenating your parameter values in with your SQL statement. Annoyingly many TSQL statements don’t take parameters, CREATE DATABASE for instance, or really annoyingly ALTER USER. In these situations you have to rely on using QUOTENAME or REPLACE to avoid SQL Injection. (Kimberly Tripp takes about this in her recent blog post Little...(read more)

    Read the article

  • Is reliance on parametrized queries the only way to protect against SQL injection?

    - by Chris Walton
    All I have seen on SQL injection attacks seems to suggest that parametrized queries, particularly ones in stored procedures, are the only way to protect against such attacks. While I was working (back in the Dark Ages) stored procedures were viewed as poor practice, mainly because they were seen as less maintainable; less testable; highly coupled; and locked a system into one vendor; (this question covers some other reasons). Although when I was working, projects were virtually unaware of the possibility of such attacks; various rules were adopted to secure the database against corruption of various sorts. These rules can be summarised as: No client/application had direct access to the database tables. All accesses to all tables were through views (and all the updates to the base tables were done through triggers). All data items had a domain specified. No data item was permitted to be nullable - this had implications that had the DBAs grinding their teeth on occasion; but was enforced. Roles and permissions were set up appropriately - for instance, a restricted role to give only views the right to change the data. So is a set of (enforced) rules such as this (though not necessarily this particular set) an appropriate alternative to parametrized queries in preventing SQL injection attacks? If not, why not? Can a database be secured against such attacks by database (only) specific measures? EDIT Emphasis of the question changed slightly, in the light of the initial responses received. Base question unchanged. EDIT2 The approach of relying on paramaterized queries seems to be only a peripheral step in defense against attacks on systems. It seems to me that more fundamental defenses are both desirable, and may render reliance on such queries not necessary, or less critical, even to defend specifically against injection attacks. The approach implicit in my question was based on "armouring" the database and I had no idea whether it was a viable option. Further research has suggested that there are such approaches. I have found the following sources that provide some pointers to this type of approach: http://database-programmer.blogspot.com http://thehelsinkideclaration.blogspot.com The principle features I have taken from these sources is: An extensive data dictionary, combined with an extensive security data dictionary Generation of triggers, queries and constraints from the data dictionary Minimize Code and maximize data While the answers I have had so far are very useful and point out difficulties arising from disregarding paramaterized queries, ultimately they do not answer my original question(s) (now emphasised in bold).

    Read the article

  • How to combine designable components with dependency injection

    - by Wim Coenen
    When creating a designable .NET component, you are required to provide a default constructor. From the IComponent documentation: To be a component, a class must implement the IComponent interface and provide a basic constructor that requires no parameters or a single parameter of type IContainer. This makes it impossible to do dependency injection via constructor arguments. (Extra constructors could be provided, but the designer would ignore them.) Some alternatives we're considering: Service Locator Don't use dependency injection, instead use the service locator pattern to acquire dependencies. This seems to be what IComponent.Site.GetService is for. I guess we could create a reusable ISite implementation (ConfigurableServiceLocator?) which can be configured with the necessary dependencies. But how does this work in a designer context? Dependency Injection via properties Inject dependencies via properties. Provide default instances if they are necessary to show the component in a designer. Document which properties need to be injected. Inject dependencies with an Initialize method This is much like injection via properties but it keeps the list of dependencies that need to be injected in one place. This way the list of required dependencies is documented implicitly, and the compiler will assists you with errors when the list changes. Any idea what the best practice is here? How do you do it? edit: I have removed "(e.g. a WinForms UserControl)" since I intended the question to be about components in general. Components are all about inversion of control (see section 8.3.1 of the UMLv2 specification) so I don't think that "you shouldn't inject any services" is a good answer. edit 2: It took some playing with WPF and the MVVM pattern to finally "get" Mark's answer. I see now that visual controls are indeed a special case. As for using non-visual components on designer surfaces, I think the .NET component model is fundamentally incompatible with dependency injection. It appears to be designed around the service locator pattern instead. Maybe this will start to change with the infrastructure that was added in .NET 4.0 in the System.ComponentModel.Composition namespace.

    Read the article

  • Opt-out of copy constructor

    - by sheepsimulator
    This might be a silly question, but... I've been writing a number of classes that utilize non-copyable members. These classes are never initialized via the copy constructor in my source. When I try to compile without supplying my own copy-constructor, g++ throws out many errors about how it can't build a default copy constructor, due to the non-copyable member objects. Is there a way to tell the compiler to just not give me a copy constructor?

    Read the article

  • Rhino Mocks, Dependency Injection, and Separation of Concerns

    - by whatispunk
    I am new to mocking and dependency injection and need some guidance. My application is using a typical N-Tier architecture where the BLL references the DAL, and the UI references the BLL but not the DAL. Pretty straight forward. Lets say, for example, I have the following classes: class MyDataAccess : IMyDataAccess {} class MyBusinessLogic {} Each exists in a separate assembly. I want to mock MyDataAccess in the tests for MyBusinessLogic. So I added a constructor to the MyBusinessLogic class to take an IMyDataAccess parameter for the dependency injection. But now when I try to create an instance of MyBusinessLogic on the UI layer it requires a reference to the DAL. I thought I could define a default constructor on MyBusinessLogic to set a default IMyDataAccess implementation, but not only does this seem like a codesmell it didn't actually solve the problem. I'd still have a public constructor with IMyDataAccess in the signature. So the UI layer still requires a reference to the DAL in order to compile. One possible solution I am toying with is to create an internal constructor for MyBusinessLogic with the IMyDataAccess parameter. Then I can use an Accessor from the test project to call the constructor. But there's still that smell. What is the common solution here. I must just be doing something wrong. How could I improve the architecture?

    Read the article

  • Empty constructor or no constructor

    - by Ram
    Hi, I think it is not mandatory to have a default constructor in a class (C#). So in that situation shall I have a empty constructor in the class or I can skip it? Is it a best practice to have a default empty constructor? Class test { test() { } ...... } or Class test { ...... }

    Read the article

  • testing if constructor in constructor chain

    - by Delan Azabani
    I'm attempting to implement a GTK+ inspired widget toolkit for the web in JavaScript. One of the constructor chains goes gtk.widget => gtk.container => gtk.bin => gtk.window Every gtk.widget has a showAll method, which, if and only if the widget is a gtk.container or derivative (such as gtk.bin or gtk.window), will recursively show the children of that widget. Obviously, if it isn't a gtk.container or derivative, we shouldn't do anything because the widget in question can't contain anything. For reference, here is my inheritance function; it's probably not the best, but it's a start: function inherit(target, parent) { target.prototype = new parent; target.prototype.constructor = target; } I know that I can check for the direct constructor like this: if (this.constructor === gtk.container) ... However, this only tests for direct construction and not, say, if the object is a gtk.bin or gtk.window. How can I test whether gtk.container is somewhere up in the constructor chain?

    Read the article

  • Trouble with object injection in Spring.Net

    - by Abdel Olakara
    Hi all, I have a issue with my Spring.Net configuration where its not injecting an object. I have a CommService to which an object named GeneralEmail is injected to. Here is the configuration: <!-- GeneralMail Object --> <object id="GeneralMailObject" type="CommUtil.Email.GeneralEmail, CommUtil"> <constructor-arg name="host" value="xxxxx.com"/> <constructor-arg name="port" value="25"/> <constructor-arg name="user" value="[email protected]"/> <constructor-arg name="password" value="xxxxx"/> <constructor-arg name="template" value="xxxxx"/> </object> <!-- Communication Service --> <object id="CommServiceObject" type="TApp.Code.Services.CommService, TApp"> <property name="emailService" ref="GeneralMailObject" /> </object> The communication service object is again injected to many other aspx pages & service. In one scenario, I need to call the commnucation service from an static WebMethod. I try doing: CommService cso = new CommService(); But when i try to get the emailService object, its null! why didn't the spring inject the GeneralMail object into my cso object? What am I doing wrong and how do I access the object from spring container. Thanks in advance for the suggestions and solutions. Reagrds, Abdel Olakara

    Read the article

  • Which Dependency Injection Tool Should I Use? (2)

    - by Mendy
    The original post is: Which Dependency Injection Tool Should I Use? While the original post is good, in this days I see a lot of people using StructureMap as their Dependency Injection tool, and in the original post no one even took it seriously. In addition, this quote: If I had to choose today: I would probably go with StructureMap. It has the best support for C# 3.0 language features, and the most flexibility in initialization. Which Dependency Injection Tool Should I Use? Out of this ones: Unity Framework - Microsoft StructureMap - Jeremy Miller Castle Windsor NInject Spring Framework Autofac Managed Extensibility Framework

    Read the article

  • Init var without copy constructor

    - by Ockonal
    Hello, I have some class(Window) without copy constructor (it's private). I can't understand how to init var of this class in my own class: class MyClass { Window obj; // Hasn't copy constructor public: void init() { obj = Window(/* constructor params */); // [error] obj(/* constructor params */); // [error] } } Error 1: initializing argument 1 of ‘Window::Window(WindowHandle, const sf::WindowSettings&)’ Error 2: ‘NonCopyable& NonCopyable::operator=(const NonCopyable&)’ is private But it works in this way: Window obj(/* constructor params */);

    Read the article

  • Doubt about constructor in JAVA

    - by Harry Joy
    I have few doubts regarding constructor in java Can a constructor be private? If yes then in which condition? Constructor is a method or not? If constructor does not return anything then why we are getting a new Object every time we call it. Whats the default access modifier of a constructor if we did not specify. Thanks & Regards Edit---------- Answer for 1 & 3 are very clear. But still doubt about 2&4 as i'm getting different answers for them.

    Read the article

  • Xpath Injection detection Tool

    - by preeti
    Hi, I am working on xpath Injection attack, so looking forward to build a tool to detect xpath Injection Tool in a website.Is web crawling and scanning be used for this? What can be the Logic to detect it? Are there any open source tools to detect it, so that i can develop it in Java by looking at logic used in that code. Thank You.

    Read the article

  • is there any chance of sql injection through selectbox( dynamically created or static)

    - by I Like PHP
    Hello All, i want to know that is there any chance of SQL injection via selectbox options? if yes then will u please show some demonstration(or refer any link). and also tell me how do we prevent sql injection in selectbox.(using PHP MYSQL) one more: if i create a selectbox dynamically( based on options of another select box) then is there any chance of SQLinjection? Thanking you.

    Read the article

  • Logging exceptions during bean injection

    - by Marc W
    I think this is a pretty basic question, but after Googling around I can't seem to find the answer. What I need is a way to log some custom output with log4j during Spring bean construction. I have a factory class called ResponderFactory (being used as an instance factory in Spring) with a factory method that can throw 2 different types of exception. public CollectorResponder collectorResponder(String inputQueueName) throws ConfigurationException, BrokerConnectionException {} Now, normally I could wrap a call to this method in a try-catch block with 2 catch clauses to handle the logging situations for each of the exceptions. However, if I'm using Spring to inject this CollectorResponder, created with the factory, into another class I don't see how this is possible. <bean id="responderFactory" class="com.package.ResponderFactory"> <constructor-arg index="0" ref="basicDispatcher" /> <constructor-arg index="1" value="http://localhost:9000" /> </bean> <bean id="collectorResponder" class="com.package.CollectorResponder" factory-bean="responderFactory" factory-method="collectorResponder"> <constructor-arg value="collector.in" /> </bean> <bean id="collectorConsumer" class="com.package.CollectorConsumer"> <constructor-arg ref="collectorResponder" /> </bean> Again, I want to catch these exceptions when the collectorResponder bean is instantiated. Right now I'm dealing with this is CollectorConsumer when I instantiate using new CollectorResponder(...). Is there any way I can do this?

    Read the article

  • Are multiline queries sql-injection safe?

    - by acmatos
    This might be a stupid question. Or maybe my hacking skills are limited (I don't practice them at all). I have a query that looks like this: <?php $query =<<<eot SELECT table_x.field1, table_x.field2, table_y.*, table_z.field4 FROM ( SELECT ... ) as table_y LEFT JOIN table_x ON table_x.field1 = table_y.field_x LEFT JOIN table_z ON table_z.field1 = table_y.field_z WHERE table_x.field3 = '$something' AND table_z.field4 = '1' AND table_z.field5 = '2' eot; ?> I have a lot of other tests on $something before it gets used, like $something = explode(' ',$something); (which later result in a string) none of them intend to prevent injection but they make it hard for the given injection to get as is to the actual query. However, there are ways. We all know how easy it is to replace a space for something else which is still valid.. So, it's not really a problem to make a potentially harmful piece of SQL reach that $something... But is there any way to comment the rest of the original query string if it is multi-line? I can comment AND table_z.field4 = '1' using ;-- but can't comment the following AND table_z.field5 = '2' Is it possible to open a multi-line comment /* without closing it or something looked like and therefore allow the injection to ignore the multi-line query?

    Read the article

  • Dependency Injection with Custom Membership Provider

    - by alastairs
    I have an ASP.NET MVC web application that implements a custom membership provider. The custom membership provider takes a UserRepository to its constructor that provides an interface between the membership provider and NHibernate. The UserRepository is provided by the Ninject IoC container. Obviously, however, this doesn't work when the provider is instantiated by .NET: the parameterless constructor does not have a UserRepository and cannot create one (the UserRepository requires an NHibernate session be passed to its constructor), which then means that the provider cannot access its data store. How can I resolve my object dependency? It's probably worth noting that this is an existing application that has been retrofitted with Ninject. Previously I used parameterless constructors that were able to create their required dependencies in conjunction with the parametered constructors to assist unit testing. Any thoughts, or have I built myself into a corner here?

    Read the article

  • Spring overloaded constructor injection

    - by noob
    This is the code : public class Triangle { private String color; private int height; public Triangle(String color,int height){ this.color = color; this.height = height; } public Triangle(int height ,String color){ this.color = color; this.height = height; } public void draw() { System.out.println("Triangle is drawn , + "color:"+color+" ,height:"+height); } } The Spring config-file is : <bean id="triangle" class="org.tester.Triangle"> <constructor-arg value="20" /> <constructor-arg value="10" /> </bean> Is there any specific rule to determine which constructor will be called by Spring ?

    Read the article

  • C++ Array Initialization in Function Call or Constructor Call

    - by david
    This question is related to the post here. Is it possible to initialize an array in a function call or constructor call? For example, class foo's constructor wants an array of size 3, so I want to call foo( { 0, 0, 0 } ). I've tried this, and it does not work. I'd like to be able to initialize objects of type foo in other objects' constructor initialization lists, or initialize foo's without first creating a separate array. Is this possible?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >