Search Results

Search found 19859 results on 795 pages for 'image modification'.

Page 701/795 | < Previous Page | 697 698 699 700 701 702 703 704 705 706 707 708  | Next Page >

• ASP.NET Web API Exception Handling

  - by Fredrik N

  When I talk about exceptions in my product team I often talk about two kind of exceptions, business and critical exceptions. Business exceptions are exceptions thrown based on “business rules”, for example if you aren’t allowed to do a purchase. Business exceptions in most case aren’t important to log into a log file, they can directly be shown to the user. An example of a business exception could be "DeniedToPurchaseException”, or some validation exceptions such as “FirstNameIsMissingException” etc. Critical Exceptions are all other kind of exceptions such as the SQL server is down etc. Those kind of exception message need to be logged and should not reach the user, because they can contain information that can be harmful if it reach out to wrong kind of users. I often distinguish business exceptions from critical exceptions by creating a base class called BusinessException, then in my error handling code I catch on the type BusinessException and all other exceptions will be handled as critical exceptions. This blog post will be about different ways to handle exceptions and how Business and Critical Exceptions could be handled. Web API and Exceptions the basics When an exception is thrown in a ApiController a response message will be returned with a status code set to 500 and a response formatted by the formatters based on the “Accept” or “Content-Type” HTTP header, for example JSON or XML. Here is an example:   public IEnumerable<string> Get() { throw new ApplicationException("Error!!!!!"); return new string[] { "value1", "value2" }; } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } The response message will be: HTTP/1.1 500 Internal Server Error Content-Length: 860 Content-Type: application/json; charset=utf-8 { "ExceptionType":"System.ApplicationException","Message":"Error!!!!!","StackTrace":" at ..."} .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   The stack trace will be returned to the client, this is because of making it easier to debug. Be careful so you don’t leak out some sensitive information to the client. So as long as you are developing your API, this is not harmful. In a production environment it can be better to log exceptions and return a user friendly exception instead of the original exception. There is a specific exception shipped with ASP.NET Web API that will not use the formatters based on the “Accept” or “Content-Type” HTTP header, it is the exception is the HttpResponseException class. Here is an example where the HttpReponseExcetpion is used: // GET api/values [ExceptionHandling] public IEnumerable<string> Get() { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError)); return new string[] { "value1", "value2" }; } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } The response will not contain any content, only header information and the status code based on the HttpStatusCode passed as an argument to the HttpResponseMessage. Because the HttpResponsException takes a HttpResponseMessage as an argument, we can give the response a content: public IEnumerable<string> Get() { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent("My Error Message"), ReasonPhrase = "Critical Exception" }); return new string[] { "value1", "value2" }; } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   The code above will have the following response:   HTTP/1.1 500 Critical Exception Content-Length: 5 Content-Type: text/plain; charset=utf-8 My Error Message .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } The Content property of the HttpResponseMessage doesn’t need to be just plain text, it can also be other formats, for example JSON, XML etc. By using the HttpResponseException we can for example catch an exception and throw a user friendly exception instead: public IEnumerable<string> Get() { try { DoSomething(); return new string[] { "value1", "value2" }; } catch (Exception e) { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent("An error occurred, please try again or contact the administrator."), ReasonPhrase = "Critical Exception" }); } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   Adding a try catch to every ApiController methods will only end in duplication of code, by using a custom ExceptionFilterAttribute or our own custom ApiController base class we can reduce code duplicationof code and also have a more general exception handler for our ApiControllers . By creating a custom ApiController’s and override the ExecuteAsync method, we can add a try catch around the base.ExecuteAsync method, but I prefer to skip the creation of a own custom ApiController, better to use a solution that require few files to be modified. The ExceptionFilterAttribute has a OnException method that we can override and add our exception handling. Here is an example: using System; using System.Diagnostics; using System.Net; using System.Net.Http; using System.Web.Http; using System.Web.Http.Filters; public class ExceptionHandlingAttribute : ExceptionFilterAttribute { public override void OnException(HttpActionExecutedContext context) { if (context.Exception is BusinessException) { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent(context.Exception.Message), ReasonPhrase = "Exception" }); } //Log Critical errors Debug.WriteLine(context.Exception); throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent("An error occurred, please try again or contact the administrator."), ReasonPhrase = "Critical Exception" }); } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   Note: Something to have in mind is that the ExceptionFilterAttribute will be ignored if the ApiController action method throws a HttpResponseException. The code above will always make sure a HttpResponseExceptions will be returned, it will also make sure the critical exceptions will show a more user friendly message. The OnException method can also be used to log exceptions. By using a ExceptionFilterAttribute the Get() method in the previous example can now look like this: public IEnumerable<string> Get() { DoSomething(); return new string[] { "value1", "value2" }; } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } To use the an ExceptionFilterAttribute, we can for example add the ExceptionFilterAttribute to our ApiControllers methods or to the ApiController class definition, or register it globally for all ApiControllers. You can read more about is here. Note: If something goes wrong in the ExceptionFilterAttribute and an exception is thrown that is not of type HttpResponseException, a formatted exception will be thrown with stack trace etc to the client. How about using a custom IHttpActionInvoker? We can create our own IHTTPActionInvoker and add Exception handling to the invoker. The IHttpActionInvoker will be used to invoke the ApiController’s ExecuteAsync method. Here is an example where the default IHttpActionInvoker, ApiControllerActionInvoker, is used to add exception handling: public class MyApiControllerActionInvoker : ApiControllerActionInvoker { public override Task<HttpResponseMessage> InvokeActionAsync(HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken) { var result = base.InvokeActionAsync(actionContext, cancellationToken); if (result.Exception != null && result.Exception.GetBaseException() != null) { var baseException = result.Exception.GetBaseException(); if (baseException is BusinessException) { return Task.Run<HttpResponseMessage>(() => new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent(baseException.Message), ReasonPhrase = "Error" }); } else { //Log critical error Debug.WriteLine(baseException); return Task.Run<HttpResponseMessage>(() => new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent(baseException.Message), ReasonPhrase = "Critical Error" }); } } return result; } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } You can register the IHttpActionInvoker with your own IoC to resolve the MyApiContollerActionInvoker, or add it in the Global.asax: GlobalConfiguration.Configuration.Services.Remove(typeof(IHttpActionInvoker), GlobalConfiguration.Configuration.Services.GetActionInvoker()); GlobalConfiguration.Configuration.Services.Add(typeof(IHttpActionInvoker), new MyApiControllerActionInvoker()); .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   How about using a Message Handler for Exception Handling? By creating a custom Message Handler, we can handle error after the ApiController and the ExceptionFilterAttribute is invoked and in that way create a global exception handler, BUT, the only thing we can take a look at is the HttpResponseMessage, we can’t add a try catch around the Message Handler’s SendAsync method. The last Message Handler that will be used in the Wep API pipe-line is the HttpControllerDispatcher and this Message Handler is added to the HttpServer in an early stage. The HttpControllerDispatcher will use the IHttpActionInvoker to invoke the ApiController method. The HttpControllerDipatcher has a try catch that will turn ALL exceptions into a HttpResponseMessage, so that is the reason why a try catch around the SendAsync in a custom Message Handler want help us. If we create our own Host for the Wep API we could create our own custom HttpControllerDispatcher and add or exception handler to that class, but that would be little tricky but is possible. We can in a Message Handler take a look at the HttpResponseMessage’s IsSuccessStatusCode property to see if the request has failed and if we throw the HttpResponseException in our ApiControllers, we could use the HttpResponseException and give it a Reason Phrase and use that to identify business exceptions or critical exceptions. I wouldn’t add an exception handler into a Message Handler, instead I should use the ExceptionFilterAttribute and register it globally for all ApiControllers. BUT, now to another interesting issue. What will happen if we have a Message Handler that throws an exception?  Those exceptions will not be catch and handled by the ExceptionFilterAttribute. I found a  bug in my previews blog post about “Log message Request and Response in ASP.NET WebAPI” in the MessageHandler I use to log incoming and outgoing messages. Here is the code from my blog before I fixed the bug:   public abstract class MessageHandler : DelegatingHandler { protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var corrId = string.Format("{0}{1}", DateTime.Now.Ticks, Thread.CurrentThread.ManagedThreadId); var requestInfo = string.Format("{0} {1}", request.Method, request.RequestUri); var requestMessage = await request.Content.ReadAsByteArrayAsync(); await IncommingMessageAsync(corrId, requestInfo, requestMessage); var response = await base.SendAsync(request, cancellationToken); var responseMessage = await response.Content.ReadAsByteArrayAsync(); await OutgoingMessageAsync(corrId, requestInfo, responseMessage); return response; } protected abstract Task IncommingMessageAsync(string correlationId, string requestInfo, byte[] message); protected abstract Task OutgoingMessageAsync(string correlationId, string requestInfo, byte[] message); } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   If a ApiController throws a HttpResponseException, the Content property of the HttpResponseMessage from the SendAsync will be NULL. So a null reference exception is thrown within the MessageHandler. The yellow screen of death will be returned to the client, and the content is HTML and the Http status code is 500. The bug in the MessageHandler was solved by adding a check against the HttpResponseMessage’s IsSuccessStatusCode property: public abstract class MessageHandler : DelegatingHandler { protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var corrId = string.Format("{0}{1}", DateTime.Now.Ticks, Thread.CurrentThread.ManagedThreadId); var requestInfo = string.Format("{0} {1}", request.Method, request.RequestUri); var requestMessage = await request.Content.ReadAsByteArrayAsync(); await IncommingMessageAsync(corrId, requestInfo, requestMessage); var response = await base.SendAsync(request, cancellationToken); byte[] responseMessage; if (response.IsSuccessStatusCode) responseMessage = await response.Content.ReadAsByteArrayAsync(); else responseMessage = Encoding.UTF8.GetBytes(response.ReasonPhrase); await OutgoingMessageAsync(corrId, requestInfo, responseMessage); return response; } protected abstract Task IncommingMessageAsync(string correlationId, string requestInfo, byte[] message); protected abstract Task OutgoingMessageAsync(string correlationId, string requestInfo, byte[] message); } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } If we don’t handle the exceptions that can occur in a custom Message Handler, we can have a hard time to find the problem causing the exception. The savior in this case is the Global.asax’s Application_Error: protected void Application_Error() { var exception = Server.GetLastError(); Debug.WriteLine(exception); } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } I would recommend you to add the Application_Error to the Global.asax and log all exceptions to make sure all kind of exception is handled. Summary There are different ways we could add Exception Handling to the Wep API, we can use a custom ApiController, ExceptionFilterAttribute, IHttpActionInvoker or Message Handler. The ExceptionFilterAttribute would be a good place to add a global exception handling, require very few modification, just register it globally for all ApiControllers, even the IHttpActionInvoker can be used to minimize the modifications of files. Adding the Application_Error to the global.asax is a good way to catch all unhandled exception that can occur, for example exception thrown in a Message Handler.   If you want to know when I have posted a blog post, you can follow me on twitter @fredrikn

  Read the article

• Creating STA COM compatible ASP.NET Applications

  - by Rick Strahl

  When building ASP.NET applications that interface with old school COM objects like those created with VB6 or Visual FoxPro (MTDLL), it's extremely important that the threads that are serving requests use Single Threaded Apartment Threading. STA is a COM built-in technology that allows essentially single threaded components to operate reliably in a multi-threaded environment. STA's guarantee that COM objects instantiated on a specific thread stay on that specific thread and any access to a COM object from another thread automatically marshals that thread to the STA thread. The end effect is that you can have multiple threads, but a COM object instance lives on a fixed never changing thread. ASP.NET by default uses MTA (multi-threaded apartment) threads which are truly free spinning threads that pay no heed to COM object marshaling. This is vastly more efficient than STA threading which has a bit of overhead in determining whether it's OK to run code on a given thread or whether some sort of thread/COM marshaling needs to occur. MTA COM components can be very efficient, but STA COM components in a multi-threaded environment always tend to have a fair amount of overhead. It's amazing how much COM Interop I still see today so while it seems really old school to be talking about this topic, it's actually quite apropos for me as I have many customers using legacy COM systems that need to interface with other .NET applications. In this post I'm consolidating some of the hacks I've used to integrate with various ASP.NET technologies when using STA COM Components. STA in ASP.NET Support for STA threading in the ASP.NET framework is fairly limited. Specifically only the original ASP.NET WebForms technology supports STA threading directly via its STA Page Handler implementation or what you might know as ASPCOMPAT mode. For WebForms running STA components is as easy as specifying the ASPCOMPAT attribute in the @Page tag:<%@ Page Language="C#" AspCompat="true" %> which runs the page in STA mode. Removing it runs in MTA mode. Simple. Unfortunately all other ASP.NET technologies built on top of the core ASP.NET engine do not support STA natively. So if you want to use STA COM components in MVC or with class ASMX Web Services, there's no automatic way like the ASPCOMPAT keyword available. So what happens when you run an STA COM component in an MTA application? In low volume environments - nothing much will happen. The COM objects will appear to work just fine as there are no simultaneous thread interactions and the COM component will happily run on a single thread or multiple single threads one at a time. So for testing running components in MTA environments may appear to work just fine. However as load increases and threads get re-used by ASP.NET COM objects will end up getting created on multiple different threads. This can result in crashes or hangs, or data corruption in the STA components which store their state in thread local storage on the STA thread. If threads overlap this global store can easily get corrupted which in turn causes problems. STA ensures that any COM object instance loaded always stays on the same thread it was instantiated on. What about COM+? COM+ is supposed to address the problem of STA in MTA applications by providing an abstraction with it's own thread pool manager for COM objects. It steps in to the COM instantiation pipeline and hands out COM instances from its own internally maintained STA Thread pool. This guarantees that the COM instantiation threads are STA threads if using STA components. COM+ works, but in my experience the technology is very, very slow for STA components. It adds a ton of overhead and reduces COM performance noticably in load tests in IIS. COM+ can make sense in some situations but for Web apps with STA components it falls short. In addition there's also the need to ensure that COM+ is set up and configured on the target machine and the fact that components have to be registered in COM+. COM+ also keeps components up at all times, so if a component needs to be replaced the COM+ package needs to be unloaded (same is true for IIS hosted components but it's more common to manage that). COM+ is an option for well established components, but native STA support tends to provide better performance and more consistent usability, IMHO. STA for non supporting ASP.NET Technologies As mentioned above only WebForms supports STA natively. However, by utilizing the WebForms ASP.NET Page handler internally it's actually possible to trick various other ASP.NET technologies and let them work with STA components. This is ugly but I've used each of these in various applications and I've had minimal problems making them work with FoxPro STA COM components which is about as dififcult as it gets for COM Interop in .NET. In this post I summarize several STA workarounds that enable you to use STA threading with these ASP.NET Technologies: ASMX Web Services ASP.NET MVC WCF Web Services ASP.NET Web API ASMX Web Services I start with classic ASP.NET ASMX Web Services because it's the easiest mechanism that allows for STA modification. It also clearly demonstrates how the WebForms STA Page Handler is the key technology to enable the various other solutions to create STA components. Essentially the way this works is to override the WebForms Page class and hijack it's init functionality for processing requests. Here's what this looks like for Web Services:namespace FoxProAspNet { public class WebServiceStaHandler : System.Web.UI.Page, IHttpAsyncHandler { protected override void OnInit(EventArgs e) { IHttpHandler handler = new WebServiceHandlerFactory().GetHandler( this.Context, this.Context.Request.HttpMethod, this.Context.Request.FilePath, this.Context.Request.PhysicalPath); handler.ProcessRequest(this.Context); this.Context.ApplicationInstance.CompleteRequest(); } public IAsyncResult BeginProcessRequest( HttpContext context, AsyncCallback cb, object extraData) { return this.AspCompatBeginProcessRequest(context, cb, extraData); } public void EndProcessRequest(IAsyncResult result) { this.AspCompatEndProcessRequest(result); } } public class AspCompatWebServiceStaHandlerWithSessionState : WebServiceStaHandler, IRequiresSessionState { } } This class overrides the ASP.NET WebForms Page class which has a little known AspCompatBeginProcessRequest() and AspCompatEndProcessRequest() method that is responsible for providing the WebForms ASPCOMPAT functionality. These methods handle routing requests to STA threads. Note there are two classes - one that includes session state and one that does not. If you plan on using ASP.NET Session state use the latter class, otherwise stick to the former. This maps to the EnableSessionState page setting in WebForms. This class simply hooks into this functionality by overriding the BeginProcessRequest and EndProcessRequest methods and always forcing it into the AspCompat methods. The way this works is that BeginProcessRequest() fires first to set up the threads and starts intializing the handler. As part of that process the OnInit() method is fired which is now already running on an STA thread. The code then creates an instance of the actual WebService handler factory and calls its ProcessRequest method to start executing which generates the Web Service result. Immediately after ProcessRequest the request is stopped with Application.CompletRequest() which ensures that the rest of the Page handler logic doesn't fire. This means that even though the fairly heavy Page class is overridden here, it doesn't end up executing any of its internal processing which makes this code fairly efficient. In a nutshell, we're highjacking the Page HttpHandler and forcing it to process the WebService process handler in the context of the AspCompat handler behavior. Hooking up the Handler Because the above is an HttpHandler implementation you need to hook up the custom handler and replace the standard ASMX handler. To do this you need to modify the web.config file (here for IIS 7 and IIS Express): <configuration> <system.webServer> <handlers> <remove name="WebServiceHandlerFactory-Integrated-4.0" /> <add name="Asmx STA Web Service Handler" path="*.asmx" verb="*" type="FoxProAspNet.WebServiceStaHandler" precondition="integrated"/> </handlers> </system.webServer> </configuration> (Note: The name for the WebServiceHandlerFactory-Integrated-4.0 might be slightly different depending on your server version. Check the IIS Handler configuration in the IIS Management Console for the exact name or simply remove the handler from the list there which will propagate to your web.config). For IIS 5 & 6 (Windows XP/2003) or the Visual Studio Web Server use:<configuration> <system.web> <httpHandlers> <remove path="*.asmx" verb="*" /> <add path="*.asmx" verb="*" type="FoxProAspNet.WebServiceStaHandler" /> </httpHandlers> </system.web></configuration> To test, create a new ASMX Web Service and create a method like this: [WebService(Namespace = "http://foxaspnet.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] public class FoxWebService : System.Web.Services.WebService { [WebMethod] public string HelloWorld() { return "Hello World. Threading mode is: " + System.Threading.Thread.CurrentThread.GetApartmentState(); } } Run this before you put in the web.config configuration changes and you should get: Hello World. Threading mode is: MTA Then put the handler mapping into Web.config and you should see: Hello World. Threading mode is: STA And you're on your way to using STA COM components. It's a hack but it works well! I've used this with several high volume Web Service installations with various customers and it's been fast and reliable. ASP.NET MVC ASP.NET MVC has quickly become the most popular ASP.NET technology, replacing WebForms for creating HTML output. MVC is more complex to get started with, but once you understand the basic structure of how requests flow through the MVC pipeline it's easy to use and amazingly flexible in manipulating HTML requests. In addition, MVC has great support for non-HTML output sources like JSON and XML, making it an excellent choice for AJAX requests without any additional tools. Unlike WebForms ASP.NET MVC doesn't support STA threads natively and so some trickery is needed to make it work with STA threads as well. MVC gets its handler implementation through custom route handlers using ASP.NET's built in routing semantics. To work in an STA handler requires working in the Page Handler as part of the Route Handler implementation. As with the Web Service handler the first step is to create a custom HttpHandler that can instantiate an MVC request pipeline properly:public class MvcStaThreadHttpAsyncHandler : Page, IHttpAsyncHandler, IRequiresSessionState { private RequestContext _requestContext; public MvcStaThreadHttpAsyncHandler(RequestContext requestContext) { if (requestContext == null) throw new ArgumentNullException("requestContext"); _requestContext = requestContext; } public IAsyncResult BeginProcessRequest(HttpContext context, AsyncCallback cb, object extraData) { return this.AspCompatBeginProcessRequest(context, cb, extraData); } protected override void OnInit(EventArgs e) { var controllerName = _requestContext.RouteData.GetRequiredString("controller"); var controllerFactory = ControllerBuilder.Current.GetControllerFactory(); var controller = controllerFactory.CreateController(_requestContext, controllerName); if (controller == null) throw new InvalidOperationException("Could not find controller: " + controllerName); try { controller.Execute(_requestContext); } finally { controllerFactory.ReleaseController(controller); } this.Context.ApplicationInstance.CompleteRequest(); } public void EndProcessRequest(IAsyncResult result) { this.AspCompatEndProcessRequest(result); } public override void ProcessRequest(HttpContext httpContext) { throw new NotSupportedException("STAThreadRouteHandler does not support ProcessRequest called (only BeginProcessRequest)"); } } This handler code figures out which controller to load and then executes the controller. MVC internally provides the information needed to route to the appropriate method and pass the right parameters. Like the Web Service handler the logic occurs in the OnInit() and performs all the processing in that part of the request. Next, we need a RouteHandler that can actually pick up this handler. Unlike the Web Service handler where we simply registered the handler, MVC requires a RouteHandler to pick up the handler. RouteHandlers look at the URL's path and based on that decide on what handler to invoke. The route handler is pretty simple - all it does is load our custom handler: public class MvcStaThreadRouteHandler : IRouteHandler { public IHttpHandler GetHttpHandler(RequestContext requestContext) { if (requestContext == null) throw new ArgumentNullException("requestContext"); return new MvcStaThreadHttpAsyncHandler(requestContext); } } At this point you can instantiate this route handler and force STA requests to MVC by specifying a route. The following sets up the ASP.NET Default Route:Route mvcRoute = new Route("{controller}/{action}/{id}", new RouteValueDictionary( new { controller = "Home", action = "Index", id = UrlParameter.Optional }), new MvcStaThreadRouteHandler()); RouteTable.Routes.Add(mvcRoute);   To make this code a little easier to work with and mimic the behavior of the routes.MapRoute() functionality extension method that MVC provides, here is an extension method for MapMvcStaRoute(): public static class RouteCollectionExtensions { public static void MapMvcStaRoute(this RouteCollection routeTable, string name, string url, object defaults = null) { Route mvcRoute = new Route(url, new RouteValueDictionary(defaults), new MvcStaThreadRouteHandler()); RouteTable.Routes.Add(mvcRoute); } } With this the syntax to add  route becomes a little easier and matches the MapRoute() method:RouteTable.Routes.MapMvcStaRoute( name: "Default", url: "{controller}/{action}/{id}", defaults: new { controller = "Home", action = "Index", id = UrlParameter.Optional } ); The nice thing about this route handler, STA Handler and extension method is that it's fully self contained. You can put all three into a single class file and stick it into your Web app, and then simply call MapMvcStaRoute() and it just works. Easy! To see whether this works create an MVC controller like this: public class ThreadTestController : Controller { public string ThreadingMode() { return Thread.CurrentThread.GetApartmentState().ToString(); } } Try this test both with only the MapRoute() hookup in the RouteConfiguration in which case you should get MTA as the value. Then change the MapRoute() call to MapMvcStaRoute() leaving all the parameters the same and re-run the request. You now should see STA as the result. You're on your way using STA COM components reliably in ASP.NET MVC. WCF Web Services running through IIS WCF Web Services provide a more robust and wider range of services for Web Services. You can use WCF over HTTP, TCP, and Pipes, and WCF services support WS* secure services. There are many features in WCF that go way beyond what ASMX can do. But it's also a bit more complex than ASMX. As a basic rule if you need to serve straight SOAP Services over HTTP I 'd recommend sticking with the simpler ASMX services especially if COM is involved. If you need WS* support or want to serve data over non-HTTP protocols then WCF makes more sense. WCF is not my forte but I found a solution from Scott Seely on his blog that describes the progress and that seems to work well. I'm copying his code below so this STA information is all in one place and quickly explain. Scott's code basically works by creating a custom OperationBehavior which can be specified via an [STAOperation] attribute on every method. Using his attribute you end up with a class (or Interface if you separate the contract and class) that looks like this: [ServiceContract] public class WcfService { [OperationContract] public string HelloWorldMta() { return Thread.CurrentThread.GetApartmentState().ToString(); } // Make sure you use this custom STAOperationBehavior // attribute to force STA operation of service methods [STAOperationBehavior] [OperationContract] public string HelloWorldSta() { return Thread.CurrentThread.GetApartmentState().ToString(); } } Pretty straight forward. The latter method returns STA while the former returns MTA. To make STA work every method needs to be marked up. The implementation consists of the attribute and OperationInvoker implementation. Here are the two classes required to make this work from Scott's post:public class STAOperationBehaviorAttribute : Attribute, IOperationBehavior { public void AddBindingParameters(OperationDescription operationDescription, System.ServiceModel.Channels.BindingParameterCollection bindingParameters) { } public void ApplyClientBehavior(OperationDescription operationDescription, System.ServiceModel.Dispatcher.ClientOperation clientOperation) { // If this is applied on the client, well, it just doesn’t make sense. // Don’t throw in case this attribute was applied on the contract // instead of the implementation. } public void ApplyDispatchBehavior(OperationDescription operationDescription, System.ServiceModel.Dispatcher.DispatchOperation dispatchOperation) { // Change the IOperationInvoker for this operation. dispatchOperation.Invoker = new STAOperationInvoker(dispatchOperation.Invoker); } public void Validate(OperationDescription operationDescription) { if (operationDescription.SyncMethod == null) { throw new InvalidOperationException("The STAOperationBehaviorAttribute " + "only works for synchronous method invocations."); } } } public class STAOperationInvoker : IOperationInvoker { IOperationInvoker _innerInvoker; public STAOperationInvoker(IOperationInvoker invoker) { _innerInvoker = invoker; } public object[] AllocateInputs() { return _innerInvoker.AllocateInputs(); } public object Invoke(object instance, object[] inputs, out object[] outputs) { // Create a new, STA thread object[] staOutputs = null; object retval = null; Thread thread = new Thread( delegate() { retval = _innerInvoker.Invoke(instance, inputs, out staOutputs); }); thread.SetApartmentState(ApartmentState.STA); thread.Start(); thread.Join(); outputs = staOutputs; return retval; } public IAsyncResult InvokeBegin(object instance, object[] inputs, AsyncCallback callback, object state) { // We don’t handle async… throw new NotImplementedException(); } public object InvokeEnd(object instance, out object[] outputs, IAsyncResult result) { // We don’t handle async… throw new NotImplementedException(); } public bool IsSynchronous { get { return true; } } } The key in this setup is the Invoker and the Invoke method which creates a new thread and then fires the request on this new thread. Because this approach creates a new thread for every request it's not super efficient. There's a bunch of overhead involved in creating the thread and throwing it away after each thread, but it'll work for low volume requests and insure each thread runs in STA mode. If better performance is required it would be useful to create a custom thread manager that can pool a number of STA threads and hand off threads as needed rather than creating new threads on every request. If your Web Service needs are simple and you need only to serve standard SOAP 1.x requests, I would recommend sticking with ASMX services. It's easier to set up and work with and for STA component use it'll be significantly better performing since ASP.NET manages the STA thread pool for you rather than firing new threads for each request. One nice thing about Scotts code is though that it works in any WCF environment including self hosting. It has no dependency on ASP.NET or WebForms for that matter. STA - If you must STA components are a  pain in the ass and thankfully there isn't too much stuff out there anymore that requires it. But when you need it and you need to access STA functionality from .NET at least there are a few options available to make it happen. Each of these solutions is a bit hacky, but they work - I've used all of them in production with good results with FoxPro components. I hope compiling all of these in one place here makes it STA consumption a little bit easier. I feel your pain :-) Resources Download STA Handler Code Examples Scott Seely's original STA WCF OperationBehavior Article© Rick Strahl, West Wind Technologies, 2005-2012Posted in FoxPro   ASP.NET  .NET  COM   Tweet !function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs"); (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

  Read the article

• Toorcon 15 (2013)

  - by danx

  The Toorcon gang (senior staff): h1kari (founder), nfiltr8, and Geo Introduction to Toorcon 15 (2013) A Tale of One Software Bypass of MS Windows 8 Secure Boot Breaching SSL, One Byte at a Time Running at 99%: Surviving an Application DoS Security Response in the Age of Mass Customized Attacks x86 Rewriting: Defeating RoP and other Shinanighans Clowntown Express: interesting bugs and running a bug bounty program Active Fingerprinting of Encrypted VPNs Making Attacks Go Backwards Mask Your Checksums—The Gorry Details Adventures with weird machines thirty years after "Reflections on Trusting Trust" Introduction to Toorcon 15 (2013) Toorcon 15 is the 15th annual security conference held in San Diego. I've attended about a third of them and blogged about previous conferences I attended here starting in 2003. As always, I've only summarized the talks I attended and interested me enough to write about them. Be aware that I may have misrepresented the speaker's remarks and that they are not my remarks or opinion, or those of my employer, so don't quote me or them. Those seeking further details may contact the speakers directly or use The Google. For some talks, I have a URL for further information. A Tale of One Software Bypass of MS Windows 8 Secure Boot Andrew Furtak and Oleksandr Bazhaniuk Yuri Bulygin, Oleksandr ("Alex") Bazhaniuk, and (not present) Andrew Furtak Yuri and Alex talked about UEFI and Bootkits and bypassing MS Windows 8 Secure Boot, with vendor recommendations. They previously gave this talk at the BlackHat 2013 conference. MS Windows 8 Secure Boot Overview UEFI (Unified Extensible Firmware Interface) is interface between hardware and OS. UEFI is processor and architecture independent. Malware can replace bootloader (bootx64.efi, bootmgfw.efi). Once replaced can modify kernel. Trivial to replace bootloader. Today many legacy bootkits—UEFI replaces them most of them. MS Windows 8 Secure Boot verifies everything you load, either through signatures or hashes. UEFI firmware relies on secure update (with signed update). You would think Secure Boot would rely on ROM (such as used for phones0, but you can't do that for PCs—PCs use writable memory with signatures DXE core verifies the UEFI boat loader(s) OS Loader (winload.efi, winresume.efi) verifies the OS kernel A chain of trust is established with a root key (Platform Key, PK), which is a cert belonging to the platform vendor. Key Exchange Keys (KEKs) verify an "authorized" database (db), and "forbidden" database (dbx). X.509 certs with SHA-1/SHA-256 hashes. Keys are stored in non-volatile (NV) flash-based NVRAM. Boot Services (BS) allow adding/deleting keys (can't be accessed once OS starts—which uses Run-Time (RT)). Root cert uses RSA-2048 public keys and PKCS#7 format signatures. SecureBoot — enable disable image signature checks SetupMode — update keys, self-signed keys, and secure boot variables CustomMode — allows updating keys Secure Boot policy settings are: always execute, never execute, allow execute on security violation, defer execute on security violation, deny execute on security violation, query user on security violation Attacking MS Windows 8 Secure Boot Secure Boot does NOT protect from physical access. Can disable from console. Each BIOS vendor implements Secure Boot differently. There are several platform and BIOS vendors. It becomes a "zoo" of implementations—which can be taken advantage of. Secure Boot is secure only when all vendors implement it correctly. Allow only UEFI firmware signed updates protect UEFI firmware from direct modification in flash memory protect FW update components program SPI controller securely protect secure boot policy settings in nvram protect runtime api disable compatibility support module which allows unsigned legacy Can corrupt the Platform Key (PK) EFI root certificate variable in SPI flash. If PK is not found, FW enters setup mode wich secure boot turned off. Can also exploit TPM in a similar manner. One is not supposed to be able to directly modify the PK in SPI flash from the OS though. But they found a bug that they can exploit from User Mode (undisclosed) and demoed the exploit. It loaded and ran their own bootkit. The exploit requires a reboot. Multiple vendors are vulnerable. They will disclose this exploit to vendors in the future. Recommendations: allow only signed updates protect UEFI fw in ROM protect EFI variable store in ROM Breaching SSL, One Byte at a Time Yoel Gluck and Angelo Prado Angelo Prado and Yoel Gluck, Salesforce.com CRIME is software that performs a "compression oracle attack." This is possible because the SSL protocol doesn't hide length, and because SSL compresses the header. CRIME requests with every possible character and measures the ciphertext length. Look for the plaintext which compresses the most and looks for the cookie one byte-at-a-time. SSL Compression uses LZ77 to reduce redundancy. Huffman coding replaces common byte sequences with shorter codes. US CERT thinks the SSL compression problem is fixed, but it isn't. They convinced CERT that it wasn't fixed and they issued a CVE. BREACH, breachattrack.com BREACH exploits the SSL response body (Accept-Encoding response, Content-Encoding). It takes advantage of the fact that the response is not compressed. BREACH uses gzip and needs fairly "stable" pages that are static for ~30 seconds. It needs attacker-supplied content (say from a web form or added to a URL parameter). BREACH listens to a session's requests and responses, then inserts extra requests and responses. Eventually, BREACH guesses a session's secret key. Can use compression to guess contents one byte at-a-time. For example, "Supersecret SupersecreX" (a wrong guess) compresses 10 bytes, and "Supersecret Supersecret" (a correct guess) compresses 11 bytes, so it can find each character by guessing every character. To start the guess, BREACH needs at least three known initial characters in the response sequence. Compression length then "leaks" information. Some roadblocks include no winners (all guesses wrong) or too many winners (multiple possibilities that compress the same). The solutions include: lookahead (guess 2 or 3 characters at-a-time instead of 1 character). Expensive rollback to last known conflict check compression ratio can brute-force first 3 "bootstrap" characters, if needed (expensive) block ciphers hide exact plain text length. Solution is to align response in advance to block size Mitigations length: use variable padding secrets: dynamic CSRF tokens per request secret: change over time separate secret to input-less servlets Future work eiter understand DEFLATE/GZIP HTTPS extensions Running at 99%: Surviving an Application DoS Ryan Huber Ryan Huber, Risk I/O Ryan first discussed various ways to do a denial of service (DoS) attack against web services. One usual method is to find a slow web page and do several wgets. Or download large files. Apache is not well suited at handling a large number of connections, but one can put something in front of it Can use Apache alternatives, such as nginx How to identify malicious hosts short, sudden web requests user-agent is obvious (curl, python) same url requested repeatedly no web page referer (not normal) hidden links. hide a link and see if a bot gets it restricted access if not your geo IP (unless the website is global) missing common headers in request regular timing first seen IP at beginning of attack count requests per hosts (usually a very large number) Use of captcha can mitigate attacks, but you'll lose a lot of genuine users. Bouncer, goo.gl/c2vyEc and www.github.com/rawdigits/Bouncer Bouncer is software written by Ryan in netflow. Bouncer has a small, unobtrusive footprint and detects DoS attempts. It closes blacklisted sockets immediately (not nice about it, no proper close connection). Aggregator collects requests and controls your web proxies. Need NTP on the front end web servers for clean data for use by bouncer. Bouncer is also useful for a popularity storm ("Slashdotting") and scraper storms. Future features: gzip collection data, documentation, consumer library, multitask, logging destroyed connections. Takeaways: DoS mitigation is easier with a complete picture Bouncer designed to make it easier to detect and defend DoS—not a complete cure Security Response in the Age of Mass Customized Attacks Peleus Uhley and Karthik Raman Peleus Uhley and Karthik Raman, Adobe ASSET, blogs.adobe.com/asset/ Peleus and Karthik talked about response to mass-customized exploits. Attackers behave much like a business. "Mass customization" refers to concept discussed in the book Future Perfect by Stan Davis of Harvard Business School. Mass customization is differentiating a product for an individual customer, but at a mass production price. For example, the same individual with a debit card receives basically the same customized ATM experience around the world. Or designing your own PC from commodity parts. Exploit kits are another example of mass customization. The kits support multiple browsers and plugins, allows new modules. Exploit kits are cheap and customizable. Organized gangs use exploit kits. A group at Berkeley looked at 77,000 malicious websites (Grier et al., "Manufacturing Compromise: The Emergence of Exploit-as-a-Service", 2012). They found 10,000 distinct binaries among them, but derived from only a dozen or so exploit kits. Characteristics of Mass Malware: potent, resilient, relatively low cost Technical characteristics: multiple OS, multipe payloads, multiple scenarios, multiple languages, obfuscation Response time for 0-day exploits has gone down from ~40 days 5 years ago to about ~10 days now. So the drive with malware is towards mass customized exploits, to avoid detection There's plenty of evicence that exploit development has Project Manager bureaucracy. They infer from the malware edicts to: support all versions of reader support all versions of windows support all versions of flash support all browsers write large complex, difficult to main code (8750 lines of JavaScript for example Exploits have "loose coupling" of multipe versions of software (adobe), OS, and browser. This allows specific attacks against specific versions of multiple pieces of software. Also allows exploits of more obscure software/OS/browsers and obscure versions. Gave examples of exploits that exploited 2, 3, 6, or 14 separate bugs. However, these complete exploits are more likely to be buggy or fragile in themselves and easier to defeat. Future research includes normalizing malware and Javascript. Conclusion: The coming trend is that mass-malware with mass zero-day attacks will result in mass customization of attacks. x86 Rewriting: Defeating RoP and other Shinanighans Richard Wartell Richard Wartell The attack vector we are addressing here is: First some malware causes a buffer overflow. The malware has no program access, but input access and buffer overflow code onto stack Later the stack became non-executable. The workaround malware used was to write a bogus return address to the stack jumping to malware Later came ASLR (Address Space Layout Randomization) to randomize memory layout and make addresses non-deterministic. The workaround malware used was to jump t existing code segments in the program that can be used in bad ways "RoP" is Return-oriented Programming attacks. RoP attacks use your own code and write return address on stack to (existing) expoitable code found in program ("gadgets"). Pinkie Pie was paid $60K last year for a RoP attack. One solution is using anti-RoP compilers that compile source code with NO return instructions. ASLR does not randomize address space, just "gadgets". IPR/ILR ("Instruction Location Randomization") randomizes each instruction with a virtual machine. Richard's goal was to randomize a binary with no source code access. He created "STIR" (Self-Transofrming Instruction Relocation). STIR disassembles binary and operates on "basic blocks" of code. The STIR disassembler is conservative in what to disassemble. Each basic block is moved to a random location in memory. Next, STIR writes new code sections with copies of "basic blocks" of code in randomized locations. The old code is copied and rewritten with jumps to new code. the original code sections in the file is marked non-executible. STIR has better entropy than ASLR in location of code. Makes brute force attacks much harder. STIR runs on MS Windows (PEM) and Linux (ELF). It eliminated 99.96% or more "gadgets" (i.e., moved the address). Overhead usually 5-10% on MS Windows, about 1.5-4% on Linux (but some code actually runs faster!). The unique thing about STIR is it requires no source access and the modified binary fully works! Current work is to rewrite code to enforce security policies. For example, don't create a *.{exe,msi,bat} file. Or don't connect to the network after reading from the disk. Clowntown Express: interesting bugs and running a bug bounty program Collin Greene Collin Greene, Facebook Collin talked about Facebook's bug bounty program. Background at FB: FB has good security frameworks, such as security teams, external audits, and cc'ing on diffs. But there's lots of "deep, dark, forgotten" parts of legacy FB code. Collin gave several examples of bountied bugs. Some bounty submissions were on software purchased from a third-party (but bounty claimers don't know and don't care). We use security questions, as does everyone else, but they are basically insecure (often easily discoverable). Collin didn't expect many bugs from the bounty program, but they ended getting 20+ good bugs in first 24 hours and good submissions continue to come in. Bug bounties bring people in with different perspectives, and are paid only for success. Bug bounty is a better use of a fixed amount of time and money versus just code review or static code analysis. The Bounty program started July 2011 and paid out $1.5 million to date. 14% of the submissions have been high priority problems that needed to be fixed immediately. The best bugs come from a small % of submitters (as with everything else)—the top paid submitters are paid 6 figures a year. Spammers like to backstab competitors. The youngest sumitter was 13. Some submitters have been hired. Bug bounties also allows to see bugs that were missed by tools or reviews, allowing improvement in the process. Bug bounties might not work for traditional software companies where the product has release cycle or is not on Internet. Active Fingerprinting of Encrypted VPNs Anna Shubina Anna Shubina, Dartmouth Institute for Security, Technology, and Society (I missed the start of her talk because another track went overtime. But I have the DVD of the talk, so I'll expand later) IPsec leaves fingerprints. Using netcat, one can easily visually distinguish various crypto chaining modes just from packet timing on a chart (example, DES-CBC versus AES-CBC) One can tell a lot about VPNs just from ping roundtrips (such as what router is used) Delayed packets are not informative about a network, especially if far away from the network More needed to explore about how TCP works in real life with respect to timing Making Attacks Go Backwards Fuzzynop FuzzyNop, Mandiant This talk is not about threat attribution (finding who), product solutions, politics, or sales pitches. But who are making these malware threats? It's not a single person or group—they have diverse skill levels. There's a lot of fat-fingered fumblers out there. Always look for low-hanging fruit first: "hiding" malware in the temp, recycle, or root directories creation of unnamed scheduled tasks obvious names of files and syscalls ("ClearEventLog") uncleared event logs. Clearing event log in itself, and time of clearing, is a red flag and good first clue to look for on a suspect system Reverse engineering is hard. Disassembler use takes practice and skill. A popular tool is IDA Pro, but it takes multiple interactive iterations to get a clean disassembly. Key loggers are used a lot in targeted attacks. They are typically custom code or built in a backdoor. A big tip-off is that non-printable characters need to be printed out (such as "[Ctrl]" "[RightShift]") or time stamp printf strings. Look for these in files. Presence is not proof they are used. Absence is not proof they are not used. Java exploits. Can parse jar file with idxparser.py and decomile Java file. Java typially used to target tech companies. Backdoors are the main persistence mechanism (provided externally) for malware. Also malware typically needs command and control. Application of Artificial Intelligence in Ad-Hoc Static Code Analysis John Ashaman John Ashaman, Security Innovation Initially John tried to analyze open source files with open source static analysis tools, but these showed thousands of false positives. Also tried using grep, but tis fails to find anything even mildly complex. So next John decided to write his own tool. His approach was to first generate a call graph then analyze the graph. However, the problem is that making a call graph is really hard. For example, one problem is "evil" coding techniques, such as passing function pointer. First the tool generated an Abstract Syntax Tree (AST) with the nodes created from method declarations and edges created from method use. Then the tool generated a control flow graph with the goal to find a path through the AST (a maze) from source to sink. The algorithm is to look at adjacent nodes to see if any are "scary" (a vulnerability), using heuristics for search order. The tool, called "Scat" (Static Code Analysis Tool), currently looks for C# vulnerabilities and some simple PHP. Later, he plans to add more PHP, then JSP and Java. For more information see his posts in Security Innovation blog and NRefactory on GitHub. Mask Your Checksums—The Gorry Details Eric (XlogicX) Davisson Eric (XlogicX) Davisson Sometimes in emailing or posting TCP/IP packets to analyze problems, you may want to mask the IP address. But to do this correctly, you need to mask the checksum too, or you'll leak information about the IP. Problem reports found in stackoverflow.com, sans.org, and pastebin.org are usually not masked, but a few companies do care. If only the IP is masked, the IP may be guessed from checksum (that is, it leaks data). Other parts of packet may leak more data about the IP. TCP and IP checksums both refer to the same data, so can get more bits of information out of using both checksums than just using one checksum. Also, one can usually determine the OS from the TTL field and ports in a packet header. If we get hundreds of possible results (16x each masked nibble that is unknown), one can do other things to narrow the results, such as look at packet contents for domain or geo information. With hundreds of results, can import as CSV format into a spreadsheet. Can corelate with geo data and see where each possibility is located. Eric then demoed a real email report with a masked IP packet attached. Was able to find the exact IP address, given the geo and university of the sender. Point is if you're going to mask a packet, do it right. Eric wouldn't usually bother, but do it correctly if at all, to not create a false impression of security. Adventures with weird machines thirty years after "Reflections on Trusting Trust" Sergey Bratus Sergey Bratus, Dartmouth College (and Julian Bangert and Rebecca Shapiro, not present) "Reflections on Trusting Trust" refers to Ken Thompson's classic 1984 paper. "You can't trust code that you did not totally create yourself." There's invisible links in the chain-of-trust, such as "well-installed microcode bugs" or in the compiler, and other planted bugs. Thompson showed how a compiler can introduce and propagate bugs in unmodified source. But suppose if there's no bugs and you trust the author, can you trust the code? Hell No! There's too many factors—it's Babylonian in nature. Why not? Well, Input is not well-defined/recognized (code's assumptions about "checked" input will be violated (bug/vunerabiliy). For example, HTML is recursive, but Regex checking is not recursive. Input well-formed but so complex there's no telling what it does For example, ELF file parsing is complex and has multiple ways of parsing. Input is seen differently by different pieces of program or toolchain Any Input is a program input executes on input handlers (drives state changes & transitions) only a well-defined execution model can be trusted (regex/DFA, PDA, CFG) Input handler either is a "recognizer" for the inputs as a well-defined language (see langsec.org) or it's a "virtual machine" for inputs to drive into pwn-age ELF ABI (UNIX/Linux executible file format) case study. Problems can arise from these steps (without planting bugs): compiler linker loader ld.so/rtld relocator DWARF (debugger info) exceptions The problem is you can't really automatically analyze code (it's the "halting problem" and undecidable). Only solution is to freeze code and sign it. But you can't freeze everything! Can't freeze ASLR or loading—must have tables and metadata. Any sufficiently complex input data is the same as VM byte code Example, ELF relocation entries + dynamic symbols == a Turing Complete Machine (TM). @bxsays created a Turing machine in Linux from relocation data (not code) in an ELF file. For more information, see Rebecca "bx" Shapiro's presentation from last year's Toorcon, "Programming Weird Machines with ELF Metadata" @bxsays did same thing with Mach-O bytecode Or a DWARF exception handling data .eh_frame + glibc == Turning Machine X86 MMU (IDT, GDT, TSS): used address translation to create a Turning Machine. Page handler reads and writes (on page fault) memory. Uses a page table, which can be used as Turning Machine byte code. Example on Github using this TM that will fly a glider across the screen Next Sergey talked about "Parser Differentials". That having one input format, but two parsers, will create confusion and opportunity for exploitation. For example, CSRs are parsed during creation by cert requestor and again by another parser at the CA. Another example is ELF—several parsers in OS tool chain, which are all different. Can have two different Program Headers (PHDRs) because ld.so parses multiple PHDRs. The second PHDR can completely transform the executable. This is described in paper in the first issue of International Journal of PoC. Conclusions trusting computers not only about bugs! Bugs are part of a problem, but no by far all of it complex data formats means bugs no "chain of trust" in Babylon! (that is, with parser differentials) we need to squeeze complexity out of data until data stops being "code equivalent" Further information See and langsec.org. USENIX WOOT 2013 (Workshop on Offensive Technologies) for "weird machines" papers and videos.

  Read the article

• Ancillary Objects: Separate Debug ELF Files For Solaris

  - by Ali Bahrami

  We introduced a new object ELF object type in Solaris 11 Update 1 called the Ancillary Object. This posting describes them, using material originally written during their development, the PSARC arc case, and the Solaris Linker and Libraries Manual. ELF objects contain allocable sections, which are mapped into memory at runtime, and non-allocable sections, which are present in the file for use by debuggers and observability tools, but which are not mapped or used at runtime. Typically, all of these sections exist within a single object file. Ancillary objects allow them to instead go into a separate file. There are different reasons given for wanting such a feature. One can debate whether the added complexity is worth the benefit, and in most cases it is not. However, one important case stands out — customers with very large 32-bit objects who are not ready or able to make the transition to 64-bits. We have customers who build extremely large 32-bit objects. Historically, the debug sections in these objects have used the stabs format, which is limited, but relatively compact. In recent years, the industry has transitioned to the powerful but verbose DWARF standard. In some cases, the size of these debug sections is large enough to push the total object file size past the fundamental 4GB limit for 32-bit ELF object files. The best, and ultimately only, solution to overly large objects is to transition to 64-bits. However, consider environments where: Hundreds of users may be executing the code on large shared systems. (32-bits use less memory and bus bandwidth, and on sparc runs just as fast as 64-bit code otherwise). Complex finely tuned code, where the original authors may no longer be available. Critical production code, that was expensive to qualify and bring online, and which is otherwise serving its intended purpose without issue. Users in these risk adverse and/or high scale categories have good reasons to push 32-bits objects to the limit before moving on. Ancillary objects offer these users a longer runway. Design The design of ancillary objects is intended to be simple, both to help human understanding when examining elfdump output, and to lower the bar for debuggers such as dbx to support them. The primary and ancillary objects have the same set of section headers, with the same names, in the same order (i.e. each section has the same index in both files). A single added section of type SHT_SUNW_ANCILLARY is added to both objects, containing information that allows a debugger to identify and validate both files relative to each other. Given one of these files, the ancillary section allows you to identify the other. Allocable sections go in the primary object, and non-allocable ones go into the ancillary object. A small set of non-allocable objects, notably the symbol table, are copied into both objects. As noted above, most sections are only written to one of the two objects, but both objects have the same section header array. The section header in the file that does not contain the section data is tagged with the SHF_SUNW_ABSENT section header flag to indicate its placeholder status. Compiler writers and others who produce objects can set the SUNW_SHF_PRIMARY section header flag to mark non-allocable sections that should go to the primary object rather than the ancillary. If you don't request an ancillary object, the Solaris ELF format is unchanged. Users who don't use ancillary objects do not pay for the feature. This is important, because they exist to serve a small subset of our users, and must not complicate the common case. If you do request an ancillary object, the runtime behavior of the primary object will be the same as that of a normal object. There is no added runtime cost. The primary and ancillary object together represent a logical single object. This is facilitated by the use of a single set of section headers. One can easily imagine a tool that can merge a primary and ancillary object into a single file, or the reverse. (Note that although this is an interesting intellectual exercise, we don't actually supply such a tool because there's little practical benefit above and beyond using ld to create the files). Among the benefits of this approach are: There is no need for per-file symbol tables to reflect the contents of each file. The same symbol table that would be produced for a standard object can be used. The section contents are identical in either case — there is no need to alter data to accommodate multiple files. It is very easy for a debugger to adapt to these new files, and the processing involved can be encapsulated in input/output routines. Most of the existing debugger implementation applies without modification. The limit of a 4GB 32-bit output object is now raised to 4GB of code, and 4GB of debug data. There is also the future possibility (not currently supported) to support multiple ancillary objects, each of which could contain up to 4GB of additional debug data. It must be noted however that the 32-bit DWARF debug format is itself inherently 32-bit limited, as it uses 32-bit offsets between debug sections, so the ability to employ multiple ancillary object files may not turn out to be useful. Using Ancillary Objects (From the Solaris Linker and Libraries Guide) By default, objects contain both allocable and non-allocable sections. Allocable sections are the sections that contain executable code and the data needed by that code at runtime. Non-allocable sections contain supplemental information that is not required to execute an object at runtime. These sections support the operation of debuggers and other observability tools. The non-allocable sections in an object are not loaded into memory at runtime by the operating system, and so, they have no impact on memory use or other aspects of runtime performance no matter their size. For convenience, both allocable and non-allocable sections are normally maintained in the same file. However, there are situations in which it can be useful to separate these sections. To reduce the size of objects in order to improve the speed at which they can be copied across wide area networks. To support fine grained debugging of highly optimized code requires considerable debug data. In modern systems, the debugging data can easily be larger than the code it describes. The size of a 32-bit object is limited to 4 Gbytes. In very large 32-bit objects, the debug data can cause this limit to be exceeded and prevent the creation of the object. To limit the exposure of internal implementation details. Traditionally, objects have been stripped of non-allocable sections in order to address these issues. Stripping is effective, but destroys data that might be needed later. The Solaris link-editor can instead write non-allocable sections to an ancillary object. This feature is enabled with the -z ancillary command line option. $ ld ... -z ancillary[=outfile] ...By default, the ancillary file is given the same name as the primary output object, with a .anc file extension. However, a different name can be provided by providing an outfile value to the -z ancillary option. When -z ancillary is specified, the link-editor performs the following actions. All allocable sections are written to the primary object. In addition, all non-allocable sections containing one or more input sections that have the SHF_SUNW_PRIMARY section header flag set are written to the primary object. All remaining non-allocable sections are written to the ancillary object. The following non-allocable sections are written to both the primary object and ancillary object. .shstrtab The section name string table. .symtab The full non-dynamic symbol table. .symtab_shndx The symbol table extended index section associated with .symtab. .strtab The non-dynamic string table associated with .symtab. .SUNW_ancillary Contains the information required to identify the primary and ancillary objects, and to identify the object being examined. The primary object and all ancillary objects contain the same array of sections headers. Each section has the same section index in every file. Although the primary and ancillary objects all define the same section headers, the data for most sections will be written to a single file as described above. If the data for a section is not present in a given file, the SHF_SUNW_ABSENT section header flag is set, and the sh_size field is 0. This organization makes it possible to acquire a full list of section headers, a complete symbol table, and a complete list of the primary and ancillary objects from either of the primary or ancillary objects. The following example illustrates the underlying implementation of ancillary objects. An ancillary object is created by adding the -z ancillary command line option to an otherwise normal compilation. The file utility shows that the result is an executable named a.out, and an associated ancillary object named a.out.anc. $ cat hello.c #include <stdio.h> int main(int argc, char **argv) { (void) printf("hello, world\n"); return (0); } $ cc -g -zancillary hello.c $ file a.out a.out.anc a.out: ELF 32-bit LSB executable 80386 Version 1 [FPU], dynamically linked, not stripped, ancillary object a.out.anc a.out.anc: ELF 32-bit LSB ancillary 80386 Version 1, primary object a.out $ ./a.out hello worldThe resulting primary object is an ordinary executable that can be executed in the usual manner. It is no different at runtime than an executable built without the use of ancillary objects, and then stripped of non-allocable content using the strip or mcs commands. As previously described, the primary object and ancillary objects contain the same section headers. To see how this works, it is helpful to use the elfdump utility to display these section headers and compare them. The following table shows the section header information for a selection of headers from the previous link-edit example. Index Section Name Type Primary Flags Ancillary Flags Primary Size Ancillary Size 13 .text PROGBITS ALLOC EXECINSTR ALLOC EXECINSTR SUNW_ABSENT 0x131 0 20 .data PROGBITS WRITE ALLOC WRITE ALLOC SUNW_ABSENT 0x4c 0 21 .symtab SYMTAB 0 0 0x450 0x450 22 .strtab STRTAB STRINGS STRINGS 0x1ad 0x1ad 24 .debug_info PROGBITS SUNW_ABSENT 0 0 0x1a7 28 .shstrtab STRTAB STRINGS STRINGS 0x118 0x118 29 .SUNW_ancillary SUNW_ancillary 0 0 0x30 0x30 The data for most sections is only present in one of the two files, and absent from the other file. The SHF_SUNW_ABSENT section header flag is set when the data is absent. The data for allocable sections needed at runtime are found in the primary object. The data for non-allocable sections used for debugging but not needed at runtime are placed in the ancillary file. A small set of non-allocable sections are fully present in both files. These are the .SUNW_ancillary section used to relate the primary and ancillary objects together, the section name string table .shstrtab, as well as the symbol table.symtab, and its associated string table .strtab. It is possible to strip the symbol table from the primary object. A debugger that encounters an object without a symbol table can use the .SUNW_ancillary section to locate the ancillary object, and access the symbol contained within. The primary object, and all associated ancillary objects, contain a .SUNW_ancillary section that allows all the objects to be identified and related together. $ elfdump -T SUNW_ancillary a.out a.out.anc a.out: Ancillary Section: .SUNW_ancillary index tag value [0] ANC_SUNW_CHECKSUM 0x8724 [1] ANC_SUNW_MEMBER 0x1 a.out [2] ANC_SUNW_CHECKSUM 0x8724 [3] ANC_SUNW_MEMBER 0x1a3 a.out.anc [4] ANC_SUNW_CHECKSUM 0xfbe2 [5] ANC_SUNW_NULL 0 a.out.anc: Ancillary Section: .SUNW_ancillary index tag value [0] ANC_SUNW_CHECKSUM 0xfbe2 [1] ANC_SUNW_MEMBER 0x1 a.out [2] ANC_SUNW_CHECKSUM 0x8724 [3] ANC_SUNW_MEMBER 0x1a3 a.out.anc [4] ANC_SUNW_CHECKSUM 0xfbe2 [5] ANC_SUNW_NULL 0 The ancillary sections for both objects contain the same number of elements, and are identical except for the first element. Each object, starting with the primary object, is introduced with a MEMBER element that gives the file name, followed by a CHECKSUM that identifies the object. In this example, the primary object is a.out, and has a checksum of 0x8724. The ancillary object is a.out.anc, and has a checksum of 0xfbe2. The first element in a .SUNW_ancillary section, preceding the MEMBER element for the primary object, is always a CHECKSUM element, containing the checksum for the file being examined. The presence of a .SUNW_ancillary section in an object indicates that the object has associated ancillary objects. The names of the primary and all associated ancillary objects can be obtained from the ancillary section from any one of the files. It is possible to determine which file is being examined from the larger set of files by comparing the first checksum value to the checksum of each member that follows. Debugger Access and Use of Ancillary Objects Debuggers and other observability tools must merge the information found in the primary and ancillary object files in order to build a complete view of the object. This is equivalent to processing the information from a single file. This merging is simplified by the primary object and ancillary objects containing the same section headers, and a single symbol table. The following steps can be used by a debugger to assemble the information contained in these files. Starting with the primary object, or any of the ancillary objects, locate the .SUNW_ancillary section. The presence of this section identifies the object as part of an ancillary group, contains information that can be used to obtain a complete list of the files and determine which of those files is the one currently being examined. Create a section header array in memory, using the section header array from the object being examined as an initial template. Open and read each file identified by the .SUNW_ancillary section in turn. For each file, fill in the in-memory section header array with the information for each section that does not have the SHF_SUNW_ABSENT flag set. The result will be a complete in-memory copy of the section headers with pointers to the data for all sections. Once this information has been acquired, the debugger can proceed as it would in the single file case, to access and control the running program. Note - The ELF definition of ancillary objects provides for a single primary object, and an arbitrary number of ancillary objects. At this time, the Oracle Solaris link-editor only produces a single ancillary object containing all non-allocable sections. This may change in the future. Debuggers and other observability tools should be written to handle the general case of multiple ancillary objects. ELF Implementation Details (From the Solaris Linker and Libraries Guide) To implement ancillary objects, it was necessary to extend the ELF format to add a new object type (ET_SUNW_ANCILLARY), a new section type (SHT_SUNW_ANCILLARY), and 2 new section header flags (SHF_SUNW_ABSENT, SHF_SUNW_PRIMARY). In this section, I will detail these changes, in the form of diffs to the Solaris Linker and Libraries manual. Part IV ELF Application Binary Interface Chapter 13: Object File Format Object File Format Edit Note: This existing section at the beginning of the chapter describes the ELF header. There's a table of object file types, which now includes the new ET_SUNW_ANCILLARY type. e_type Identifies the object file type, as listed in the following table. NameValueMeaning ET_NONE0No file type ET_REL1Relocatable file ET_EXEC2Executable file ET_DYN3Shared object file ET_CORE4Core file ET_LOSUNW0xfefeStart operating system specific range ET_SUNW_ANCILLARY0xfefeAncillary object file ET_HISUNW0xfefdEnd operating system specific range ET_LOPROC0xff00Start processor-specific range ET_HIPROC0xffffEnd processor-specific range Sections Edit Note: This overview section defines the section header structure, and provides a high level description of known sections. It was updated to define the new SHF_SUNW_ABSENT and SHF_SUNW_PRIMARY flags and the new SHT_SUNW_ANCILLARY section. ... sh_type Categorizes the section's contents and semantics. Section types and their descriptions are listed in Table 13-5. sh_flags Sections support 1-bit flags that describe miscellaneous attributes. Flag definitions are listed in Table 13-8. ... Table 13-5 ELF Section Types, sh_type NameValue . . . SHT_LOSUNW0x6fffffee SHT_SUNW_ancillary0x6fffffee . . . ... SHT_LOSUNW - SHT_HISUNW Values in this inclusive range are reserved for Oracle Solaris OS semantics. SHT_SUNW_ANCILLARY Present when a given object is part of a group of ancillary objects. Contains information required to identify all the files that make up the group. See Ancillary Section. ... Table 13-8 ELF Section Attribute Flags NameValue . . . SHF_MASKOS0x0ff00000 SHF_SUNW_NODISCARD0x00100000 SHF_SUNW_ABSENT0x00200000 SHF_SUNW_PRIMARY0x00400000 SHF_MASKPROC0xf0000000 . . . ... SHF_SUNW_ABSENT Indicates that the data for this section is not present in this file. When ancillary objects are created, the primary object and any ancillary objects, will all have the same section header array, to facilitate merging them to form a complete view of the object, and to allow them to use the same symbol tables. Each file contains a subset of the section data. The data for allocable sections is written to the primary object while the data for non-allocable sections is written to an ancillary file. The SHF_SUNW_ABSENT flag is used to indicate that the data for the section is not present in the object being examined. When the SHF_SUNW_ABSENT flag is set, the sh_size field of the section header must be 0. An application encountering an SHF_SUNW_ABSENT section can choose to ignore the section, or to search for the section data within one of the related ancillary files. SHF_SUNW_PRIMARY The default behavior when ancillary objects are created is to write all allocable sections to the primary object and all non-allocable sections to the ancillary objects. The SHF_SUNW_PRIMARY flag overrides this behavior. Any output section containing one more input section with the SHF_SUNW_PRIMARY flag set is written to the primary object without regard for its allocable status. ... Two members in the section header, sh_link, and sh_info, hold special information, depending on section type. Table 13-9 ELF sh_link and sh_info Interpretation sh_typesh_linksh_info . . . SHT_SUNW_ANCILLARY The section header index of the associated string table. 0 . . . Special Sections Edit Note: This section describes the sections used in Solaris ELF objects, using the types defined in the previous description of section types. It was updated to define the new .SUNW_ancillary (SHT_SUNW_ANCILLARY) section. Various sections hold program and control information. Sections in the following table are used by the system and have the indicated types and attributes. Table 13-10 ELF Special Sections NameTypeAttribute . . . .SUNW_ancillarySHT_SUNW_ancillaryNone . . . ... .SUNW_ancillary Present when a given object is part of a group of ancillary objects. Contains information required to identify all the files that make up the group. See Ancillary Section for details. ... Ancillary Section Edit Note: This new section provides the format reference describing the layout of a .SUNW_ancillary section and the meaning of the various tags. Note that these sections use the same tag/value concept used for dynamic and capabilities sections, and will be familiar to anyone used to working with ELF. In addition to the primary output object, the Solaris link-editor can produce one or more ancillary objects. Ancillary objects contain non-allocable sections that would normally be written to the primary object. When ancillary objects are produced, the primary object and all of the associated ancillary objects contain a SHT_SUNW_ancillary section, containing information that identifies these related objects. Given any one object from such a group, the ancillary section provides the information needed to identify and interpret the others. This section contains an array of the following structures. See sys/elf.h. typedef struct { Elf32_Word a_tag; union { Elf32_Word a_val; Elf32_Addr a_ptr; } a_un; } Elf32_Ancillary; typedef struct { Elf64_Xword a_tag; union { Elf64_Xword a_val; Elf64_Addr a_ptr; } a_un; } Elf64_Ancillary; For each object with this type, a_tag controls the interpretation of a_un. a_val These objects represent integer values with various interpretations. a_ptr These objects represent file offsets or addresses. The following ancillary tags exist. Table 13-NEW1 ELF Ancillary Array Tags NameValuea_un ANC_SUNW_NULL0Ignored ANC_SUNW_CHECKSUM1a_val ANC_SUNW_MEMBER2a_ptr ANC_SUNW_NULL Marks the end of the ancillary section. ANC_SUNW_CHECKSUM Provides the checksum for a file in the c_val element. When ANC_SUNW_CHECKSUM precedes the first instance of ANC_SUNW_MEMBER, it provides the checksum for the object from which the ancillary section is being read. When it follows an ANC_SUNW_MEMBER tag, it provides the checksum for that member. ANC_SUNW_MEMBER Specifies an object name. The a_ptr element contains the string table offset of a null-terminated string, that provides the file name. An ancillary section must always contain an ANC_SUNW_CHECKSUM before the first instance of ANC_SUNW_MEMBER, identifying the current object. Following that, there should be an ANC_SUNW_MEMBER for each object that makes up the complete set of objects. Each ANC_SUNW_MEMBER should be followed by an ANC_SUNW_CHECKSUM for that object. A typical ancillary section will therefore be structured as: TagMeaning ANC_SUNW_CHECKSUMChecksum of this object ANC_SUNW_MEMBERName of object #1 ANC_SUNW_CHECKSUMChecksum for object #1 . . . ANC_SUNW_MEMBERName of object N ANC_SUNW_CHECKSUMChecksum for object N ANC_SUNW_NULL An object can therefore identify itself by comparing the initial ANC_SUNW_CHECKSUM to each of the ones that follow, until it finds a match. Related Other Work The GNU developers have also encountered the need/desire to support separate debug information files, and use the solution detailed at http://sourceware.org/gdb/onlinedocs/gdb/Separate-Debug-Files.html. At the current time, the separate debug file is constructed by building the standard object first, and then copying the debug data out of it in a separate post processing step, Hence, it is limited to a total of 4GB of code and debug data, just as a single object file would be. They are aware of this, and I have seen online comments indicating that they may add direct support for generating these separate files to their link-editor. It is worth noting that the GNU objcopy utility is available on Solaris, and that the Studio dbx debugger is able to use these GNU style separate debug files even on Solaris. Although this is interesting in terms giving Linux users a familiar environment on Solaris, the 4GB limit means it is not an answer to the problem of very large 32-bit objects. We have also encountered issues with objcopy not understanding Solaris-specific ELF sections, when using this approach. The GNU community also has a current effort to adapt their DWARF debug sections in order to move them to separate files before passing the relocatable objects to the linker. The details of Project Fission can be found at http://gcc.gnu.org/wiki/DebugFission. The goal of this project appears to be to reduce the amount of data seen by the link-editor. The primary effort revolves around moving DWARF data to separate .dwo files so that the link-editor never encounters them. The details of modifying the DWARF data to be usable in this form are involved — please see the above URL for details.

  Read the article

• Using TPL and PLINQ to raise performance of feed aggregator

  - by DigiMortal

  In this posting I will show you how to use Task Parallel Library (TPL) and PLINQ features to boost performance of simple RSS-feed aggregator. I will use here only very basic .NET classes that almost every developer starts from when learning parallel programming. Of course, we will also measure how every optimization affects performance of feed aggregator. Feed aggregator Our feed aggregator works as follows: Load list of blogs Download RSS-feed Parse feed XML Add new posts to database Our feed aggregator is run by task scheduler after every 15 minutes by example. We will start our journey with serial implementation of feed aggregator. Second step is to use task parallelism and parallelize feeds downloading and parsing. And our last step is to use data parallelism to parallelize database operations. We will use Stopwatch class to measure how much time it takes for aggregator to download and insert all posts from all registered blogs. After every run we empty posts table in database. Serial aggregation Before doing parallel stuff let’s take a look at serial implementation of feed aggregator. All tasks happen one after other. internal class FeedClient {     private readonly INewsService _newsService;     private const int FeedItemContentMaxLength = 255;       public FeedClient()     {          ObjectFactory.Initialize(container =>          {              container.PullConfigurationFromAppConfig = true;          });           _newsService = ObjectFactory.GetInstance<INewsService>();     }       public void Execute()     {         var blogs = _newsService.ListPublishedBlogs();           for (var index = 0; index <blogs.Count; index++)         {              ImportFeed(blogs[index]);         }     }       private void ImportFeed(BlogDto blog)     {         if(blog == null)             return;         if (string.IsNullOrEmpty(blog.RssUrl))             return;           var uri = new Uri(blog.RssUrl);         SyndicationContentFormat feedFormat;           feedFormat = SyndicationDiscoveryUtility.SyndicationContentFormatGet(uri);           if (feedFormat == SyndicationContentFormat.Rss)             ImportRssFeed(blog);         if (feedFormat == SyndicationContentFormat.Atom)             ImportAtomFeed(blog);                 }       private void ImportRssFeed(BlogDto blog)     {         var uri = new Uri(blog.RssUrl);         var feed = RssFeed.Create(uri);           foreach (var item in feed.Channel.Items)         {             SaveRssFeedItem(item, blog.Id, blog.CreatedById);         }     }       private void ImportAtomFeed(BlogDto blog)     {         var uri = new Uri(blog.RssUrl);         var feed = AtomFeed.Create(uri);           foreach (var item in feed.Entries)         {             SaveAtomFeedEntry(item, blog.Id, blog.CreatedById);         }     } } Serial implementation of feed aggregator downloads and inserts all posts with 25.46 seconds. Task parallelism Task parallelism means that separate tasks are run in parallel. You can find out more about task parallelism from MSDN page Task Parallelism (Task Parallel Library) and Wikipedia page Task parallelism. Although finding parts of code that can run safely in parallel without synchronization issues is not easy task we are lucky this time. Feeds import and parsing is perfect candidate for parallel tasks. We can safely parallelize feeds import because importing tasks doesn’t share any resources and therefore they don’t also need any synchronization. After getting the list of blogs we iterate through the collection and start new TPL task for each blog feed aggregation. internal class FeedClient {     private readonly INewsService _newsService;     private const int FeedItemContentMaxLength = 255;       public FeedClient()     {          ObjectFactory.Initialize(container =>          {              container.PullConfigurationFromAppConfig = true;          });           _newsService = ObjectFactory.GetInstance<INewsService>();     }       public void Execute()     {         var blogs = _newsService.ListPublishedBlogs();                var tasks = new Task[blogs.Count];           for (var index = 0; index <blogs.Count; index++)         {             tasks[index] = new Task(ImportFeed, blogs[index]);             tasks[index].Start();         }           Task.WaitAll(tasks);     }       private void ImportFeed(object blogObject)     {         if(blogObject == null)             return;         var blog = (BlogDto)blogObject;         if (string.IsNullOrEmpty(blog.RssUrl))             return;           var uri = new Uri(blog.RssUrl);         SyndicationContentFormat feedFormat;           feedFormat = SyndicationDiscoveryUtility.SyndicationContentFormatGet(uri);           if (feedFormat == SyndicationContentFormat.Rss)             ImportRssFeed(blog);         if (feedFormat == SyndicationContentFormat.Atom)             ImportAtomFeed(blog);                }       private void ImportRssFeed(BlogDto blog)     {          var uri = new Uri(blog.RssUrl);          var feed = RssFeed.Create(uri);           foreach (var item in feed.Channel.Items)          {              SaveRssFeedItem(item, blog.Id, blog.CreatedById);          }     }     private void ImportAtomFeed(BlogDto blog)     {         var uri = new Uri(blog.RssUrl);         var feed = AtomFeed.Create(uri);           foreach (var item in feed.Entries)         {             SaveAtomFeedEntry(item, blog.Id, blog.CreatedById);         }     } } You should notice first signs of the power of TPL. We made only minor changes to our code to parallelize blog feeds aggregating. On my machine this modification gives some performance boost – time is now 17.57 seconds. Data parallelism There is one more way how to parallelize activities. Previous section introduced task or operation based parallelism, this section introduces data based parallelism. By MSDN page Data Parallelism (Task Parallel Library) data parallelism refers to scenario in which the same operation is performed concurrently on elements in a source collection or array. In our code we have independent collections we can process in parallel – imported feed entries. As checking for feed entry existence and inserting it if it is missing from database doesn’t affect other entries the imported feed entries collection is ideal candidate for parallelization. internal class FeedClient {     private readonly INewsService _newsService;     private const int FeedItemContentMaxLength = 255;       public FeedClient()     {          ObjectFactory.Initialize(container =>          {              container.PullConfigurationFromAppConfig = true;          });           _newsService = ObjectFactory.GetInstance<INewsService>();     }       public void Execute()     {         var blogs = _newsService.ListPublishedBlogs();                var tasks = new Task[blogs.Count];           for (var index = 0; index <blogs.Count; index++)         {             tasks[index] = new Task(ImportFeed, blogs[index]);             tasks[index].Start();         }           Task.WaitAll(tasks);     }       private void ImportFeed(object blogObject)     {         if(blogObject == null)             return;         var blog = (BlogDto)blogObject;         if (string.IsNullOrEmpty(blog.RssUrl))             return;           var uri = new Uri(blog.RssUrl);         SyndicationContentFormat feedFormat;           feedFormat = SyndicationDiscoveryUtility.SyndicationContentFormatGet(uri);           if (feedFormat == SyndicationContentFormat.Rss)             ImportRssFeed(blog);         if (feedFormat == SyndicationContentFormat.Atom)             ImportAtomFeed(blog);                }       private void ImportRssFeed(BlogDto blog)     {         var uri = new Uri(blog.RssUrl);         var feed = RssFeed.Create(uri);           feed.Channel.Items.AsParallel().ForAll(a =>         {             SaveRssFeedItem(a, blog.Id, blog.CreatedById);         });      }        private void ImportAtomFeed(BlogDto blog)      {         var uri = new Uri(blog.RssUrl);         var feed = AtomFeed.Create(uri);           feed.Entries.AsParallel().ForAll(a =>         {              SaveAtomFeedEntry(a, blog.Id, blog.CreatedById);         });      } } We did small change again and as the result we parallelized checking and saving of feed items. This change was data centric as we applied same operation to all elements in collection. On my machine I got better performance again. Time is now 11.22 seconds. Results Let’s visualize our measurement results (numbers are given in seconds). As we can see then with task parallelism feed aggregation takes about 25% less time than in original case. When adding data parallelism to task parallelism our aggregation takes about 2.3 times less time than in original case. More about TPL and PLINQ Adding parallelism to your application can be very challenging task. You have to carefully find out parts of your code where you can safely go to parallel processing and even then you have to measure the effects of parallel processing to find out if parallel code performs better. If you are not careful then troubles you will face later are worse than ones you have seen before (imagine error that occurs by average only once per 10000 code runs). Parallel programming is something that is hard to ignore. Effective programs are able to use multiple cores of processors. Using TPL you can also set degree of parallelism so your application doesn’t use all computing cores and leaves one or more of them free for host system and other processes. And there are many more things in TPL that make it easier for you to start and go on with parallel programming. In next major version all .NET languages will have built-in support for parallel programming. There will be also new language constructs that support parallel programming. Currently you can download Visual Studio Async to get some idea about what is coming. Conclusion Parallel programming is very challenging but good tools offered by Visual Studio and .NET Framework make it way easier for us. In this posting we started with feed aggregator that imports feed items on serial mode. With two steps we parallelized feed importing and entries inserting gaining 2.3 times raise in performance. Although this number is specific to my test environment it shows clearly that parallel programming may raise the performance of your application significantly.

  Read the article

• Issue 15: Oracle Exadata Marketing Campaigns

  - by rituchhibber

       PARTNER FOCUS Oracle ExadataMarketing Campaign Steve McNickleVP Europe, cVidya Steve McNickle is VP Europe for cVidya, an innovative provider of revenue intelligence solutions for telecom, media and entertainment service providers including AT&T, BT, Deutsche Telecom and Vodafone. The company's product portfolio helps operators and service providers maximise margins, improve customer experience and optimise ecosystem relationships through revenue assurance, fraud and security management, sales performance management, pricing analytics, and inter-carrier services. cVidya has partnered with Oracle for more than a decade. RESOURCES -- Oracle PartnerNetwork (OPN) Oracle Exastack Program Oracle Exastack Optimized Oracle Exastack Labs and Enablement Resources Oracle Engineered Systems Oracle Communications cVidya SUBSCRIBE FEEDBACK PREVIOUS ISSUES Are you ready for Oracle OpenWorld this October? -- -- Please could you tell us a little about cVidya's partnering history with Oracle, and expand on your Oracle Exastack accreditations? "cVidya was established just over ten years ago and we've had a strong relationship with Oracle almost since the very beginning. Through our Revenue Intelligence work with some of the world's largest service providers we collect tremendous amounts of information, amounting to billions of records per day. We help our clients to collect, store and analyse that data to ensure that their end customers are getting the best levels of service, are billed correctly, and are happy that they are on the correct price plan. We have been an Oracle Gold level partner for seven years, and crucially just two months ago we were also accredited as Oracle Exastack Optimized for MoneyMap, our core Revenue Assurance solution. Very soon we also expect to be Oracle Exastack Optimized DRMap, our Data Retention solution." What unique capabilities and customer benefits does Oracle Exastack add to your applications? "Oracle Exastack enables us to deliver radical benefits to our customers. A typical mobile operator in the UK might handle between 500 million and two billion call data record details daily. Each transaction needs to be validated, billed correctly and fraud checked. Because of the enormous volumes involved, our clients demand scalable infrastructure that allows them to efficiently acquire, store and process all that data within controlled cost, space and environmental constraints. We have proved that the Oracle Exadata system can process data up to seven times faster and load it as much as 20 times faster than other standard best-of-breed server approaches. With the Oracle Exadata Database Machine they can reduce their datacentre equipment from say, the six or seven cabinets that they needed in the past, down to just one. This dramatic simplification delivers incredible value to the customer by cutting down enormously on all of their significant cost, space, energy, cooling and maintenance overheads." "The Oracle Exastack Program has given our clients the ability to switch their focus from reactive to proactive. Traditionally they may have spent 80 percent of their day processing, and just 20 percent enabling end customers to see advanced analytics, and avoiding issues before they occur. With our solutions and Oracle Exadata they can now switch that balance around entirely, resulting not only in reduced revenue leakage, but a far higher focus on proactive leakage prevention. How has the Oracle Exastack Program transformed your customer business? "We can already see the impact. Oracle solutions allow our delivery teams to achieve successful deployments, happy customers and self-satisfaction, and the power of Oracle's Exa solutions is easy to measure in terms of their transformational ability. We gained our first sale into a major European telco by demonstrating the major performance gains that would transform their business. Clients can measure the ease of organisational change, the early prevention of business issues, the reduction in manpower required to provide protection and coverage across all their products and services, plus of course end customer satisfaction. If customers know that that service is provided accurately and that their bills are calculated correctly, then over time this satisfaction can be attributed to revenue intelligence and the underlying systems which provide it. Combine this with the further integration we have with the other layers of the Oracle stack, including the telecommunications offerings such as NCC, OCDM and BRM, and the result is even greater customer value—not to mention the increased speed to market and the reduced project risk." What does the Oracle Exastack community bring to cVidya, both in terms of general benefits, and also tangible new opportunities and partnerships? "A great deal. We have participated in the Oracle Exastack community heavily over the past year, and have had lots of meetings with Oracle and our peers around the globe. It brings us into contact with like-minded, innovative partners, who like us are not happy to just stand still and want to take fresh technology to their customer base in order to gain enhanced value. We identified three new partnerships in each of two recent meetings, and hope these will open up new opportunities, not only in areas that exactly match where we operate today, but also in some new associative areas that will expand our reach into new business sectors. Notably, thanks to the Exastack community we were invited on stage at last year's Oracle OpenWorld conference. Appearing so publically with Oracle senior VP Judson Althoff elevated awareness and visibility of cVidya and has enabled us to participate in a number of other events with Oracle over the past eight months. We've been involved in speaking opportunities, forums and exhibitions, providing us with invaluable opportunities that we wouldn't otherwise have got close to." How has Exastack differentiated cVidya as an ISV, and helped you to evolve your business to the next level? "When we are selling to our core customer base of Tier 1 telecommunications providers, we know that they want more than just software. They want an enduring partnership that will last many years, they want innovation, and a forward thinking partner who knows how to guide them on where they need to be to meet market demand three, five or seven years down the line. Membership of respected global bodies, such as the Telemanagement Forum enables us to lead standard adherence in our area of business, giving us a lot of credibility, but Oracle is also involved in this forum with its own telecommunications portfolio, strengthening our position still further. When we approach CEOs, CTOs and CIOs at the very largest Tier 1 operators, not only can we easily show them that our technology is fantastic, we can also talk about our strong partnership with Oracle, and our joint embracing of today's standards and tomorrow's innovation." Where would you like cVidya to be in one year's time? "We want to get all of our relevant products Oracle Exastack Optimized. Our MoneyMap Revenue Assurance solution is already Exastack Optimised, our DRMAP Data Retention Solution should be Exastack Optimised within the next month, and our FraudView Fraud Management solution within the next two to three months. We'd then like to extend our Oracle accreditation out to include other members of the Oracle Engineered Systems family. We are moving into the 'Big Data' space, and so we're obviously very keen to work closely with Oracle to conduct pilots, map new technologies onto Oracle Big Data platforms, and embrace and measure the benefits of other Oracle systems, namely Oracle Exalogic Elastic Cloud, the Oracle Exalytics In-Memory Machine and the Oracle SPARC SuperCluster. We would also like to examine how the Oracle Database Appliance might benefit our Tier 2 service provider customers. Finally, we'd also like to continue working with the Oracle Communications Global Business Unit (CGBU), furthering our integration with Oracle billing products so that we are able to quickly deploy fraud solutions into Oracle's Engineered System stack, give operational benefits to our clients that are pre-integrated, more cost-effective, and can be rapidly deployed rapidly and producing benefits in three months, not nine months." Chris Baker ,Senior Vice President, Oracle Worldwide ISV-OEM-Java Sales Chris Baker is the Global Head of ISV/OEM Sales responsible for working with ISV/OEM partners to maximise Oracle's business through those partners, whilst maximising those partners' business to their end users. Chris works with partners, customers, innovators, investors and employees to develop innovative business solutions using Oracle products, services and skills. Firstly, could you please explain Oracle's current strategy for ISV partners, globally and in EMEA? "Oracle customers use independent software vendor (ISV) applications to run their businesses. They use them to generate revenue and to fulfil obligations to their own customers. Our strategy is very straight-forward. We want all of our ISV partners and OEMs to concentrate on the things that they do the best – building applications to meet the unique industry and functional requirements of their customer. We want to ensure that we deliver a best in class application platform so the ISV is free to concentrate their effort on their application functionality and user experience We invest over four billion dollars in research and development every year, and we want our ISVs to benefit from all of that investment in operating systems, virtualisation, databases, middleware, engineered systems, and other hardware. By doing this, we help them to reduce their costs, gain more consistency and agility for quicker implementations, and also rapidly differentiate themselves from other application vendors. It's all about simplification because we believe that around 25 to 30 percent of the development costs incurred by many ISVs are caused by customising infrastructure and have nothing to do with their applications. Our strategy is to enable our ISV partners to standardise their application platform using engineered architecture, so they can write once to the Oracle stack and deploy seamlessly in the cloud, on-premise, or in hybrid deployments. It's really important that architecture is the same in order to keep cost and time overheads at a minimum, so we provide standardisation and an environment that enables our ISVs to concentrate on the core business that makes them the most money and brings them success." How do you believe this strategy is helping the ISVs to work hand-in-hand with Oracle to ensure that end customers get the industry-leading solutions that they need? "We work with our ISVs not just to help them be successful, but also to help them market themselves. We have something called the 'Oracle Exastack Ready Program', which enables ISVs to publicise themselves as 'Ready' to run the core software platforms that run on Oracle's engineered systems including Exadata and Exalogic. So, for example, they can become 'Database Ready' which means that they use the latest version of Oracle Database and therefore can run their application without modification on Exadata or the Oracle Database Appliance. Alternatively, they can become WebLogic Ready, Oracle Linux Ready and Oracle Solaris Ready which means they run on the latest release and therefore can run their application, with no new porting work, on Oracle Exalogic. Those 'Ready' logos are important in helping ISVs advertise to their customers that they are using the latest technologies which have been fully tested. We now also have Exadata Ready and Exalogic Ready programmes which allow ISVs to promote the certification of their applications on these platforms. This highlights these partners to Oracle customers as having solutions that run fluently on the Oracle Exadata Database Machine, the Oracle Exalogic Elastic Cloud or one of our other engineered systems. This makes it easy for customers to identify solutions and provides ISVs with an avenue to connect with Oracle customers who are rapidly adopting engineered systems. We have also taken this programme to the next level in the shape of 'Oracle Exastack Optimized' for partners whose applications run best on the Oracle stack and have invested the time to fully optimise application performance. We ensure that Exastack Optimized partner status is promoted and supported by press releases, and we help our ISVs go to market and differentiate themselves through the use our technology and the standardisation it delivers. To date we have had several hundred organisations successfully work through our Exastack Optimized programme." How does Oracle's strategy of offering pre-integrated open platform software and hardware allow ISVs to bring their products to market more quickly? "One of the problems for many ISVs is that they have to think very carefully about the technology on which their solutions will be deployed, particularly in the cloud or hosted environments. They have to think hard about how they secure these environments, whether the concern is, for example, middleware, identity management, or securing personal data. If they don't use the technology that we build-in to our products to help them to fulfil these roles, they then have to build it themselves. This takes time, requires testing, and must be maintained. By taking advantage of our technology, partners will now know that they have a standard platform. They will know that they can confidently talk about implementation being the same every time they do it. Very large ISV applications could once take a year or two to be implemented at an on-premise environment. But it wasn't just the configuration of the application that took the time, it was actually the infrastructure - the different hardware configurations, operating systems and configurations of databases and middleware. Now we strongly believe that it's all about standardisation and repeatability. It's about making sure that our partners can do it once and are then able to roll it out many different times using standard componentry." What actions would you recommend for existing ISV partners that are looking to do more business with Oracle and its customer base, not only to maximise benefits, but also to maximise partner relationships? "My team, around the world and in the EMEA region, is available and ready to talk to any of our ISVs and to explore the possibilities together. We run programmes like 'Excite' and 'Insight' to help us to understand how we can help ISVs with architecture and widen their environments. But we also want to work with, and look at, new opportunities - for example, the Machine-to-Machine (M2M) market or 'The Internet of Things'. Over the next few years, many millions, indeed billions of devices will be collecting massive amounts of data and communicating it back to the central systems where ISVs will be running their applications. The only way that our partners will be able to provide a single vendor 'end-to-end' solution is to use Oracle integrated systems at the back end and Java on the 'smart' devices collecting the data – a complete solution from device to data centre. So there are huge opportunities to work closely with our ISVs, using Oracle's complete M2M platform, to provide the infrastructure that enables them to extract maximum value from the data collected. If any partners don't know where to start or who to contact, then they can contact me directly at [email protected] or indeed any of our teams across the EMEA region. We want to work with ISVs to help them to be as successful as they possibly can through simplification and speed to market, and we also want all of the top ISVs in the world based on Oracle." What opportunities are immediately opened to new ISV partners joining the OPN? "As you know OPN is very, very important. New members will discover a huge amount of content that instantly becomes accessible to them. They can access a wealth of no-cost training and enablement materials to build their expertise in Oracle technology. They can download Oracle software and use it for development projects. They can help themselves become more competent by becoming part of a true community and uncovering new opportunities by working with Oracle and their peers in the Oracle Partner Network. As well as publishing massive amounts of information on OPN, we also hold our global Oracle OpenWorld event, at which partners play a huge role. This takes place at the end of September and the beginning of October in San Francisco. Attending ISV partners have an unrivalled opportunity to contribute to elements such as the OpenWorld / OPN Exchange, at which they can talk to other partners and really begin thinking about how they can move their businesses on and play key roles in a very large ecosystem which revolves around technology and standardisation." Finally, are there any other messages that you would like to share with the Oracle ISV community? "The crucial message that I always like to reinforce is architecture, architecture and architecture! The key opportunities that ISVs have today revolve around standardising their architectures so that they can confidently think: “I will I be able to do exactly the same thing whenever a customer is looking to deploy on-premise, hosted or in the cloud”. The right architecture is critical to being competitive and to really start changing the game. We want to help our ISV partners to do just that; to establish standard architecture and to seize the opportunities it opens up for them. New market opportunities like M2M are enormous - just look at how many devices are all around you right now. We can help our partners to interface with these devices more effectively while thinking about their entire ecosystem, rather than just the piece that they have traditionally focused upon. With standardised architecture, we can help people dramatically improve their speed, reach, agility and delivery of enhanced customer satisfaction and value all the way from the Java side to their centralised systems. All Oracle ISV partners must take advantage of these opportunities, which is why Oracle will continue to invest in and support them." -- Gergely Strbik is Oracle Hardware and Software Product Manager for Avnet in Hungary. Avnet Technology Solutions is an OracleValue Added Distributor focused on the development of the existing Oracle channel. This includes the recruitment and enablement of Oracle partners as well as driving deeper adoption of Oracle's technology and application products within the IT channel. "The main business benefits of ODA for our customers and partners are scalability, flexibility, a great price point for the high performance delivered, and the easily configurable embedded Linux operating system. People welcome a lower point of entry and the ability to grow capacity on demand as their business expands." "Marketing and selling the ODA requires another way of thinking because it is an appliance. We have to transform the ways in which our partners and customers think from buying hardware and software independently to buying complete solutions. Successful early adopters and satisfied customer reactions will certainly help us to sell the ODA. We will have more experience with the product after the first deliveries and installations—end users need to see the power and benefits for themselves." "Our typical ODA customers will be those looking for complete solutions from a single reseller partner who is also able to manage the appliance. They will have enjoyed using Oracle Database but now want a new product that is able to unlock new levels of performance. A higher proportion of potential customers will come from our existing Oracle base, with around 30% from new business, but we intend to evangelise the ODA on the market to see how we can change this balance as all our customers adjust to the concept of 'Hardware and Software, Engineered to Work Together'. -- Back to the welcome page

  Read the article

• Sniffing out SQL Code Smells: Inconsistent use of Symbolic names and Datatypes

  - by Phil Factor

  It is an awkward feeling. You’ve just delivered a database application that seems to be working fine in production, and you just run a few checks on it. You discover that there is a potential bug that, out of sheer good chance, hasn’t kicked in to produce an error; but it lurks, like a smoking bomb. Worse, maybe you find that the bug has started its evil work of corrupting the data, but in ways that nobody has, so far detected. You investigate, and find the damage. You are somehow going to have to repair it. Yes, it still very occasionally happens to me. It is not a nice feeling, and I do anything I can to prevent it happening. That’s why I’m interested in SQL code smells. SQL Code Smells aren’t necessarily bad practices, but just show you where to focus your attention when checking an application. Sometimes with databases the bugs can be subtle. SQL is rather like HTML: the language does its best to try to carry out your wishes, rather than to be picky about your bugs. Most of the time, this is a great benefit, but not always. One particular place where this can be detrimental is where you have implicit conversion between different data types. Most of the time it is completely harmless but we’re  concerned about the occasional time it isn’t. Let’s give an example: String truncation. Let’s give another even more frightening one, rounding errors on assignment to a number of different precision. Each requires a blog-post to explain in detail and I’m not now going to try. Just remember that it is not always a good idea to assign data to variables, parameters or even columns when they aren’t the same datatype, especially if you are relying on implicit conversion to work its magic.For details of the problem and the consequences, see here:  SR0014: Data loss might occur when casting from {Type1} to {Type2} . For any experienced Database Developer, this is a more frightening read than a Vampire Story. This is why one of the SQL Code Smells that makes me edgy, in my own or other peoples’ code, is to see parameters, variables and columns that have the same names and different datatypes. Whereas quite a lot of this is perfectly normal and natural, you need to check in case one of two things have gone wrong. Either sloppy naming, or mixed datatypes. Sure it is hard to remember whether you decided that the length of a log entry was 80 or 100 characters long, or the precision of a number. That is why a little check like this I’m going to show you is excellent for tidying up your code before you check it back into source Control! 1/ Checking Parameters only If you were just going to check parameters, you might just do this. It simply groups all the parameters, either input or output, of all the routines (e.g. stored procedures or functions) by their name and checks to see, in the HAVING clause, whether their data types are all the same. If not, it lists all the examples and their origin (the routine) Even this little check can occasionally be scarily revealing. ;WITH userParameter AS  ( SELECT   c.NAME AS ParameterName,  OBJECT_SCHEMA_NAME(c.object_ID) + '.' + OBJECT_NAME(c.object_ID) AS ObjectName,  t.name + ' '     + CASE     --we may have to put in the length            WHEN t.name IN ('char', 'varchar', 'nchar', 'nvarchar')             THEN '('               + CASE WHEN c.max_length = -1 THEN 'MAX'                ELSE CONVERT(VARCHAR(4),                    CASE WHEN t.name IN ('nchar', 'nvarchar')                      THEN c.max_length / 2 ELSE c.max_length                    END)                END + ')'         WHEN t.name IN ('decimal', 'numeric')             THEN '(' + CONVERT(VARCHAR(4), c.precision)                   + ',' + CONVERT(VARCHAR(4), c.Scale) + ')'         ELSE ''      END  --we've done with putting in the length      + CASE WHEN XML_collection_ID <> 0         THEN --deal with object schema names             '(' + CASE WHEN is_XML_Document = 1                    THEN 'DOCUMENT '                    ELSE 'CONTENT '                   END              + COALESCE(               (SELECT QUOTENAME(ss.name) + '.' + QUOTENAME(sc.name)                FROM sys.xml_schema_collections sc                INNER JOIN Sys.Schemas ss ON sc.schema_ID = ss.schema_ID                WHERE sc.xml_collection_ID = c.XML_collection_ID),'NULL') + ')'          ELSE ''         END        AS [DataType]  FROM sys.parameters c  INNER JOIN sys.types t ON c.user_Type_ID = t.user_Type_ID  WHERE OBJECT_SCHEMA_NAME(c.object_ID) <> 'sys'   AND parameter_id>0)SELECT CONVERT(CHAR(80),objectName+'.'+ParameterName),DataType FROM UserParameterWHERE ParameterName IN   (SELECT ParameterName FROM UserParameter    GROUP BY ParameterName    HAVING MIN(Datatype)<>MAX(DataType))ORDER BY ParameterName   so, in a very small example here, we have a @ClosingDelimiter variable that is only CHAR(1) when, by the looks of it, it should be up to ten characters long, or even worse, a function that should be a char(1) and seems to let in a string of ten characters. Worth investigating. Then we have a @Comment variable that can't decide whether it is a VARCHAR(2000) or a VARCHAR(MAX) 2/ Columns and Parameters Actually, once we’ve cleared up the mess we’ve made of our parameter-naming in the database we’re inspecting, we’re going to be more interested in listing both columns and parameters. We can do this by modifying the routine to list columns as well as parameters. Because of the slight complexity of creating the string version of the datatypes, we will create a fake table of both columns and parameters so that they can both be processed the same way. After all, we want the datatypes to match Unfortunately, parameters do not expose all the attributes we are interested in, such as whether they are nullable (oh yes, subtle bugs happen if this isn’t consistent for a datatype). We’ll have to leave them out for this check. Voila! A slight modification of the first routine ;WITH userObject AS  ( SELECT   Name AS DataName,--the actual name of the parameter or column ('@' removed)  --and the qualified object name of the routine  OBJECT_SCHEMA_NAME(ObjectID) + '.' + OBJECT_NAME(ObjectID) AS ObjectName,  --now the harder bit: the definition of the datatype.  TypeName + ' '     + CASE     --we may have to put in the length. e.g. CHAR (10)           WHEN TypeName IN ('char', 'varchar', 'nchar', 'nvarchar')             THEN '('               + CASE WHEN MaxLength = -1 THEN 'MAX'                ELSE CONVERT(VARCHAR(4),                    CASE WHEN TypeName IN ('nchar', 'nvarchar')                      THEN MaxLength / 2 ELSE MaxLength                    END)                END + ')'         WHEN TypeName IN ('decimal', 'numeric')--a BCD number!             THEN '(' + CONVERT(VARCHAR(4), Precision)                   + ',' + CONVERT(VARCHAR(4), Scale) + ')'         ELSE ''      END  --we've done with putting in the length      + CASE WHEN XML_collection_ID <> 0 --tush tush. XML         THEN --deal with object schema names             '(' + CASE WHEN is_XML_Document = 1                    THEN 'DOCUMENT '                    ELSE 'CONTENT '                   END              + COALESCE(               (SELECT TOP 1 QUOTENAME(ss.name) + '.' + QUOTENAME(sc.Name)                FROM sys.xml_schema_collections sc                INNER JOIN Sys.Schemas ss ON sc.schema_ID = ss.schema_ID                WHERE sc.xml_collection_ID = XML_collection_ID),'NULL') + ')'          ELSE ''         END        AS [DataType],       DataObjectType  FROM   (Select t.name AS TypeName, REPLACE(c.name,'@','') AS Name,          c.max_length AS MaxLength, c.precision AS [Precision],           c.scale AS [Scale], c.[Object_id] AS ObjectID, XML_collection_ID,          is_XML_Document,'P' AS DataobjectType  FROM sys.parameters c  INNER JOIN sys.types t ON c.user_Type_ID = t.user_Type_ID  AND parameter_id>0  UNION all  Select t.name AS TypeName, c.name AS Name, c.max_length AS MaxLength,          c.precision AS [Precision], c.scale AS [Scale],          c.[Object_id] AS ObjectID, XML_collection_ID,is_XML_Document,          'C' AS DataobjectType            FROM sys.columns c  INNER JOIN sys.types t ON c.user_Type_ID = t.user_Type_ID   WHERE OBJECT_SCHEMA_NAME(c.object_ID) <> 'sys'  )f)SELECT CONVERT(CHAR(80),objectName+'.'   + CASE WHEN DataobjectType ='P' THEN '@' ELSE '' END + DataName),DataType FROM UserObjectWHERE DataName IN   (SELECT DataName FROM UserObject   GROUP BY DataName    HAVING MIN(Datatype)<>MAX(DataType))ORDER BY DataName     Hmm. I can tell you I found quite a few minor issues with the various tabases I tested this on, and found some potential bugs that really leap out at you from the results. Here is the start of the result for AdventureWorks. Yes, AccountNumber is, for some reason, a Varchar(10) in the Customer table. Hmm. odd. Why is a city fifty characters long in that view?  The idea of the description of a colour being 256 characters long seems over-ambitious. Go down the list and you'll spot other mistakes. There are no bugs, but just mess. We started out with a listing to examine parameters, then we mixed parameters and columns. Our last listing is for a slightly more in-depth look at table columns. You’ll notice that we’ve delibarately removed the indication of whether a column is persisted, or is an identity column because that gives us false positives for our code smells. If you just want to browse your metadata for other reasons (and it can quite help in some circumstances) then uncomment them! ;WITH userColumns AS  ( SELECT   c.NAME AS columnName,  OBJECT_SCHEMA_NAME(c.object_ID) + '.' + OBJECT_NAME(c.object_ID) AS ObjectName,  REPLACE(t.name + ' '   + CASE WHEN is_computed = 1 THEN ' AS ' + --do DDL for a computed column          (SELECT definition FROM sys.computed_columns cc           WHERE cc.object_id = c.object_id AND cc.column_ID = c.column_ID)     --we may have to put in the length            WHEN t.Name IN ('char', 'varchar', 'nchar', 'nvarchar')             THEN '('               + CASE WHEN c.Max_Length = -1 THEN 'MAX'                ELSE CONVERT(VARCHAR(4),                    CASE WHEN t.Name IN ('nchar', 'nvarchar')                      THEN c.Max_Length / 2 ELSE c.Max_Length                    END)                END + ')'       WHEN t.name IN ('decimal', 'numeric')       THEN '(' + CONVERT(VARCHAR(4), c.precision) + ',' + CONVERT(VARCHAR(4), c.Scale) + ')'       ELSE ''      END + CASE WHEN c.is_rowguidcol = 1          THEN ' ROWGUIDCOL'          ELSE ''         END + CASE WHEN XML_collection_ID <> 0            THEN --deal with object schema names             '(' + CASE WHEN is_XML_Document = 1                THEN 'DOCUMENT '                ELSE 'CONTENT '               END + COALESCE((SELECT                QUOTENAME(ss.name) + '.' + QUOTENAME(sc.name)                FROM                sys.xml_schema_collections sc                INNER JOIN Sys.Schemas ss ON sc.schema_ID = ss.schema_ID                WHERE                sc.xml_collection_ID = c.XML_collection_ID),                'NULL') + ')'            ELSE ''           END + CASE WHEN is_identity = 1             THEN CASE WHEN OBJECTPROPERTY(object_id,                'IsUserTable') = 1 AND COLUMNPROPERTY(object_id,                c.name,                'IsIDNotForRepl') = 0 AND OBJECTPROPERTY(object_id,                'IsMSShipped') = 0                THEN ''                ELSE ' NOT FOR REPLICATION '               END             ELSE ''            END + CASE WHEN c.is_nullable = 0               THEN ' NOT NULL'               ELSE ' NULL'              END + CASE                WHEN c.default_object_id <> 0                THEN ' DEFAULT ' + object_Definition(c.default_object_id)                ELSE ''               END + CASE                WHEN c.collation_name IS NULL                THEN ''                WHEN c.collation_name <> (SELECT                collation_name                FROM                sys.databases                WHERE                name = DB_NAME()) COLLATE Latin1_General_CI_AS                THEN COALESCE(' COLLATE ' + c.collation_name,                '')                ELSE ''                END,'  ',' ') AS [DataType]FROM sys.columns c  INNER JOIN sys.types t ON c.user_Type_ID = t.user_Type_ID  WHERE OBJECT_SCHEMA_NAME(c.object_ID) <> 'sys')SELECT CONVERT(CHAR(80),objectName+'.'+columnName),DataType FROM UserColumnsWHERE columnName IN (SELECT columnName FROM UserColumns  GROUP BY columnName  HAVING MIN(Datatype)<>MAX(DataType))ORDER BY columnName If you take a look down the results against Adventureworks, you'll see once again that there are things to investigate, mostly, in the illustration, discrepancies between null and non-null datatypes So I here you ask, what about temporary variables within routines? If ever there was a source of elusive bugs, you'll find it there. Sadly, these temporary variables are not stored in the metadata so we'll have to find a more subtle way of flushing these out, and that will, I'm afraid, have to wait!

  Read the article

• Why won't Javascript assembled Iframe load in IE6 over HTTPS although it will over HTTP?

  - by Lauren

  The issue: The iframe won't load inside the tags on the review and submit page here: https://checkout.netsuite.com/s.nl/c.659197/sc.4/category.confirm/.f Login:[email protected] pass:test03 To produce problem: - Where it says "Your Third Party Shipper Numbers (To enter one, click here.)", click "here" to see the form that won't load in IE6. It seems to load in every other modern browser. The same form works fine on this page (you have to click on the "order sample" button to see the link to the same form): http://www.avaline.com/R3000_3 Here's the HTML: <div style="border-color: rgb(255, 221, 221);" id="itmSampl"> <div id="placeshipnum" style="display: none;"></div> <div id="sampAdd"> <strong>Your Third Party Shipper Numbers</strong> (To enter one, click <a rel="nofollow" href="javascript:;" onclick="enterShipNum()">here</a>.) <ul style="list-style: none outside none; padding-left: 20px;"> <li><span class="bold">UPS #</span>: 333333</li> <li><span class="bold">FedEx #</span>: 777888999</li> </ul> </div> </div> Upon clicking the "to enter one, click here" link this is the iframe HTML in all browsers except IE6 (in IE6, the "shipnum" div element is assembled, but that's it): <div id="placeshipnum" style="display: block;"> <div id="shipnum" style="background: none repeat scroll 0% 0% rgb(255, 255, 255);"> <div class="wrapper-x"> <a title="close window" class="linkfooter" href="javascript:;" onclick="enterShipNum()"> <img height="11" width="11" alt="close window" src="/c.659197/site/av-template/x-image-browser.gif"> </a> </div> <iframe scrolling="no" height="240" frameborder="0" width="190" src="https://forms.netsuite.com/app/site/crm/externalleadpage.nl?compid=659197&amp;formid=56&amp;h=9b260d2f9bca0fd9c300&amp;[email protected]&amp;firstname=Test&amp;lastname=Account&amp;ck=Q1BnzaRXAe_RfjhE&amp;vid=Q1BnzaRXAd3Rfik7&amp;cktime=87919&amp;cart=5257&amp;promocode=SAMPLE&amp;chrole=1014&amp;cjsid=0a0102621f435ef0d0d4b3cd49ab8b2db4e253c671eb" allowtransparency="true" border="0" onload="hideShipLoadImg()" style="display: block;"></iframe></div></div> This is the relevant Javascript: // Allow for shipper number update var shipNumDisplay=0; function enterShipNum() { if (shipNumDisplay == 0){ //odrSampl(); document.getElementById('placeshipnum').style.display="block"; document.getElementById('placeshipnum').innerHTML='<div id="shipnum"><div class="wrapper-x"> <a onclick="enterShipNum()" href="javascript:;" class="linkfooter" title="close window"> <img height="11" width="11" src="/c.659197/site/av-template/x-image-browser.gif" alt="close window" /> </a> </div><iframe onload="hideShipLoadImg()" scrolling="no" height="240" frameborder="0" width="190" border="0" allowtransparency="true" src="https://forms.netsuite.com/app/site/crm/externalleadpage.nl?compid=659197&formid=56&h=9b260d2f9bca0fd9c300&[email protected]&firstname=Test&lastname=Account&ck=Q1BnzaRXAe_RfjhE&vid=Q1BnzaRXAd3Rfik7&cktime=87919&cart=5257&promocode=SAMPLE&chrole=1014&cjsid=0a0102621f435ef0d0d4b3cd49ab8b2db4e253c671eb"></iframe></div>'; shipNumDisplay=1; } else { document.getElementById('placeshipnum').style.display="none"; document.getElementById('shipnum').parentNode.removeChild(document.getElementById('shipnum')); shipNumDisplay=0; } } function hideShipLoadImg(){ var shipiframe= document.getElementById('shipnum').getElementsByTagName('iframe')[0]; shipiframe.style.display = 'block'; shipiframe.parentNode.style.background = '#fff'; } This is most of the form inside the iframe although I don't think it's relevant: <form style="margin: 0pt;" onsubmit="return ( window.isinited &amp;&amp; window.isvalid &amp;&amp; save_record( true ) )" action="/app/site/crm/externalleadpage.nl" enctype="multipart/form-data" method="POST" name="main_form" id="main_form"> <div class="field name"> <label for="firstname">First Name <span class="required">*</span></label> <span class="input" id="firstname_fs"><span class="input" id="firstname_val">Test</span></span><input type="hidden" id="firstname" name="firstname" value="Test" onchange="nlapiFieldChanged(null,'firstname');"> </div> <div class="field name"> <label for="lastname">Last Name <span class="required">*</span></label> <span class="input" id="lastname_fs"><span class="input" id="lastname_val">Account</span></span><input type="hidden" id="lastname" name="lastname" value="Account" onchange="nlapiFieldChanged(null,'lastname');"> </div> <div id="ups" class="field"> <label for="custentity4">UPS # </label> <span id="custentity4_fs" style="white-space: nowrap;"><input type="text" id="custentity4" onblur="if (this.checkvalid == true) {this.isvalid=(validate_field(this,'text',false,false) &amp;&amp; nlapiValidateField(null,'custentity4'));} if (this.isvalid == false) { selectAndFocusField(this); return this.isvalid;}" name="custentity4" size="25" onfocus="if (this.isvalid == true || this.isvalid == false) this.checkvalid=true;" onchange="setWindowChanged(window, true);this.isvalid=(validate_field(this,'text',true,false) &amp;&amp; nlapiValidateField(null,'custentity4'));this.checkvalid=false;if (this.isvalid) {nlapiFieldChanged(null,'custentity4');;}if (this.isvalid) this.isvalid=validate_textfield_maxlen(this,6,true,true);if (!this.isvalid) { selectAndFocusField(this);}return this.isvalid;" class="input" maxlength="6"></span> </div> <div id="fedex" class="field"> <label for="custentity9">FedEx # </label> <span id="custentity9_fs" style="white-space: nowrap;"><input type="text" id="custentity9" onblur="if (this.checkvalid == true) {this.isvalid=(validate_field(this,'text',false,false) &amp;&amp; nlapiValidateField(null,'custentity9'));} if (this.isvalid == false) { selectAndFocusField(this); return this.isvalid;}" name="custentity9" size="25" onfocus="if (this.isvalid == true || this.isvalid == false) this.checkvalid=true;" onchange="setWindowChanged(window, true);this.isvalid=(validate_field(this,'text',true,false) &amp;&amp; nlapiValidateField(null,'custentity9'));this.checkvalid=false;if (this.isvalid) {nlapiFieldChanged(null,'custentity9');;}if (this.isvalid) this.isvalid=validate_textfield_maxlen(this,9,true,true);if (!this.isvalid) { selectAndFocusField(this);}return this.isvalid;" class="input" maxlength="9"></span> </div> <div class="field hidden"><input type="hidden" id="email" name="email" value="[email protected]"></div> <div class="field"><label class="submit" for="submitbutton"><span class="required">*</span> Indicates required fields.</label></div> <input type="submit" id="submitbutton" value="submit"> <!-- REQUIRED HIDDEN FIELDS FOR HTML ONLINE FORM --> <input type="hidden" value="659197" name="compid"><input type="hidden" value="56" name="formid"><input type="hidden" value="" name="id"><input type="hidden" value="9b260d2f9bca0fd9c300" name="h"><input type="hidden" value="-1" name="rectype"><input type="hidden" value="" name="nlapiPI"><input type="hidden" value="" name="nlapiSR"><input type="hidden" value="ShipValidateField" name="nlapiVF"><input type="hidden" value="" name="nlapiFC"><input type="hidden" value="/app/site/crm/externalleadpage.nl?compid=659197&amp;formid=56&amp;h=9b260d2f9bca0fd9c300&amp;[email protected]&amp;firstname=Test&amp;lastname=Account&amp;ck=Q1BnzaRXAe_RfjhE&amp;vid=Q1BnzaRXAd3Rfik7&amp;cktime=87919&amp;cart=5257&amp;promocode=SAMPLE&amp;chrole=1014&amp;cjsid=0a0102621f435ef0d0d4b3cd49ab8b2db4e253c671eb" name="whence"><input type="hidden" name="submitted"> <iframe height="0" style="visibility: hidden;" name="server_commands" id="server_commands" src="javascript:false"></iframe> <!-- END OF REQUIRED HIDDEN FIELDS FOR HTML ONLINE FORM --> </form>

  Read the article

• Simple Adapter error

  - by Rahul Varma

  Hi, I have the following errors when i try to access the simple adapter from my program... Plz can anyone help me solving the error... Desperate to get it done.... android.widget.SimpleAdapter.getCount(SimpleAdapter.java:95) android.widget.ListView.setAdapter(ListView.java:431) com.stellent.gorinka.MusicListActivity.list(MusicListActivity.java:76) com.stellent.gorinka.MusicListActivity$1.run(MusicListActivity.java:67) android.os.Handler.handleCallback(Handler.java:587) android.os.Handler.dispatchMessage(Handler.java:92) at android.os.Looper.loop(Looper.java:123) android.os.Handler.handleCallback(Handler.java:587) android.os.Handler.dispatchMessage(Handler.java:92) android.os.Looper.loop(Looper.java:123) Here' the code for Adapter... public class SongsAdapter extends SimpleAdapter{ static List<HashMap<String,String>> songsList; Context context; LayoutInflater inflater; public SongsAdapter(Context context,List<HashMap<String,String>> imgListWeb,int layout,String[] from,int[] to,LayoutInflater inflater) { super(context,songsList,layout,from,to); this.songsList=songsList; this.context=context; this.inflater=inflater; // TODO Auto-generated constructor stub }@Override public View getView(int postition,View convertView,ViewGroup parent)throws java.lang.OutOfMemoryError{ try { View v = ((LayoutInflater) inflater).inflate(R.layout.row,null); ImageView images=(ImageView)v.findViewById(R.id.image); TextView tvTitle=(TextView)v.findViewById(R.id.text1); TextView tvAlbum=(TextView)v.findViewById(R.id.text2); TextView tvArtist=(TextView)v.findViewById(R.id.text3); HashMap<String,String> songsHash=songsList.get(postition); String path=songsHash.get("path"); String title=songsHash.get("title"); String album=songsHash.get("album"); String artist=songsHash.get("artist"); String imgPath=path; final ImageView imageView = (ImageView) v.findViewById(R.id.image); AsyncImageLoaderv asyncImageLoader=new AsyncImageLoaderv(); Bitmap cachedImage = asyncImageLoader.loadDrawable(imgPath, new AsyncImageLoaderv.ImageCallback() { public void imageLoaded(Bitmap imageDrawable, String imageUrl) { imageView.setImageBitmap(imageDrawable); } }); imageView.setImageBitmap(cachedImage); tvTitle.setText(title); tvAlbum.setText(album); tvArtist.setText(artist); return v; } catch(Exception e){ Log.e("error",e.toString()); } return null; } And also in my main program the focus is not entering the loop... The implementation in the loop isnt getting executed...Here's the code for it... public void list() { Log.d("#####","#####"); LayoutInflater inflater=getLayoutInflater(); String[] from={}; int[] n={}; adapter=new SongsAdapter(getApplicationContext(),songNodeDet,R.layout.row,from,n,inflater); lv.setAdapter(adapter);} private Handler handler = new Handler() { public void handleMessage(Message msg){ Log.d("*****","handler"); removeDialog(0); p.dismiss(); } }; public void webObjectList(Object[] imgListObj,String logInSess) throws XMLRPCException{ songNodeWeb = new HashMap<?,?>[imgListObj.length]; if(imgListObj!=null){ Log.e("completed","completed"); for(int i=0;i<imgListObj.length;i++){ //imgListObj.length songNodeWeb[i]=(HashMap<?,?>)imgListObj[i]; String nodeid=(String) songNodeWeb[i].get("nid"); Log.e("img",i+"completed"); HashMap<String,String> nData=new HashMap<String,String>(); nData.put("nid",nodeid); Object nodeget=client.call("node.get",logInSess,nodeid); HashMap<?,?> imgNode=(HashMap<?,?>)nodeget; String titleName=(String) imgNode.get("titles"); String movieName=(String) imgNode.get("album"); String singerName=(String) imgNode.get("artist"); nData.put("titles", titleName); nData.put("album", movieName); nData.put("artist", singerName); Object[] imgObject=(Object[])imgNode.get("title_format"); HashMap<?,?>[] imgDetails=new HashMap<?,?>[imgObject.length]; imgDetails[0]=(HashMap<?, ?>)imgObject[0]; String path=(String) imgDetails[0].get("filepath"); if(path.contains(" ")){ path=path.replace(" ", "%20"); } String imgPath="http://www.gorinka.com/"+path; paths.add(imgPath); nData.put("path", imgPath); Log.e("my path",path); String mime=(String)imgDetails[0].get("filemime"); nData.put("mime", mime); SongsList songs=new SongsList(titleName,movieName,singerName,imgPath,imgPath); SngList.add(i,songs); songNodeDet.add(i,nData); } Log.e("paths values",paths.toString()); // return imgNodeDet; handler.sendEmptyMessage(0); } } public void getSongs() throws MalformedURLException, XMLRPCException { String ur="http://www.gorinka.com/?q=services/xmlrpc"; URL u=new URL(ur); client = new XMLRPCClient(u); //Connecting to the website HashMap<?, ?> siteConn =(HashMap<?, ?>) client.call("system.connect"); // Getting initial sessio id String initSess=(String)siteConn.get("sessid"); //Login to the site using session id HashMap<?, ?> logInConn =(HashMap<?, ?>) client.call("user.login",initSess,"prakash","stellentsoft2009"); //Getting Login sessid logInSess=(String)logInConn.get("sessid"); websongListObject =(Object[]) client.call("nodetype.get",logInSess,""); webObjectList(websongListObject,logInSess); Log.d("webObjectList","webObjectList"); runOnUiThread(returnRes); } }

  Read the article

• Help me to simplify my jQuery, it's growing huge and redundant!

  - by liquilife

  Hey all, I am no jQuery expert, but I'm learning. I'm using a bit (growing to a LOT) of jQuery to hide some images and show a single image when a thumb is clicked. While this bit of jQuery works, it's horribly inefficient but I am unsure of how to simplify this to something that works on more of a universal level. <script> $(document).ready(function () { // Changing the Materials $("a#shirtred").click(function () { $("#selectMaterials img").removeClass("visible"); $("img.selectShirtRed").addClass("visible"); }); $("a#shirtgrey").click(function () { $("#selectMaterials img").removeClass("visible"); $("img.selectShirtGrey").addClass("visible"); }); $("a#shirtgreen").click(function () { $("#selectMaterials img").removeClass("visible"); $("img.selectShirtGreen").addClass("visible"); }); $("a#shirtblue").click(function () { $("#selectMaterials img").removeClass("visible"); $("img.selectShirtBlue").addClass("visible"); }); // Changing the Collars $("a#collarred").click(function () { $("#selectCollar img").removeClass("visible"); $("img.selectCollarRed").addClass("visible"); }); $("a#collargrey").click(function () { $("#selectCollar img").removeClass("visible"); $("img.selectCollarGrey").addClass("visible"); }); $("a#collargreen").click(function () { $("#selectCollar img").removeClass("visible"); $("img.selectCollarGreen").addClass("visible"); }); $("a#collarblue").click(function () { $("#selectCollar img").removeClass("visible"); $("img.selectCollarBlue").addClass("visible"); }); // Changing the Cuffs $("a#cuffred").click(function () { $("#selectCuff img").removeClass("visible"); $("img.selectCuffRed").addClass("visible"); }); $("a#cuffgrey").click(function () { $("#selectCuff img").removeClass("visible"); $("img.selectCuffGrey").addClass("visible"); }); $("a#cuffblue").click(function () { $("#selectCuff img").removeClass("visible"); $("img.selectCuffBlue").addClass("visible"); }); $("a#cuffgreen").click(function () { $("#selectCuff img").removeClass("visible"); $("img.selectCuffGreen").addClass("visible"); }); // Changing the Pockets $("a#pocketred").click(function () { $("#selectPocket img").removeClass("visible"); $("img.selectPocketRed").addClass("visible"); }); $("a#pocketgrey").click(function () { $("#selectPocket img").removeClass("visible"); $("img.selectPocketGrey").addClass("visible"); }); $("a#pocketblue").click(function () { $("#selectPocket img").removeClass("visible"); $("img.selectPocketBlue").addClass("visible"); }); $("a#pocketgreen").click(function () { $("#selectPocket img").removeClass("visible"); $("img.selectPocketGreen").addClass("visible"); }); }); </scrip> <!-- Thumbnails which can be clicked on to toggle the larger preview image --> <div class="materials"> <a href="javascript:;" id="shirtgrey"><img src="/grey_shirt.png" height="122" width="122" /></a> <a href="javascript:;" id="shirtred"><img src="red_shirt.png" height="122" width="122" /></a> <a href="javascript:;" id="shirtblue"><img src="hblue_shirt.png" height="122" width="122" /></a> <a href="javascript:;" id="shirtgreen"><img src="green_shirt.png" height="122" width="122" /></a> </div> <div class="collars"> <a href="javascript:;" id="collargrey"><img src="grey_collar.png" height="122" width="122" /></a> <a href="javascript:;" id="collarred"><img src="red_collar.png" height="122" width="122" /></a> <a href="javascript:;" id="collarblue"><img src="blue_collar.png" height="122" width="122" /></a> <a href="javascript:;" id="collargreen"><img src="green_collar.png" height="122" width="122" /></a> </div> <div class="cuffs"> <a href="javascript:;" id="cuffgrey"><img src="grey_cuff.png" height="122" width="122" /></a> <a href="javascript:;" id="cuffred"><img src="red_cuff.png" height="122" width="122" /></a> <a href="javascript:;" id="cuffblue"><img src="blue_cuff.png" height="122" width="122" /></a> <a href="javascript:;" id="cuffgreen"><img src="/green_cuff.png" height="122" width="122" /></a> </div> <div class="pockets"> <a href="javascript:;" id="pocketgrey"><img src="grey_pocket.png" height="122" width="122" /></a> <a href="javascript:;" id="pocketred"><img src=".png" height="122" width="122" /></a> <a href="javascript:;" id="pocketblue"><img src="blue_pocket.png" height="122" width="122" /></a> <a href="javascript:;" id="pocketgreen"><img src="green_pocket.png" height="122" width="122" /></a> </div> <!-- The larger images where one from each set should be viewable at one time, triggered by the thumb clicked above --> <div class="selectionimg"> <div id="selectShirt"> <img src="grey_shirt.png" height="250" width="250" class="selectShirtGrey show" /> <img src="red_shirt.png" height="250" width="250" class="selectShirtRed hide" /> <img src="blue_shirt.png" height="250" width="250" class="selectShirtBlue hide" /> <img src="green_shirt.png" height="250" width="250" class="selectShirtGreen hide" /> </div> <div id="selectCollar"> <img src="grey_collar.png" height="250" width="250" class="selectCollarGrey show" /> <img src="red_collar.png" height="250" width="250" class="selectCollarRed hide" /> <img src="blue_collar.png" height="250" width="250" class="selectCollarBlue hide" /> <img src="green_collar.png" height="250" width="250" class="selectCollarGreen hide" /> </div> <div id="selectCuff"> <img src="grey_cuff.png" height="250" width="250" class="selectCuffGrey show" /> <img src="red_cuff.png" height="250" width="250" class="selectCuffRed hide" /> <img src="blue_cuff.png" height="250" width="250" class="selectCuffBlue hide" /> <img src="green_cuff.png" height="250" width="250" class="selectCuffGreen hide" /> </div> <div id="selectPocket"> <img src="grey_pocket.png" height="250" width="250" class="selectPocketGrey show" /> <img src="hred_pocket.png" height="250" width="250" class="selectPocketRed hide" /> <img src="blue_pocket.png" height="250" width="250" class="selectPocketBlue hide" /> <img src="green_pocket.png" height="250" width="250" class="selectPocketGreen hide" /> </div> </div>

  Read the article

• Why am I getting null object reference error when saving (OnItemUpdating event) the first edit item

  - by craigmoliver

  I'm getting the error "Object reference not set to an instance of an object." when trying to reference a HiddenField (lvEditProjectSteps_hdnStepStatusId for future reference) from the EditItem during the OnItemUpdating event after the Update event fires in a ListView. This only occurs on the FIRST item in the ListView. I checked the source and the HTML is being rendered properly. ANY insight is appreciated! Thanks in advance... Source error: var lvEditProjectSteps_hdnStepStatusId = (HiddenField) lvEditProjectSteps.EditItem.FindControl("lvEditProjectSteps_hdnStepStatusId"); Here's the aspx side of the ListView: <asp:ListView ID="lvEditProjectSteps" runat="server" OnItemDataBound="lvEditProjectSteps_OnItemDataBound" OnItemUpdating="lvEditProjectSteps_OnItemUpdating" DataSourceID="odsEditProjectStep" DataKeyNames="Id"> <LayoutTemplate> <table class="standard-box-style" style="width:800px"> <thead> <tr> <th>&nbsp;</th> <th>&nbsp;</th> <th>Created</th> <th>Updated</th> </tr> </thead> <tbody> <asp:PlaceHolder ID="itemPlaceHolder" runat="server" /> </tbody> </table> </LayoutTemplate> <ItemTemplate> <tr> <td style="width:50px"<%# (Container.DisplayIndex % 2 == 0)?"":" class=\"row-alternating\"" %>> <asp:ImageButton ID="lvEditProjectSteps_btnEdit" runat="server" ImageUrl="~/admin/images/icons/edit.gif" AlternateText="Edit" SkinID="interfaceButton" CommandName="Edit" /> <asp:HiddenField ID="lvEditProjectSteps_hdnId" runat="server" Value='<%# Bind("Id")%>' /> <asp:HiddenField ID="lvEditProjectSteps_hdnStepStatusId" runat="server" Value='<%# Bind("StepStatusId")%>' /> <asp:HiddenField ID="lvEditProjectSteps_hdnStepStatusStepId" runat="server" Value='<%# Bind("StepStatus_StepId")%>' /> </td> <td style="width:30px"<%# (Container.DisplayIndex % 2 == 0)?"":" class=\"row-alternating\"" %>><asp:Image ID="imgStatus" runat="server" /></td> <td style="width:75px"<%# (Container.DisplayIndex % 2 == 0)?"":" class=\"row-alternating\"" %>><asp:Literal ID="litTsCreated" runat="server" /></td> <td style="width:75px"<%# (Container.DisplayIndex % 2 == 0)?"":" class=\"row-alternating\"" %>><asp:Literal ID="litTsUpdated" runat="server" /></td> </tr> </ItemTemplate> <EditItemTemplate> <tr> <td style="width:50px"<%# (Container.DisplayIndex % 2 == 0)?"":" class=\"row-alternating\"" %>> <asp:ImageButton ID="lvEditProjectSteps_btnUpdate" runat="server" ImageUrl="~/admin/images/icons/save.png" AlternateText="Save" SkinID="interfaceButton" CommandName="Update" ValidationGroup="EditProjectStepsSave" /> <asp:ImageButton ID="lvEditProjectSteps_btnCancel" runat="server" ImageUrl="~/admin/images/icons/cancel.png" AlternateText="Cancel" SkinID="interfaceButton" CommandName="Cancel" /> <asp:HiddenField ID="lvEditProjectSteps_hdnId" runat="server" Value='<%# Bind("Id")%>' /> <asp:HiddenField ID="lvEditProjectSteps_hdnStepStatusId" runat="server" Value='<%# Bind("StepStatusId")%>' /> <asp:HiddenField ID="lvEditProjectSteps_hdnStepStatusStepId" runat="server" Value='<%# Bind("StepStatus_StepId")%>' /> </td> <td style="width:180px" colspan="3"<%# (Container.DisplayIndex % 2 == 0)?"":" class=\"row-alternating\"" %>> <div><strong>Status</strong></div> <div class="radiobuttonlist-status"> <asp:RadioButtonList ID="lvEditProjectSteps_rblStatus" runat="server" RepeatDirection="Horizontal" AutoPostBack="true" OnSelectedIndexChanged="lvEditProjectSteps_rblStatus_OnSelectedIndexChanged"> <asp:ListItem Value="1"><img src="/images/icon/project-status/1.png" alt="Error" /></asp:ListItem> <asp:ListItem Value="2"><img src="/images/icon/project-status/2.png" alt="In Progress" /></asp:ListItem> <asp:ListItem Value="3"><img src="/images/icon/project-status/3.png" alt="Complete" /></asp:ListItem> </asp:RadioButtonList> <asp:RequiredFieldValidator ID="valRequired_lvEditProjectSteps_rblStatus" runat="server" ControlToValidate="lvEditProjectSteps_rblStatus" SetFocusOnError="true" Display="Dynamic" ErrorMessage="<br />^ required ^" ValidationGroup="EditProjectStepsSave" /> </div> </td> </tr> </EditItemTemplate> </asp:ListView> And the code-behind: protected void lvEditProjectSteps_OnItemDataBound(object sender, ListViewItemEventArgs e) { if (e.Item.ItemType == ListViewItemType.DataItem) { var info = (ProjectStepInfo)DataBinder.GetDataItem(e.Item); // View Item var litTsCreated = (Literal)e.Item.FindControl("litTsCreated"); var litTsUpdated = (Literal)e.Item.FindControl("litTsUpdated"); var imgStatus = (Image) e.Item.FindControl("imgStatus"); if (litTsCreated != null) litTsCreated.Text = String.Format("{0:d}", info.TsCreated); if (litTsUpdated != null) litTsUpdated.Text = String.Format("{0:d}", info.TsCreated); if (imgStatus != null) imgStatus.ImageUrl = String.Format("/images/icon/project-status/{0}.png", info.StepStatus_StatusId); // Edit Item var lvEditProjectSteps_rblStatus = (RadioButtonList) e.Item.FindControl("lvEditProjectSteps_rblStatus"); if (lvEditProjectSteps_rblStatus != null) lvEditProjectSteps_rblStatus.SelectedValue = info.StepStatus_StatusId.ToString(); } } protected void lvEditProjectSteps_OnItemUpdating(object sender, ListViewUpdateEventArgs e) { if (IsValid) { var oController = new Controller(); var lvEditProjectSteps_hdnStepStatusId = (HiddenField) lvEditProjectSteps.EditItem.FindControl("lvEditProjectSteps_hdnStepStatusId"); var lvEditProjectSteps_hdnStepStatusStepId = (HiddenField) lvEditProjectSteps.EditItem.FindControl("lvEditProjectSteps_hdnStepStatusStepId"); var lvEditProjectSteps_rblStatus = (RadioButtonList) lvEditProjectSteps.EditItem.FindControl("lvEditProjectSteps_rblStatus"); var infoStepStatus = oController.StepStatus_SelectOne_StepId_StatusId(Convert.ToInt32(lvEditProjectSteps_hdnStepStatusStepId.Value), Convert.ToInt32(lvEditProjectSteps_rblStatus.SelectedValue)); if (lvEditProjectSteps_hdnStepStatusId != null) { e.NewValues["ProjectId"] = Convert.ToInt32(lvEditProjectSteps_hdnProjectId.Value); e.NewValues["StepStatusId"] = infoStepStatus.Id; } else { Response.Write("cancel"); e.Cancel = true; } } else { Response.Write("cancel, not valid"); e.Cancel = true; } } protected void lvEditProjectSteps_rblStatus_OnSelectedIndexChanged(object sender, EventArgs e) { var oController = new Controller(); var rbl = (RadioButtonList)sender; var lvEditProjectSteps_txtText = (TextBox) rbl.NamingContainer.FindControl("lvEditProjectSteps_txtText"); var lvEditProjectSteps_txtComment = (TextBox)rbl.NamingContainer.FindControl("lvEditProjectSteps_txtComment"); var lvEditProjectSteps_hdnStepStatusStepId = (HiddenField) rbl.NamingContainer.FindControl("lvEditProjectSteps_hdnStepStatusStepId"); if (!String.IsNullOrEmpty(lvEditProjectSteps_hdnStepStatusStepId.Value) && lvEditProjectSteps_txtText != null && lvEditProjectSteps_txtComment != null) { var infoStep = oController.Step_SelectOne(Convert.ToInt32(lvEditProjectSteps_hdnStepStatusStepId.Value)); var infoStepStatus = oController.StepStatus_SelectOne_StepId_StatusId(Convert.ToInt32(lvEditProjectSteps_hdnStepStatusStepId.Value), Convert.ToInt32(rbl.SelectedValue)); lvEditProjectSteps_txtText.Text = infoStep.Name; lvEditProjectSteps_txtComment.Text = infoStepStatus.Text; } }

  Read the article

• Js (+Mootools) - Why my script use over 60% of processor?

  - by Misiur

  On this site - LINK - i need to use 3 banner scrollers (2x vertical + 1x horizontal). I've tried to do it in flash, but then everyone web browsers shut down, or suspended. Now i want to do it in JS (i use mootools). All data come from MySQL. Here's the complete code (even if you don't know mootools, You should understand it) global $wpdb; $table = $wpdb->prefix.'part'; $sql = "SELECT * FROM $table"; $q = $wpdb->get_results($sql); $g = 0; if($wpdb->num_rows > 0) { ?> <script type="text/javascript"> window.addEvent('load', function(){ var totall = 0; var totalr = 0; $$('#leftCont0 .contElement').each(function(el){ var img = new Asset.image(el.getFirst('a').getFirst('img').get('src')); totall += img.height; }); $$('#rightCont0 .contElement').each(function(el){ var img = new Asset.image(el.getFirst('a').getFirst('img').get('src')); totalr += img.height; }); $$('.leftCont').each(function(el){ var h = parseInt(el.get('id').substr(8)); el.setStyle('top', h * totall); }); $$('.rightCont').each(function(el){ var h = parseInt(el.get('id').substr(9)); el.setStyle('top', h * totalr); }); var total = new Array(totall, totalr); move.periodical(30, null, total); }); function move(num, num2) { var h = 0; var da = false; var target = null; $$('.leftCont').each(function(el){ var act = el.getStyle('top'); var n = parseInt(act)+1; el.setStyle('top', n+"px"); if(el.getStyle('top') < h) { h = parseInt(el.getStyle('top')); alert(h); } if(parseInt(el.getStyle('top')) > 400) { da = true; target = el; } }); if(da) { var n = h - num; target.setStyle('top', n+'px'); } h = 0; da = false; $$('.rightCont').each(function(el){ var act = el.getStyle('top'); var n = parseInt(act)+1; el.setStyle('top', n+"px"); if(el.getStyle('top') < h) { h = parseInt(el.getStyle('top')); alert(h); } if(parseInt(el.getStyle('top')) > 400) { da = true; target = el; } }); if(da) { var n = h - num2; target.setStyle('top', n+'px'); } } </script> <?php $g = 0; $l = 0; $r = 0; $leftContent = array(); $rightContent = array(); $leftHeight = 0; $rightHeight = 0; foreach($q as $q) { if(($g % 2) == 0) { $leftContent[$l] = '<div class="contElement"> <a href="'.$q->aurl.'"><img src="'.$q->imgurl.'" alt="Partner" /></a> </div>'; $lHeight = getimagesize($q->imgurl); $leftHeight .= $lHeight[1]; $l++; } else { $rightContent[$r] = '<div class="contElement"> <a href="'.$q->aurl.'"><img src="'.$q->imgurl.'" alt="Partner" /></a> </div>'; $rHeight = getimagesize($q->imgurl); $rightHeight .= $rHeight[1]; $r++; } $g++; } $quantity = ceil(400 / $leftHeight) + 1; for($i = 0; $i < $quantity; $i++) { $str = ""; for($j = 0; $j < sizeof($leftContent); $j++) { $str .= $leftContent[$j]; } $leftContainer[$i] = '<div class="leftCont" id="leftCont'.$i.'">'.$str.'</div>'; } $quantity = ceil(400 / $rightHeight) + 1; for($i = 0; $i < $quantity; $i++) { $str = ""; for($j = 0; $j < sizeof($rightContent); $j++) { $str .= $rightContent[$j]; } $rightContainer[$i] = '<div class="rightCont" id="rightCont'.$i.'">'.$str.'</div>'; } ?> <div id="pcl"> <?php for($i = 0; $i < sizeof($leftContainer); $i++) { echo $leftContainer[$i]; } ?> </div> <div id="pcr"> <?php for($i = 0; $i < sizeof($rightContainer); $i++) { echo $rightContainer[$i]; } ?> </div> <?php }

  Read the article

• Capturing Alt+PrintScreen hot key and clipboard contents

  - by kusanagi

  I setup catching hotkey on alt+printscreen. It catches perfectly but there is nothing in the buffer - no image. How can I get the image from Clipboard.GetImage() after catching hotkey? Here is the the code. using System; using System.Runtime.InteropServices; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; namespace Magic_Screenshot { public enum ModifierKey : uint { MOD_NULL = 0x0000, MOD_ALT = 0x0001, MOD_CONTROL = 0x0002, MOD_SHIFT = 0x0004, MOD_WIN = 0x0008, } public enum HotKey { PrintScreen, ALT_PrintScreen, CONTROL_PrintScreen } public class HotKeyHelper : IMessageFilter { const string MSG_REGISTERED = "??????? ??????? ??? ????????????????, ???????? UnRegister ??? ?????? ???????????."; const string MSG_UNREGISTERED = "??????? ??????? ?? ????????????????, ???????? Register ??? ???????????."; //?????? ?? ?????? ?????? singleton public HotKeyHelper() { } //public static readonly HotKeyHelper Instance = new HotKeyHelper(); public bool isRegistered; ushort atom; //ushort atom1; ModifierKey modifiers; Keys keyCode; public void Register(ModifierKey modifiers, Keys keyCode) { //??? ???????? ??? ????? ????? ? PreFilterMessage this.modifiers = modifiers; this.keyCode = keyCode; //?? ????????? ?? ??? ???????????? //if (isRegistered) // throw new InvalidOperationException(MSG_REGISTERED); //????????? atom, ??? ??????????? ?????? ??????????? atom = GlobalAddAtom(Guid.NewGuid().ToString()); //atom1 = GlobalAddAtom(Guid.NewGuid().ToString()); if (atom == 0) ThrowWin32Exception(); if (!RegisterHotKey(IntPtr.Zero, atom, modifiers, keyCode)) ThrowWin32Exception(); //if (!RegisterHotKey(IntPtr.Zero, atom1, ModifierKey.MOD_CONTROL, Keys.PrintScreen)) // ThrowWin32Exception(); //????????? ???? ? ??????? ???????? ????????? Application.AddMessageFilter(this); isRegistered = true; } public void UnRegister() { //?? ???????? ?? ??? ???????????? if (!isRegistered) throw new InvalidOperationException(MSG_UNREGISTERED); if (!UnregisterHotKey(IntPtr.Zero, atom)) ThrowWin32Exception(); GlobalDeleteAtom(atom); //??????? ???? ?? ??????? ???????? ????????? Application.RemoveMessageFilter(this); isRegistered = false; } //?????????? Win32Exception ? ????? ?? ????????? ????? ????????????? Win32 ??????? void ThrowWin32Exception() { throw new Win32Exception(Marshal.GetLastWin32Error()); } //???????, ???????????? ??? ??????????? ??????? HotKeys public event HotKeyHelperDelegate HotKeyPressed; public bool PreFilterMessage(ref Message m) { //???????? ?? ????????? WM_HOTKEY if (m.Msg == WM_HOTKEY && //???????? ?? ???? m.HWnd == IntPtr.Zero && //???????? virtual key code m.LParam.ToInt32() >> 16 == (int)keyCode && //???????? ?????? ????????????? (m.LParam.ToInt32() & 0x0000FFFF) == (int)modifiers && //???????? ?? ??????? ??????????? ????????? HotKeyPressed != null) { if ((m.LParam.ToInt32() & 0x0000FFFF) == (int)ModifierKey.MOD_CONTROL && (m.LParam.ToInt32() >> 16 == (int)Keys.PrintScreen)) { HotKeyPressed(this, EventArgs.Empty, HotKey.CONTROL_PrintScreen); } else if ((m.LParam.ToInt32() & 0x0000FFFF) == (int)ModifierKey.MOD_ALT && (m.LParam.ToInt32() >> 16 == (int)Keys.PrintScreen)) { HotKeyPressed(this, EventArgs.Empty, HotKey.ALT_PrintScreen); } else if (m.LParam.ToInt32() >> 16 == (int)Keys.PrintScreen) { HotKeyPressed(this, EventArgs.Empty, HotKey.PrintScreen); } } return false; } //??????????? Win32 ????????? ? ??????? const string USER32_DLL = "User32.dll"; const string KERNEL32_DLL = "Kernel32.dll"; const int WM_HOTKEY = 0x0312; [DllImport(USER32_DLL, SetLastError = true)] static extern bool RegisterHotKey(IntPtr hWnd, int id, ModifierKey fsModifiers, Keys vk); [DllImport(USER32_DLL, SetLastError = true)] static extern bool UnregisterHotKey(IntPtr hWnd, int id); [DllImport(KERNEL32_DLL, SetLastError = true)] static extern ushort GlobalAddAtom(string lpString); [DllImport(KERNEL32_DLL)] static extern ushort GlobalDeleteAtom(ushort nAtom); } } Where is the bug?

  Read the article

• Facebook like button not going back side on the fixed div

  - by Lahiru Chathuranga

  I added a Facebook like button to my website.My website has a fixed div on top of the page(blue color div in the image). The like button is below that(in a div which can scroll) My problem is when the page is scroll down the like button comes on top of the fixed div(blue color).I want to scroll it from the backside of the div.How can I do that? There are couple of screenshots I added Before Scroll After Scroll Here is my code of the fixed div <script type="text/javascript"> function got_to_signup(){ window.location.href = "view/policy"; } </script> <div id="fb-root"></div> <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_GB/all.js#xfbml=1&appId=368003049941951"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> <div style="width:100%;background-color:#0094d6;" > <div id="dd" style="background-color:#0094d6; width:100%; height:75px;position:fixed; " class="center "><div id="a" style="width:1010px; height:75px; background-color:#000000;background:url(xx.png); background-repeat:no-repeat; font-family:Arial, Helvetica, sans-serif; font-size:11px; color:#003; " class="inner div_border"> <table width="1010" border="0" > <tr > <td width="15%" rowspan="2"><a href="" style="cursor:pointer; cursor:hand;"><div style="width:200px; height:50px;background-color:none;"></div></a></td> <td width="22%" height="14">&nbsp;</td> <td width="5%">&nbsp;</td> <td width="5%">&nbsp;</td> <td width="28%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="23%">&nbsp;</td> </tr> <tr> <td colspan="4"> </td> <td colspan="2"><span style="float: right; " ><div style="background-color:#006d9e;border-radius:3px; width:250px; height:34px; display: table; vertical-align: middle; color:#FFF; "> <table width="100%" border="0" > <tr > <td width="43%" style="text-align:center"> Start to bump !</td> <td width="29%"><div id='basic-modal'><span style="float: right; " ><input name="login_btn" type="button" class="login_button basic" id="login_btn" value="Sign in" /></span></div></td> <td width="28%"><span style="float: right; " ><form id="form_reg" method="post"><input name="register_btn" type="button" class="register_button" id="register_btn" value="Sign up" onclick="got_to_signup()"/></form></span></td> </tr> </table> </div></span></td> </tr> <tr> <td>&nbsp;</td> <td>&nbsp;</td> <td>&nbsp;</td> <td>&nbsp;</td> <td>&nbsp;</td> <td>&nbsp;</td> <td style="color:#FFF; font:Arial, Helvetica, sans-serif; font-size:9px; text-align:right;"> Beta Version </td> </tr> </table> </div></div></div> here is my facebook like button code </script> <div id="fb-root"></div> <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_GB/all.js#xfbml=1&appId=368003049941951"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> <td height="21" colspan="2"> <table width="187" style="margin-left:3px;font-size:1px;background-image:url(share_back.png);background-repeat:no-repeat;border-radius:3px;" > <!--tweeter button--> <tr><td width="71"><a href="https://twitter.com/bump_lk" class="twitter-follow-button" data-show-count="false" style="float:right;">Follow @bump_lk</a> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script></td> <!--facebook like button--> <td width="48"><div class="fb-like" data-href="https://www.facebook.com/Bump.lk" data-send="false" data-layout="button_count" data-width="10" data-show-faces="false" style="position:relative;"></div> </td></tr></table></td> <td>&nbsp;</td> <td>&nbsp;</td> <td >

  Read the article

• iOS TableView crash loading different data

  - by jollyr0ger

  Hi to all! I'm developing a simple iOS app where there is a table view with some categories (CategoryViewController). When clicking one of this category the view will be passed to a RecipesListController with another table view with recipes. This recipes are loaded from different plist based on the category clicked. The first time I click on a category, the recipes list is loaded and shown correctely. If i back to the category list and click any of the category (also the same again) the app crash. And I don't know how. The viewWillAppear is ececuted correctely but after crash. Can you help me? If you need the entire project I can zip it for you. Ok? Here is the code of the CategoryViewController.h #import <Foundation/Foundation.h> #import "RecipeRowViewController.h" @class RecipesListController; @interface CategoryViewController : UITableViewController { NSArray *recipeCategories; RecipesListController *childController; } @property (nonatomic, retain) NSArray *recipeCategories; @end The CategoryViewControoler.m #import "CategoryViewCotroller.h" #import "NavAppDelegate.h" #import "RecipesListController.h" @implementation CategoryViewController @synthesize recipeCategories; - (void)viewDidLoad { // Create the categories NSArray *array = [[NSArray alloc] initWithObjects:@"Antipasti", @"Focacce", @"Primi", @"Secondi", @"Contorni", @"Dolci", nil]; self.recipeCategories = array; [array release]; // Set background image UIImageView *bgImg = [[UIImageView alloc] initWithImage:[UIImage imageNamed:@"sfondo_app.png"]]; [self.tableView setBackgroundView:bgImg]; [bgImg release]; [self.tableView reloadData]; [super viewDidLoad]; } - (void)viewDidUnload { self.recipeCategories = nil; // [childController release]; [super viewDidUnload]; } - (void)dealloc { [recipeCategories release]; // [childController release]; [super dealloc]; } #pragma mark - #pragma mark Table data source methods - (NSInteger)tableView:(UITableView *)tableView numberOfRowsInSection:(NSInteger)section { return [recipeCategories count]; } - (UITableViewCell *)tableView:(UITableView *)tableView cellForRowAtIndexPath:(NSIndexPath *)indexPath { static NSString *CellId = @"RecipesCategoriesCellId"; // Try to reuse a cell or create a new one UITableViewCell *cell = [tableView dequeueReusableCellWithIdentifier:CellId]; if (cell == nil) { cell = [[[UITableViewCell alloc] initWithStyle:UITableViewCellStyleDefault reuseIdentifier:CellId] autorelease]; } // Get the right value and assign to the cell NSUInteger row = [indexPath row]; NSString *rowString = [recipeCategories objectAtIndex:row]; cell.textLabel.text = rowString; cell.accessoryType = UITableViewCellAccessoryDisclosureIndicator; [rowString release]; return cell; } #pragma mark - #pragma mark Table view delegate methods - (void)tableView:(UITableView *)tableView didSelectRowAtIndexPath:(NSIndexPath *)indexPath { if (childController == nil) { childController = [[RecipesListController alloc] initWithStyle:UITableViewStyleGrouped]; } childController.title = @"Ricette"; childController.category = [indexPath row]; [self.navigationController pushViewController:childController animated:YES]; } @end The RecipesListController.h #import <Foundation/Foundation.h> #import "RecipeRowViewController.h" #define kRecipeArrayLink 0 #define kRecipeArrayDifficulty 1 #define kRecipeArrayFoodType 2 #define kRecipeAntipasti 0 #define kRecipeFocacce 1 #define kRecipePrimi 2 #define kRecipeSecondi 3 #define kRecipeContorni 4 #define kRecipeDolci 5 @class DisclosureDetailController; @interface RecipesListController : UITableViewController { NSInteger category; NSDictionary *recipesArray; NSArray *recipesNames; NSArray *recipesLinks; DisclosureDetailController *childController; } @property (nonatomic) NSInteger category; @property (nonatomic, retain) NSDictionary *recipesArray; @property (nonatomic, retain) NSArray *recipesNames; @property (nonatomic, retain) NSArray *recipesLinks; @end The RecipesListcontroller.m #import "RecipesListController.h" #import "NavAppDelegate.h" #import "DisclosureDetailController.h" @implementation RecipesListController @synthesize category, recipesArray, recipesNames, recipesLinks; - (void)viewDidLoad { // Set background image UIImageView *bgImg = [[UIImageView alloc] initWithImage:[UIImage imageNamed:@"sfondo_app.png"]]; [self.tableView setBackgroundView:bgImg]; [bgImg release]; [self.tableView reloadData]; [super viewDidLoad]; } - (void)viewWillAppear:(BOOL)animated { if (self.recipesArray != nil) { // Release the arrays [self.recipesArray release]; [self.recipesNames release]; } // Load the dictionary NSString *path = nil; // Load a different dictionary, based on the category if (self.category == kRecipeAntipasti) { path = [[NSBundle mainBundle] pathForResource:@"recipes_antipasti" ofType:@"plist"]; } else if (self.category == kRecipeFocacce) { path = [[NSBundle mainBundle] pathForResource:@"recipes_focacce" ofType:@"plist"]; } else if (self.category == kRecipePrimi) { path = [[NSBundle mainBundle] pathForResource:@"recipes_primi" ofType:@"plist"]; } else if (self.category == kRecipeSecondi) { path = [[NSBundle mainBundle] pathForResource:@"recipes_secondi" ofType:@"plist"]; } else if (self.category == kRecipeContorni) { path = [[NSBundle mainBundle] pathForResource:@"recipes_contorni" ofType:@"plist"]; } else if (self.category == kRecipeDolci) { path = [[NSBundle mainBundle] pathForResource:@"recipes_dolci" ofType:@"plist"]; } NSDictionary *dict = [[NSDictionary alloc] initWithContentsOfFile:path]; self.recipesArray = dict; [dict release]; // Save recipes names NSArray *array = [[recipesArray allKeys] sortedArrayUsingSelector: @selector(compare:)]; self.recipesNames = array; [self.tableView reloadData]; [super viewWillAppear:animated]; } - (void)viewDidUnload { self.recipesArray = nil; self.recipesNames = nil; self.recipesLinks = nil; // [childController release]; [super viewDidUnload]; } - (void)dealloc { [recipesArray release]; [recipesNames release]; [recipesLinks release]; // [childController release]; [super dealloc]; } #pragma mark - #pragma mark Table data source methods - (NSInteger)tableView:(UITableView *)tableView numberOfRowsInSection:(NSInteger)section { return [recipesNames count]; } - (UITableViewCell *)tableView:(UITableView *)tableView cellForRowAtIndexPath:(NSIndexPath *)indexPath { static NSString *RecipesListCellId = @"RecipesListCellId"; // Try to reuse a cell or create a new one UITableViewCell *cell = [tableView dequeueReusableCellWithIdentifier:RecipesListCellId]; if (cell == nil) { cell = [[[UITableViewCell alloc] initWithStyle:UITableViewCellStyleDefault reuseIdentifier:RecipesListCellId] autorelease]; } // Get the right value and assign to the cell NSUInteger row = [indexPath row]; NSString *rowString = [recipesNames objectAtIndex:row]; cell.textLabel.text = rowString; cell.accessoryType = UITableViewCellAccessoryDisclosureIndicator; [rowString release]; return cell; } #pragma mark - #pragma mark Table view delegate methods - (void)tableView:(UITableView *)tableView didSelectRowAtIndexPath:(NSIndexPath *)indexPath { if (childController == nil) { childController = [[DisclosureDetailController alloc] initWithNibName:@"DisclosureDetail" bundle:nil]; } childController.title = @"Dettagli"; NSUInteger row = [indexPath row]; childController.recipeName = [recipesNames objectAtIndex:row]; NSArray *recipeRawArray = [recipesArray objectForKey:childController.recipeName]; childController.recipeLink = [recipeRawArray objectAtIndex:kRecipeArrayLink]; childController.recipeDifficulty = [recipeRawArray objectAtIndex:kRecipeArrayDifficulty]; [self.navigationController pushViewController:childController animated:YES]; } @end This is the crash log Program received signal: “EXC_BAD_ACCESS”. (gdb) bt #0 0x00f0da63 in objc_msgSend () #1 0x04b27ca0 in ?? () #2 0x00002665 in -[RecipesListController viewWillAppear:] (self=0x4b38a00, _cmd=0x6d81a2, animated=1 '\001') at /Users/claudiocanino/Documents/iOS/CottoMangiato/Classes/RecipesListController.m:67 #3 0x00370c9a in -[UINavigationController _startTransition:fromViewController:toViewController:] () #4 0x0036b606 in -[UINavigationController _startDeferredTransitionIfNeeded] () #5 0x0037283e in -[UINavigationController pushViewController:transition:forceImmediate:] () #6 0x04f49549 in -[UINavigationControllerAccessibility(SafeCategory) pushViewController:transition:forceImmediate:] () #7 0x0036b4a0 in -[UINavigationController pushViewController:animated:] () #8 0x00003919 in -[CategoryViewController tableView:didSelectRowAtIndexPath:] (self=0x4b27ca0, _cmd=0x6d19e3, tableView=0x500c200, indexPath=0x4b2d650) at /Users/claudiocanino/Documents/iOS/CottoMangiato/Classes/CategoryViewCotroller.m:104 #9 0x0032a794 in -[UITableView _selectRowAtIndexPath:animated:scrollPosition:notifyDelegate:] () #10 0x00320d50 in -[UITableView _userSelectRowAtPendingSelectionIndexPath:] () #11 0x000337f6 in __NSFireDelayedPerform () #12 0x00d8cfe3 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ () #13 0x00d8e594 in __CFRunLoopDoTimer () #14 0x00ceacc9 in __CFRunLoopRun () #15 0x00cea240 in CFRunLoopRunSpecific () #16 0x00cea161 in CFRunLoopRunInMode () #17 0x016e0268 in GSEventRunModal () #18 0x016e032d in GSEventRun () #19 0x002c342e in UIApplicationMain () #20 0x00001c08 in main (argc=1, argv=0xbfffef58) at /Users/claudiocanino/Documents/iOS/CottoMangiato/main.m:15 Another bt log: (gdb) bt #0 0x00cd76a1 in __CFBasicHashDeallocate () #1 0x00cc2bcb in _CFRelease () #2 0x00002dd6 in -[RecipesListController setRecipesArray:] (self=0x6834d50, _cmd=0x4293, _value=0x4e3bc70) at /Users/claudiocanino/Documents/iOS/CottoMangiato/Classes/RecipesListController.m:16 #3 0x00002665 in -[RecipesListController viewWillAppear:] (self=0x6834d50, _cmd=0x6d81a2, animated=1 '\001') at /Users/claudiocanino/Documents/iOS/CottoMangiato/Classes/RecipesListController.m:67 #4 0x00370c9a in -[UINavigationController _startTransition:fromViewController:toViewController:] () #5 0x0036b606 in -[UINavigationController _startDeferredTransitionIfNeeded] () #6 0x0037283e in -[UINavigationController pushViewController:transition:forceImmediate:] () #7 0x091ac549 in -[UINavigationControllerAccessibility(SafeCategory) pushViewController:transition:forceImmediate:] () #8 0x0036b4a0 in -[UINavigationController pushViewController:animated:] () #9 0x00003919 in -[CategoryViewController tableView:didSelectRowAtIndexPath:] (self=0x4b12970, _cmd=0x6d19e3, tableView=0x5014400, indexPath=0x4b2bd00) at /Users/claudiocanino/Documents/iOS/CottoMangiato/Classes/CategoryViewCotroller.m:104 #10 0x0032a794 in -[UITableView _selectRowAtIndexPath:animated:scrollPosition:notifyDelegate:] () #11 0x00320d50 in -[UITableView _userSelectRowAtPendingSelectionIndexPath:] () #12 0x000337f6 in __NSFireDelayedPerform () #13 0x00d8cfe3 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ () #14 0x00d8e594 in __CFRunLoopDoTimer () #15 0x00ceacc9 in __CFRunLoopRun () #16 0x00cea240 in CFRunLoopRunSpecific () #17 0x00cea161 in CFRunLoopRunInMode () #18 0x016e0268 in GSEventRunModal () #19 0x016e032d in GSEventRun () #20 0x002c342e in UIApplicationMain () #21 0x00001c08 in main (argc=1, argv=0xbfffef58) at /Users/claudiocanino/Documents/iOS/CottoMangiato/main.m:15 Thanks

  Read the article

• Problems with sticky footer html css

  - by CJava

  I'm having trouble making a sticky footer, whatever I do the code completely messes up and re-arranged positioning of other elements. I'm using multiple div elements. I have tried pretty much most tutorials on stickying footers online like http://www.cssstickyfooter.com/using-sticky-footer-code.html Help would be much appreciated. Thanks a lot! html: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta name="generator" content="HTML Tidy for Linux (vers 25 March 2009), see www.w3.org"> <title>Southend-on-Sea Independant Tourist Guide</title> <!--Attached CSS to keep constant throughout site--> <link rel="stylesheet" type="text/css" href="style.css"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="description" content="An independant tourist guide on Southend-on-Sea"> <meta name="keywords" content="southend, southend-on-sea, tourist guide, tourist, independant"> <meta name="author" content="Callum Stevens"> <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico"><!--[if !IE 7]> <style type="text/css"> #wrap {display:table;height:100%} </style> <![endif]--> <link rel="stylesheet" type="text/css" href="style.css"> <link rel="stylesheet" type="text/css" href="navigation.css"> </head> <body> <div id="container"> <div id="content"> <div id="header"> <table width="200" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td><img src="southendpiersept2006edit.jpg" width="700" height="389" alt="southend pier site logo"></td> </tr> </table> </div> <div id="navigation"> <ul> <li class="home"><a href="index.htm">Home</a></li> <li class="places"><a href="places.htm">Places to go</a></li> <li class="things"><a href="things.htm">Things to do</a></li> <li class="where"><a href="where.htm">Where to stay</a></li> <li class="getting"><a href="getting.htm">Getting&lt; here/a&gt;</a></li> <li class="about"><a href="getting.htm"></a><a href="getting.htm"></a><a href="about.htm">About the town</a></li> <li class="contact"><a href="contact.htm">Contact us</a></li> </ul> <table width="700" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td></td> </tr> </table> </div> <br> <br> <h1>Southend-On-Sea</h1> <br> <h2>Welcome to Southend-On-Sea Tourist Information Site. You're #1 stop for finding out about Southend!</h2> <br> <h3>This site aims to help you in getting here, finding accomodation, and letting you know whats going on.</h3> <p>paragraph</p> <p id="p2">paragraph2</p> </div> </div> <div id="footer"></div> </body> </html> style.css: html, body { margin: 0px; padding: 0px; text-align:center } body{ background: url(bg.jpg) repeat-x;} #content { text-align:center width:67%; } h2 { text-transform: capitalize;} navigation.css #navigation ul { width: 700px; height: 50px; position: absolute; /** Places image at the top of the page **/ top: 389px; /** Determines the height from the top of the page **/ left: 15.3%; /** Determines the width from the left of the page **/ background: url(menu.jpg) no-repeat 0 0; list-style: none; margin: 0; padding: 0; } #navigation li { display: inline; } #navigation li a:link, #navigation li a:visited { border: none; width: 100px; height: 50px; display: block; position: absolute; top: 0; text-indent: -7000px; outline: none; } #navigation li.home a:link, #navigation li.home a:visited { left: 0; } #navigation li.places a:link, #navigation li.places a:visited { left: 100px } #navigation li.things a:link, #navigation li.things a:visited { left: 200px } #navigation li.where a:link, #navigation li.where a:visited { left: 300px } #navigation li.getting a:link, #navigation li.getting a:visited { left: 400px } #navigation li.about a:link, #navigation li.about a:visited { left: 500px } #navigation li.contact a:link, #navigation li.contact a:visited { left: 600px } #navigation li.home a:hover { background: url(menu.jpg) no-repeat 0 -50px; } #navigation li.places a:hover { background: url(menu.jpg) no-repeat -100px -50px; } #navigation li.things a:hover { background: url(menu.jpg) no-repeat -200px -50px; } #navigation li.where a:hover { background: url(menu.jpg) no-repeat -300px -50px; } #navigation li.getting a:hover { background: url(menu.jpg) no-repeat -400px -50px; } #navigation li.about a:hover { background: url(menu.jpg) no-repeat -500px -50px; } #navigation li.contact a:hover { background: url(menu.jpg) no-repeat -600px -50px; }

  Read the article

• Not able to get data from Json completely

  - by Abhinav Raja

  i am getting JSON data from http://abinet.org/?json=1 and displaying the titles in a ListView. the code is working fine but the problem is, it is skipping few titles in my ListView and one title is being repeated. You can see the json data from url given above by copy paste it in JSON editor online http://www.jsoneditoronline.org/ i want titles in the "posts" array to be displayed in ListView, however it is being displayed like this: if you see the JSON data from the link above, its missing like 3 titles (they should come between the first and second title) and 5th title is being repeated. Dont know why this is happening. What minor adjustments i need to do? Please help me. this is my code : public class MainActivity extends Activity { // URL to get contacts JSON private static String url = "http://abinet.org/?json=1"; // JSON Node names private static final String TAG_POSTS = "posts"; static final String TAG_TITLE = "title"; private ProgressDialog pDialog; JSONArray contacts = null; TextView img_url; ArrayList<HashMap<String, Object>> contactList; ListView lv; LazyAdapter adapter; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); lv = (ListView) findViewById(R.id.newslist); contactList = new ArrayList<HashMap<String, Object>>(); new GetContacts().execute(); } private class GetContacts extends AsyncTask<Void, Void, Void> { protected void onPreExecute() { super.onPreExecute(); // Showing progress dialog pDialog = new ProgressDialog(MainActivity.this); pDialog.setMessage("Please wait..."); pDialog.setCancelable(false); pDialog.show(); } protected Void doInBackground(Void... arg0) { // Making a request to url and getting response JSONParser jParser = new JSONParser(); // Getting JSON from URL JSONObject jsonObj = jParser.getJSONFromUrl(url); // if (jsonStr != null) { try { // Getting JSON Array node contacts = jsonObj.getJSONArray(TAG_POSTS); // looping through All Contacts for (int i = 0; i < contacts.length(); i++) { // JSONObject c = contacts.getJSONObject(i); JSONObject posts = contacts.getJSONObject(i); String title = posts.getString(TAG_TITLE).replace("&#8217;", "'"); JSONArray attachment = posts.getJSONArray("attachments"); for (int j = 0; j< attachment.length(); j++){ JSONObject obj = attachment.getJSONObject(j); JSONObject image = obj.getJSONObject("images"); JSONObject image_small = image.getJSONObject("thumbnail"); String imgurl = image_small.getString("url"); HashMap<String, Object> contact = new HashMap<String, Object>(); contact.put("image_url", imgurl); contact.put(TAG_TITLE, title); contactList.add(contact); } } } catch (JSONException e) { e.printStackTrace(); } return null; } @Override protected void onPostExecute(Void result) { super.onPostExecute(result); // Dismiss the progress dialog if (pDialog.isShowing()) pDialog.dismiss(); adapter=new LazyAdapter(MainActivity.this, contactList); lv.setAdapter(adapter); } } } this is my JsonParser class (although its not required): public JSONParser() { } public JSONObject getJSONFromUrl(String url) { // Making HTTP request try { // defaultHttpClient DefaultHttpClient httpClient = new DefaultHttpClient(); HttpPost httpPost = new HttpPost(url); HttpResponse httpResponse = httpClient.execute(httpPost); HttpEntity httpEntity = httpResponse.getEntity(); is = httpEntity.getContent(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } catch (ClientProtocolException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } try { BufferedReader reader = new BufferedReader(new InputStreamReader( is, "iso-8859-1"), 8); StringBuilder sb = new StringBuilder(); String line = null; while ((line = reader.readLine()) != null) { sb.append(line + "n"); } is.close(); json = sb.toString(); } catch (Exception e) { Log.e("Buffer Error", "Error converting result " + e.toString()); } // try parse the string to a JSON object try { jObj = new JSONObject(json); } catch (JSONException e) { Log.e("JSON Parser", "Error parsing data " + e.toString()); } // return JSON String return jObj; } } and this is adapter class: public class LazyAdapter extends BaseAdapter { private Activity activity; private ArrayList<HashMap<String, Object>> data; private static LayoutInflater inflater=null; public LazyAdapter(Activity a,ArrayList<HashMap<String, Object>> d) { activity = a; data=d; inflater = (LayoutInflater)activity.getSystemService(Context.LAYOUT_INFLATER_SERVICE); } public int getCount() { return data.size(); } public Object getItem(int position) { return position; } public long getItemId(int position) { return position; } public View getView(int position, View convertView, ViewGroup parent) { View vi=convertView; if(convertView==null) vi = inflater.inflate(R.layout.third_row, null); TextView title = (TextView)vi.findViewById(R.id.headline3); // title SmartImageView iv = (SmartImageView) vi.findViewById(R.id.imageicon); HashMap<String, Object> song = new HashMap<String, Object>(); song = data.get(position); // Setting all values in listview title.setText((CharSequence) song.get(MainActivity.TAG_TITLE)); iv.setImageUrl((String) song.get("image_url")); thumb_image); return vi; } } Please help me. I am stuck at this for more than a week now. I think there is just something to be changed in my MainActivity class.

  Read the article

• CSS Positioning

  - by Davey

  Trying to mess with this wordpress theme and can't figure out why the sidebar is stacking underneath the content block. Any help would be very appreciated. http://www.buffalostreetbooks.com/events CSS: body { font-family: Arial, Helvetica, Verdana, Sans-serif; font-size: 10pt; background-color: #692022; background-image:url("http://www.buffalostreetbooks.com/wp-content/themes/autumn-leaves/images/repeatflower.png"); } body,h1#blog-title { margin: 0; padding: 0; } a { color: blue; } a:hover { color: #FF8C00; } a img { border: 0 none; } #wrapper { width: 960px; margin: 0 auto; background-color: #F4FBF4; border-left: 1px solid #ccc; border-right: 1px solid #ccc; } #header { background-image:url("http://www.buffalostreetbooks.com/wp-content/themes/autumn-leaves/images/headertime.png"); width:768px; height: 200px; } #inner-header { padding: 125px 1em 0; } h1#blog-title { font-size: 2em; } h1#blog-title a { color: #800000; } .entry-title a { color: #CD853F; } h1#blog-title a, .entry-title a, #footer a { text-decoration: none; } h1#blog-title a:hover, .entry-title a:hover, #footer a:hover { text-decoration: underline; } div.skip-link { display: none; } #menu { border-bottom: 1px solid #ccc; } #menu a { color: #000; } #menu a:hover { text-decoration: underline; } #menu li.current_page_item a, #menu li.current_page_item a:hover { background-color: #DFC28B; text-decoration: none; } #content { padding: 1em; width:600px; } .entry-title { font-size: 1.5em; margin: 1em 0 0 0; } abbr.published { color: #666; border: 0 none; } .entry-meta, .entry-date { color: #666; } #comments-list .avatar { float: left; margin-right: 1em; } #comments-list .n { font-weight: bold; } .entry-meta, .comment-meta { font-style: italic; } #comments-list p { clear: left; } #primary { padding-left: 1em; font-size: 0.9em; border-left: 1px solid #ccc; border-bottom: 1px solid #ccc; background-color: #FFFACD; } #footer { text-align: center; font-size: 0.8em; border-top: 1px solid #ccc; border-bottom: 1px solid #ccc; margin-bottom: 1em; } #inner-footer { padding: 1em 0; } .entry-meta, .entry-meta a, .comment-meta, .comment-meta a, .sidebar, .sidebar a, #footer, #footer a { color: #666; } /* LAYOUT: Two-Column (Right) DESCRIPTION: Two-column fluid layout with one sidebars right of content */ div#container { margin:0 0 0 0; width:960px; height:100%; } div#content { margin:0 0 0 0; } div.sidebar { overflow:hidden; width:280px; min-height:500px; clear:both; } div#secondary { clear:right; } div#footer { clear:both; width:100%; } /* Just some example content */ div#menu { height:2em; width:100%; } div#menu ul,div#menu ul ul { line-height:2em; list-style:none; margin:0; padding:0; } div#menu ul a { display:block; margin-right:1em; padding:0 0.5em; text-decoration:none; } div#menu ul ul ul a { font-style:italic; } div#menu ul li ul { left:-999em; position:absolute; } div#menu ul li:hover ul { left:auto; } .entry-title,.entry-meta { clear:both; } div#primary { } form#commentform .form-label { margin:1em 0 0; } form#commentform span.required { background:#fff; color:#c30; } form#commentform,form#commentform p { padding:0; } input#author,input#email,input#url,textarea#comme nt { padding:0.2em; } div.comments ol li { margin:0 0 3.5em; } textarea#comment { height:13em; margin:0 0 0.5em; overflow:auto; width:66%; } .alignright,img.alignright{ float:right; margin:1em 0 0 1em; } .alignleft,img.alignleft{ float:left; margin:1em 1em 0 0; } .aligncenter,img.aligncenter{ display:block; margin:1em auto; text-align:center; } div.gallery { clear:both; height:180px; margin:1em 0; width:100%; } p.wp-caption-text{ font-style:italic; } div.gallery dl{ margin:1em auto; overflow:hidden; text-align:center; } div.gallery dl.gallery-columns-1 { width:100%; } div.gallery dl.gallery-columns-2 { width:49%; } div.gallery dl.gallery-columns-3 { width:33%; } div.gallery dl.gallery-columns-4 { width:24%; } div.gallery dl.gallery-columns-5 { width:19%; } div#nav-above { margin-bottom:1em; } div#nav-below { margin-top:1em; } div#nav-images { height:150px; margin:1em 0; } div.navigation { height:1.25em; } div.navigation div.nav-next { float:right; text-align:right; } div.sidebar h3 { font-size:1.2em; } div.sidebar input#s { width:7em; } div.sidebar li { list-style:none; margin:0 0 2em; } div.sidebar li form { margin:0.2em 0 0; padding:0; } div.sidebar ul ul { margin:0 0 0 2em; } div.sidebar ul ul li { list-style:disc; margin:0; } div.sidebar ul ul ul { margin:0 0 0 0.5em; } div.sidebar ul ul ul li { list-style:circle; } div#menu ul li,div.gallery dl,div.navigation div.nav-previous { float:left; } input#author,input#email,input#url,div.navigation div { width:50%; } div.gallery *,div.sidebar div,div.sidebar h3,div.sidebar ul { margin:0; padding:0; }

  Read the article

• Random <hr/> that I don't know how to get rid of!

  - by Anonymous the Great

  There is no extra <hr/> on the page, and I cannot figure out why it is there. Do you see anything that is causing it? I am sorry for posting the whole thing, I do not know exactly where it starts. The <hr/> is at the top somewhere, but I'm not sure where. <?php print "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <font face="Segoe UI"> <body> <script type="text/javascript"> /*function detectBrowser() { var browser = navigator.appCodeName; if (browser!="Mozilla") {document.location.href="noaccess.php"; alert(browser);} } detectBrowser(); */ </script> <title>Second</title> <link rel="stylesheet" type="text/css" href="allCSS.css"/> <center> <!--<img align="right" src="logo.png" id="headerimg"/>--> <input type="image" id="headerimg" src="logo.png" align="right" onclick="toggleh();"/> <ul align="center" class=""> <div class="menu"> <ul class="nav"> <li><strong><a href="index.php">Home</a></strong> <ul> <li><a href="games.php">Games</a></li> <li><a href="browse.php">Browse</a></li> <li><a href="catalogue.php">Catalogue</a></li> <li><a href="forum.php">Forums</a></li> </ul> </li> <li><strong><a href="games">Games</a></strong> <ul> <li><a href="profile.php">Profile</a></li> <li><a href="settings.php">Settings</a></li> </ul> </li> <li><strong><a href="contact">Contact</a></strong> <ul> <li><a href="contact/index.php">Phone</a></li> <li><a href="contact/index.php">Email</a></li> <li><a href="contact/index.php">Mail</a></li> </ul> </li> </div> </center> </body> <center> <?php echo '<div id="msg">'; include 'message.txt'; echo '</div>'; //include 'hits.txt'; ?> <p> <?php function ChangeText($txt) { $txt='<script type="text/javascript">get();</script>'; echo '<script type="text/javascript">change();</script>'; $filename="message.txt"; $fp=fopen($filename,'w'); fwrite($fp,'<h4 class="hmsg">' . $txt . '</h4>'); fclose($fp); } ?> <script type="text/javascript"> <!-- window.onload=enter; function enter() { //alert("Welcome!"); //hideCMD(); } function get(text) { text=document.getElementById("ta").value; return text; } function toggleh() { var element=document.getElementById("headerimg"); if (element.style.display!="none"){element.style.display="none";} else {element.style.display="";} } function change(text) { text=document.getElementById("ta").value; if (text=="toggle") {toggleh(); return;} if (text=="home") {document.location.href="index.html"; return;} if (text.match("goto:*")) {var loc=text.substring(5,text.length); document.location.href=loc; return;} if (text.match("ban:*")) {var loc=text.substring(4,text.length); document.location.href=loc; return;} document.getElementById("msg").innerHTML='<h2 class="hmsg">'+text+'</h2>'; } function hideCMD() { document.getElementById("cmd").style.display="none"; } //--> </script> </head> <body> <div id="msg"> </div> <p id="cmd"> <hr class="cmdbar"></hr> <input class="panela" type="text" value="" id="ta" maxLength="20"/> <input class="panelb" type="image" src="submit.png" alt="Submit" onclick='change();'/> </p> </center> <p class="hide">HELLO!</p> </font> </html>

  Read the article

• Changing the action of a form with javascript/jquery

  - by Micah

  I'm having an issue that is driving me crazy. I'm trying to modify the openid-selector to support facebook. I'm using RPXNow as my provider so it requires the form to be submitted to a different url than the standard. For example. RpxNow requires me to setup my form like this: <form action="https://wikipediamaze.rpxnow.com/openid/start?token_url=..."> This works for every provider except for facebook and myspace. Those require the form to be posted to a different url like this: <form action="https://wikipediamaze.rpxnow.com/facebook/start?token_url=..."> and <form action="https://wikipediamaze.rpxnow.com/myspace/start?token_url=..."> The open id selector has a bunch of buttons on the form each representing the openid providers. What I'm trying to do is detect when the facebook or myspace button is clicked and changed the action on the form before submitting. However it's not working. Here is my code. I've tried several variations all with the same "not supported" exception $("#openid_form").attr("action", form_url) document.forms[0].action = form_url Any suggestions? Update Here are more details on the code. I've ommitted some for brevity. The only thing i've done is added the facebook section to the "providers_large" object (which successfully adds the logo to the website), and instead of supply a url identifying the user, I'm creating a property called "form_url" which is what I want to set the action of my form to. If you look at the section title "Provider image click" you'll see where I'm checking for the presence of the property "form_url" and using jquery to change the action and submit the form. However when I step through the javascript in debug mode it tells me it's an ivalid operation. var providers_large = { google: { name: 'Google', url: 'https://www.google.com/accounts/o8/id' }, facebook: { name: 'Facebook', form_url: 'http://wikipediamaze.rpxnow.com/facebook/start?token_url=http://www.wikipediamaze.com/Accounts/Logon' }, }; var providers_small = { myopenid: { name: 'MyOpenID', label: 'Enter your MyOpenID username.', url: 'http://{username}.myopenid.com/' }, livejournal: { name: 'LiveJournal', label: 'Enter your Livejournal username.', url: 'http://{username}.livejournal.com/' }, flickr: { name: 'Flickr', label: 'Enter your Flickr username.', url: 'http://flickr.com/{username}/' }, technorati: { name: 'Technorati', label: 'Enter your Technorati username.', url: 'http://technorati.com/people/technorati/{username}/' }, wordpress: { name: 'Wordpress', label: 'Enter your Wordpress.com username.', url: 'http://{username}.wordpress.com/' }, blogger: { name: 'Blogger', label: 'Your Blogger account', url: 'http://{username}.blogspot.com/' }, verisign: { name: 'Verisign', label: 'Your Verisign username', url: 'http://{username}.pip.verisignlabs.com/' }, vidoop: { name: 'Vidoop', label: 'Your Vidoop username', url: 'http://{username}.myvidoop.com/' }, verisign: { name: 'Verisign', label: 'Your Verisign username', url: 'http://{username}.pip.verisignlabs.com/' }, claimid: { name: 'ClaimID', label: 'Your ClaimID username', url: 'http://claimid.com/{username}' } }; var providers = $.extend({}, providers_large, providers_small); var openid = { cookie_expires: 6*30, // 6 months. cookie_name: 'openid_provider', cookie_path: '/', img_path: 'images/', input_id: null, provider_url: null, init: function(input_id) { var openid_btns = $('#openid_btns'); this.input_id = input_id; $('#openid_choice').show(); $('#openid_input_area').empty(); // add box for each provider for (id in providers_large) { openid_btns.append(this.getBoxHTML(providers_large[id], 'large', '.gif')); } if (providers_small) { openid_btns.append('<br/>'); for (id in providers_small) { openid_btns.append(this.getBoxHTML(providers_small[id], 'small', '.ico')); } } $('#openid_form').submit(this.submit); var box_id = this.readCookie(); if (box_id) { this.signin(box_id, true); } }, getBoxHTML: function(provider, box_size, image_ext) { var box_id = provider["name"].toLowerCase(); return '<a title="'+provider["name"]+'" href="javascript: openid.signin(\''+ box_id +'\');"' + ' style="background: #FFF url(' + this.img_path + box_id + image_ext+') no-repeat center center" ' + 'class="' + box_id + ' openid_' + box_size + '_btn"></a>'; }, /* Provider image click */ signin: function(box_id, onload) { var provider = providers[box_id]; if (! provider) { return; } this.highlight(box_id); this.setCookie(box_id); // prompt user for input? if (provider['label']) { this.useInputBox(provider); this.provider_url = provider['url']; } else if(provider['form_url']) { $('#openid_form').attr("action", provider['form_url']); $('#openid_form').submit(); } else { this.setOpenIdUrl(provider['url']); if (! onload) { $('#openid_form').submit(); } } }, /* Sign-in button click */ submit: function() { var url = openid.provider_url; if (url) { url = url.replace('{username}', $('#openid_username').val()); openid.setOpenIdUrl(url); } return true; }, setOpenIdUrl: function (url) { var hidden = $('#'+this.input_id); if (hidden.length > 0) { hidden.value = url; } else { $('#openid_form').append('<input type="hidden" id="' + this.input_id + '" name="' + this.input_id + '" value="'+url+'"/>'); } }, highlight: function (box_id) { // remove previous highlight. var highlight = $('#openid_highlight'); if (highlight) { highlight.replaceWith($('#openid_highlight a')[0]); } // add new highlight. $('.'+box_id).wrap('<div id="openid_highlight"></div>'); }, setCookie: function (value) { var date = new Date(); date.setTime(date.getTime()+(this.cookie_expires*24*60*60*1000)); var expires = "; expires="+date.toGMTString(); document.cookie = this.cookie_name+"="+value+expires+"; path=" + this.cookie_path; }, readCookie: function () { var nameEQ = this.cookie_name + "="; var ca = document.cookie.split(';'); for(var i=0;i < ca.length;i++) { var c = ca[i]; while (c.charAt(0)==' ') c = c.substring(1,c.length); if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length); } return null; }, useInputBox: function (provider) { var input_area = $('#openid_input_area'); var html = ''; var id = 'openid_username'; var value = ''; var label = provider['label']; var style = ''; if (label) { html = '<p>' + label + '</p>'; } if (provider['name'] == 'OpenID') { id = this.input_id; value = 'http://'; style = 'background:#FFF url('+this.img_path+'openid-inputicon.gif) no-repeat scroll 0 50%; padding-left:18px;'; } html += '<input id="'+id+'" type="text" style="'+style+'" name="'+id+'" value="'+value+'" />' + '<input id="openid_submit" type="submit" value="Sign-In"/>'; input_area.empty(); input_area.append(html); $('#'+id).focus(); } };

  Read the article

• how to display bitmaps in listview?

  - by mary

  hi i want to show images downloaded in listview.images downloaded with function DownloadImage and are as bitmap.how to show in listview . name photoes with book_id in tabel book are aqual.i want each book has its own image. i can show in listview book_name and book_price just the problem with image book please help me class: package bookstore.category; import java.io.IOException; import java.io.InputStream; import java.net.HttpURLConnection; import java.net.URL; import java.net.URLConnection; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import org.apache.http.NameValuePair; import org.json.JSONArray; import org.json.JSONException; import org.json.JSONObject; import android.graphics.Bitmap; import android.graphics.BitmapFactory; import android.graphics.Typeface; import android.os.AsyncTask; import android.os.Bundle; import android.util.Log; import android.widget.ImageView; import android.widget.ListAdapter; import android.widget.ListView; import android.widget.SimpleAdapter; import bookstore.pack.JSONParser; import bookstore.pack.R; import android.app.Activity; import android.app.ProgressDialog; public class Computer extends Activity { Bitmap bm = null; // progress dialog private ProgressDialog pDialog; // Creating JSON Parser object JSONParser jParser = new JSONParser(); ArrayList<HashMap<String, String>> computerBookList; private static String url_books = "http://10.0.2.2/project/computer.php"; // JSON Node names private static final String TAG_SUCCESS = "success"; private static final String TAG_BOOK = "book"; private static final String TAG_BOOK_NAME = "book_name"; private static final String TAG_BOOK_PRICE = "book_price"; private static final String TAG_BOOK_ID = "book_id"; private static final String TAG_MESSAGE = "massage"; // category JSONArray JSONArray book = null; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.category); Typeface font1 = Typeface.createFromAsset(getAssets(), "font/bnazanin.TTF"); // Hashmap for ListView computerBookList = new ArrayList<HashMap<String, String>>(); new LoadBook().execute(); } class LoadBook extends AsyncTask<String, String, String> { /** * Before starting background thread Show Progress Dialog * */ @Override protected void onPreExecute() { super.onPreExecute(); pDialog = new ProgressDialog(Computer.this); pDialog.setMessage("Please wait..."); pDialog.setIndeterminate(false); pDialog.setCancelable(false); pDialog.show(); } protected String doInBackground(String... args) { // Building Parameters List<NameValuePair> params = new ArrayList<NameValuePair>(); // getting JSON string from URL JSONObject json = jParser.makeHttpRequest(url_books, "GET", params); // Check your log cat for JSON reponse Log.d("book:", json.toString()); try { // Checking for SUCCESS TAG int success = json.getInt(TAG_SUCCESS); if (success == 1) { DownloadImage("10.0.2.2/project/images/100.png"); DownloadImage("10.0.2.2/project/images/101.png"); DownloadImage("10.0.2.2/project/images/102.png"); DownloadImage("10.0.2.2/project/images/103.png"); DownloadImage("10.0.2.2/project/images/104.png"); DownloadImage("10.0.2.2/project/images/105.png"); DownloadImage("10.0.2.2/project/images/106.png"); DownloadImage("10.0.2.2/project/images/107.png"); DownloadImage("10.0.2.2/project/images/108.png"); DownloadImage("10.0.2.2/project/images/109.png"); DownloadImage("10.0.2.2/project/images/110.png"); // books found book = json.getJSONArray(TAG_BOOK); for (int i = 0; i < book.length(); i++) { JSONObject c = book.getJSONObject(i); // Storing each json item in variable String book_name = c.getString(TAG_BOOK_NAME); String book_price = c.getString(TAG_BOOK_PRICE); String book_id = c.getString(TAG_BOOK_ID); // creating new HashMap HashMap<String, String> map = new HashMap<String, String>(); // adding each child node to HashMap key => value map.put(TAG_BOOK_NAME, book_name); map.put(TAG_BOOK_PRICE, book_price); // map.put(TAG_AUTHOR_NAME, author_name); // adding HashList to ArrayList computerBookList.add(map); } return json.getString(TAG_MESSAGE); } else { System.out.println("no book found"); } } catch (JSONException e) { e.printStackTrace(); } return null; } /** * After completing background task Dismiss the progress dialog * **/ protected void onPostExecute(String file_url) { pDialog.dismiss(); // updating UI from Background Thread runOnUiThread(new Runnable() { ListView view1 = (ListView) findViewById(R.id.list_view); public void run() { ImageView iv = (ImageView) findViewById(R.id.list_image); // bm=BitmapFactory.decodeResource(getResources(), resId); //bm=BitmapFactory.decodeResource(null,R.id.list_image); // iv.setImageBitmap(bm); /* * */ /** * Updating parsed JSON data into ListView * */ ListAdapter adapter = new SimpleAdapter(Computer.this, computerBookList, R.layout.search_item, new String[] { TAG_BOOK_NAME, TAG_BOOK_PRICE }, new int[] { R.id.book_name, R.id.book_price }); view1.setAdapter(adapter); } }); } } private Bitmap DownloadImage(String URL) { Bitmap bitmap = null; InputStream in = null; try { in = OpenHttpConnection(URL); bitmap = BitmapFactory.decodeStream(in); in.close(); } catch (IOException e1) { e1.printStackTrace(); } return bitmap; } private InputStream OpenHttpConnection(String urlString) throws IOException { InputStream in = null; int response = -1; URL url = new URL(urlString); URLConnection conn = url.openConnection(); if (!(conn instanceof HttpURLConnection)) throw new IOException("Not an HTTP connection"); try { HttpURLConnection httpConn = (HttpURLConnection) conn; httpConn.setAllowUserInteraction(false); httpConn.setInstanceFollowRedirects(true); httpConn.setRequestMethod("GET"); httpConn.connect(); response = httpConn.getResponseCode(); if (response == HttpURLConnection.HTTP_OK) { in = httpConn.getInputStream(); } } catch (Exception ex) { throw new IOException("Error connecting"); } return in; } }

  Read the article

• Little more help with writing a o buffer with libjpeg

  - by Richard Knop

  So I have managed to find another question discussing how to use the libjpeg to compress an image to jpeg. I have found this code which is supposed to work: Compressing IplImage to JPEG using libjpeg in OpenCV Here's the code (it compiles ok): /* This a custom destination manager for jpeglib that enables the use of memory to memory compression. See IJG documentation for details. */ typedef struct { struct jpeg_destination_mgr pub; /* base class */ JOCTET* buffer; /* buffer start address */ int bufsize; /* size of buffer */ size_t datasize; /* final size of compressed data */ int* outsize; /* user pointer to datasize */ int errcount; /* counts up write errors due to buffer overruns */ } memory_destination_mgr; typedef memory_destination_mgr* mem_dest_ptr; /* ------------------------------------------------------------- */ /* MEMORY DESTINATION INTERFACE METHODS */ /* ------------------------------------------------------------- */ /* This function is called by the library before any data gets written */ METHODDEF(void) init_destination (j_compress_ptr cinfo) { mem_dest_ptr dest = (mem_dest_ptr)cinfo->dest; dest->pub.next_output_byte = dest->buffer; /* set destination buffer */ dest->pub.free_in_buffer = dest->bufsize; /* input buffer size */ dest->datasize = 0; /* reset output size */ dest->errcount = 0; /* reset error count */ } /* This function is called by the library if the buffer fills up I just reset destination pointer and buffer size here. Note that this behavior, while preventing seg faults will lead to invalid output streams as data is over- written. */ METHODDEF(boolean) empty_output_buffer (j_compress_ptr cinfo) { mem_dest_ptr dest = (mem_dest_ptr)cinfo->dest; dest->pub.next_output_byte = dest->buffer; dest->pub.free_in_buffer = dest->bufsize; ++dest->errcount; /* need to increase error count */ return TRUE; } /* Usually the library wants to flush output here. I will calculate output buffer size here. Note that results become incorrect, once empty_output_buffer was called. This situation is notified by errcount. */ METHODDEF(void) term_destination (j_compress_ptr cinfo) { mem_dest_ptr dest = (mem_dest_ptr)cinfo->dest; dest->datasize = dest->bufsize - dest->pub.free_in_buffer; if (dest->outsize) *dest->outsize += (int)dest->datasize; } /* Override the default destination manager initialization provided by jpeglib. Since we want to use memory-to-memory compression, we need to use our own destination manager. */ GLOBAL(void) jpeg_memory_dest (j_compress_ptr cinfo, JOCTET* buffer, int bufsize, int* outsize) { mem_dest_ptr dest; /* first call for this instance - need to setup */ if (cinfo->dest == 0) { cinfo->dest = (struct jpeg_destination_mgr *) (*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_PERMANENT, sizeof (memory_destination_mgr)); } dest = (mem_dest_ptr) cinfo->dest; dest->bufsize = bufsize; dest->buffer = buffer; dest->outsize = outsize; /* set method callbacks */ dest->pub.init_destination = init_destination; dest->pub.empty_output_buffer = empty_output_buffer; dest->pub.term_destination = term_destination; } /* ------------------------------------------------------------- */ /* MEMORY SOURCE INTERFACE METHODS */ /* ------------------------------------------------------------- */ /* Called before data is read */ METHODDEF(void) init_source (j_decompress_ptr dinfo) { /* nothing to do here, really. I mean. I'm not lazy or something, but... we're actually through here. */ } /* Called if the decoder wants some bytes that we cannot provide... */ METHODDEF(boolean) fill_input_buffer (j_decompress_ptr dinfo) { /* we can't do anything about this. This might happen if the provided buffer is either invalid with regards to its content or just a to small bufsize has been given. */ /* fail. */ return FALSE; } /* From IJG docs: "it's not clear that being smart is worth much trouble" So I save myself some trouble by ignoring this bit. */ METHODDEF(void) skip_input_data (j_decompress_ptr dinfo, INT32 num_bytes) { /* There might be more data to skip than available in buffer. This clearly is an error, so screw this mess. */ if ((size_t)num_bytes > dinfo->src->bytes_in_buffer) { dinfo->src->next_input_byte = 0; /* no buffer byte */ dinfo->src->bytes_in_buffer = 0; /* no input left */ } else { dinfo->src->next_input_byte += num_bytes; dinfo->src->bytes_in_buffer -= num_bytes; } } /* Finished with decompression */ METHODDEF(void) term_source (j_decompress_ptr dinfo) { /* Again. Absolute laziness. Nothing to do here. Boring. */ } GLOBAL(void) jpeg_memory_src (j_decompress_ptr dinfo, unsigned char* buffer, size_t size) { struct jpeg_source_mgr* src; /* first call for this instance - need to setup */ if (dinfo->src == 0) { dinfo->src = (struct jpeg_source_mgr *) (*dinfo->mem->alloc_small) ((j_common_ptr) dinfo, JPOOL_PERMANENT, sizeof (struct jpeg_source_mgr)); } src = dinfo->src; src->next_input_byte = buffer; src->bytes_in_buffer = size; src->init_source = init_source; src->fill_input_buffer = fill_input_buffer; src->skip_input_data = skip_input_data; src->term_source = term_source; /* IJG recommend to use their function - as I don't know **** about how to do better, I follow this recommendation */ src->resync_to_restart = jpeg_resync_to_restart; } All I need to do is replace the jpeg_stdio_dest in my program with this code: int numBytes = 0; //size of jpeg after compression char * storage = new char[150000]; //storage buffer JOCTET *jpgbuff = (JOCTET*)storage; //JOCTET pointer to buffer jpeg_memory_dest(&cinfo,jpgbuff,150000,&numBytes); So I need some help to incorporate the above four lines into this function which now works but writes to a file instead of a memory: int write_jpeg_file( char *filename ) { struct jpeg_compress_struct cinfo; struct jpeg_error_mgr jerr; /* this is a pointer to one row of image data */ JSAMPROW row_pointer[1]; FILE *outfile = fopen( filename, "wb" ); if ( !outfile ) { printf("Error opening output jpeg file %s\n!", filename ); return -1; } cinfo.err = jpeg_std_error( &jerr ); jpeg_create_compress(&cinfo); jpeg_stdio_dest(&cinfo, outfile); /* Setting the parameters of the output file here */ cinfo.image_width = width; cinfo.image_height = height; cinfo.input_components = bytes_per_pixel; cinfo.in_color_space = color_space; /* default compression parameters, we shouldn't be worried about these */ jpeg_set_defaults( &cinfo ); /* Now do the compression .. */ jpeg_start_compress( &cinfo, TRUE ); /* like reading a file, this time write one row at a time */ while( cinfo.next_scanline < cinfo.image_height ) { row_pointer[0] = &raw_image[ cinfo.next_scanline * cinfo.image_width * cinfo.input_components]; jpeg_write_scanlines( &cinfo, row_pointer, 1 ); } /* similar to read file, clean up after we're done compressing */ jpeg_finish_compress( &cinfo ); jpeg_destroy_compress( &cinfo ); fclose( outfile ); /* success code is 1! */ return 1; } Anybody could help me out a bit with it? I've tried meddling with it but I am not sure how to do it. I I just replace this line: jpeg_stdio_dest(&cinfo, outfile); It's not going to work. There is more stuff that needs to be changed a bit in that function and I am being a little lost from all those pointers and memory management.

  Read the article

• how to properly transfer user input from index to invoice?

  - by Romel

  I got a dillema, I'm trying to find a solution for my code. How do I make it so that when the user inputs a given quantity in the text box from the index.php it will transfer that input quantity to the invoice.php. I've tried doing the post method but it seems like it's not working :/ As always, any help or suggestions will be greatly appreciated! I hope it's something simple:( Here's my code: index.php <html> <style> body{ background-image: url('URL HERE'); font-family: "Helvetica"; font-size:15px; } h1{ color:black; text-align:center; } p{ font-size:15px; } </style> <h1> STORE TITLE HERE </h1> <body> <form action="login.php" method="post"> <?php //Include products info.inc (Which holds all our product arrays and info) //Credit: Tracy & Mark (THank you!) include 'products_info.inc'; /*The following code centers my table on the page, makes the table background white, makes the table 50% of the browser window, gives it a border of 1 px, gives a padding of 2 px between the cell border and content, and gives 1 px of spacing between cells. */ echo "<table align=center bgcolor='FFFFFF' width=50% border=1 cellpadding=1 cellspacing=2>"; //Credit: Tracy & Mark (THank you!) echo '<th>Product</th> <th>Description</th> <th>Price</th> <th>Quantity</th>'; //The following code loops through the whole table body and then prints each row. for($i=0; $i<count($allfood); $i++) { //Credit: Tracy & Mark (THank you!) echo "<tr align=center>"; echo "<td>{$allfood[$i]['Product']}</td>"; echo "<td>{$allfood[$i]['Description']}</td>"; echo "<td>{$allfood[$i]['Price']}</td>"; echo "<td>{$allfood[$i]['Quantity']}</td>"; echo "</tr>"; } //This code ends the table. echo "</table>"; echo "<br>"; ?> <br><center><input type='submit' name='purchase' value='Purchase'></center> </form> </body> </html> And here's my invoice.php <html> <style> body{ background-image: url('URL HERE'); font-family: "Helvetica"; font-size:15px; } h1{ color:black; text-align:center; } p{ font-size:15px; } </style> <h1> Invoice </h1> </html> <?php //Include products info.inc (Which holds all our product arrays and info) //Credit: Tracy & Mark (Thank you!) include 'products_info.inc'; //Display the invoice & 'WELCOME USER. THANK YOU FOR USING THIS DAMN THING msg' /*The following code centers my invoice table on the page, makes the table background white, makes the table 50% of the browser window, gives it a border of 1 px, gives a padding of 2 px between the cell border and content, and gives 1 px of spacing between cells. */ echo "<table align=center bgcolor='FFFFFF' width=50% border=1 cellpadding=1cellspacing=2>"; echo "<tr>"; echo "<td align=center><b>Product</b></td>"; echo "<td align=center><b>Quantity</b></td>"; echo "<td align=center><b>Price</></td>"; echo "<td align=center><b>Extended Price</b></td>"; echo "</tr>"; for($i=0; $i<count($allfood); $i++) { //Credit: Tracy & Mark (Thank you!) $qty= @$_POST['Quantity']['$i']; // This calculates the price if the user orders more than 1 item. $extendedprice = $qty*$allfood[$i]['Price']; echo "<tr>"; echo "<td align=center>{$allfood[$i]['Product']}</td>"; echo "<td align=center>$extendedprice</td>"; echo "<td align=center>{$allfood[$i]['Price']}</td>"; echo "</tr>"; } // The goal here was to make it so that if the user selected a certain quantity from index.php, it would carry over and display on the invoice.php if ($qty = 0) { echo "please choose 1"; } elseif ($qty > 0) { echo $qty; } /*echo "<tr>"; echo "<td align=center>Subtotal</b></td>"; echo "<td align=center></td>"; echo "<td align=center></td>"; echo "<tr>"; echo "<td align=center>Tax at 5.75%</td>"; echo "<td align=center></td>"; echo "<td align=center></td>"; echo "<tr>"; echo "<td align=center><b>Grand total</b></td>"; echo "<td align=center></td>"; echo "<td align=center></td>"; */ echo "</table>"; ?> <br> <center> <form action="index.php" method="post"> <input type="submit" name="home" value="Back to homepage"> </form> </center>

  Read the article

• SINGLE SIGN ON SECURITY THREAT! FACEBOOK access_token broadcast in the open/clear

  - by MOKANA

  Subsequent to my posting there was a remark made that this was not really a question but I thought I did indeed postulate one. So that there is no ambiquity here is the question with a lead in: Since there is no data sent from Facebook during the Canvas Load process that is not at some point divulged, including the access_token, session and other data that could uniquely identify a user, does any one see any other way other than adding one more layer, i.e., a password, sent over the wire via HTTPS along with the access_toekn, that will insure unique untampered with security by the user? Using Wireshark I captured the local broadcast while loading my Canvas Application page. I was hugely surprised to see the access_token broadcast in the open, viewable for any one to see. This access_token is appended to any https call to the Facebook OpenGraph API. Using facebook as a single click log on has now raised huge concerns for me. It is stored in a session object in memory and the cookie is cleared upon app termination and after reviewing the FB.Init calls I saw a lot of HTTPS calls so I assumed the access_token was always encrypted. But last night I saw in the status bar a call from what was simply an http call that included the App ID so I felt I should sniff the Application Canvas load sequence. Today I did sniff the broadcast and in the attached image you can see that there are http calls with the access_token being broadcast in the open and clear for anyone to gain access to. Am I missing something, is what I am seeing and my interpretation really correct. If any one can sniff and get the access_token they can theorically make calls to the Graph API via https, even though the call back would still need to be the site established in Facebook's application set up. But what is truly a security threat is anyone using the access_token for access to their own site. I do not see the value of a single sign on via Facebook if the only thing that was established as secure was the access_token - becuase for what I can see it clearly is not secure. Access tokens that never have an expire date do not change. Access_tokens are different for every user, to access to another site could be held tight to just a single user, but compromising even a single user's data is unacceptable. http://www.creatingstory.com/images/InTheOpen.png Went back and did more research on this: FINDINGS: Went back an re ran the canvas application to verify that it was not any of my code that was not broadcasting. In this call: HTTP GET /connect.php/en_US/js/CacheData HTTP/1.1 The USER ID is clearly visible in the cookie. So USER_ID's are fully visible, but they are already. Anyone can go to pretty much any ones page and hover over the image and see the USER ID. So no big threat. APP_ID are also easily obtainable - but . . . http://www.creatingstory.com/images/InTheOpen2.png The above file clearly shows the FULL ACCESS TOKEN clearly in the OPEN via a Facebook initiated call. Am I wrong. TELL ME I AM WRONG because I want to be wrong about this. I have since reset my app secret so I am showing the real sniff of the Canvas Page being loaded. Additional data 02/20/2011: @ifaour - I appreciate the time you took to compile your response. I am pretty familiar with the OAuth process and have a pretty solid understanding of the signed_request unpacking and utilization of the access_token. I perform a substantial amount of my processing on the server and my Facebook server side flows are all complete and function without any flaw that I know of. The application secret is secure and never passed to the front end application and is also changed regularly. I am being as fanatical about security as I can be, knowing there is so much I don’t know that could come back and bite me. Two huge access_token issues: The issues concern the possible utilization of the access_token from the USER AGENT (browser). During the FB.INIT() process of the Facebook JavaScript SDK, a cookie is created as well as an object in memory called a session object. This object, along with the cookie contain the access_token, session, a secret, and uid and status of the connection. The session object is structured such that is supports both the new OAuth and the legacy flows. With OAuth, the access_token and status are pretty much al that is used in the session object. The first issue is that the access_token is used to make HTTPS calls to the GRAPH API. If you had the access_token, you could do this from any browser: https://graph.facebook.com/220439?access_token=... and it will return a ton of information about the user. So any one with the access token can gain access to a Facebook account. You can also make additional calls to any info the user has granted access to the application tied to the access_token. At first I thought that a call into the GRAPH had to have a Callback to the URL established in the App Setup, but I tested it as mentioned below and it will return info back right into the browser. Adding that callback feature would be a good idea I think, tightens things up a bit. The second issue is utilization of some unique private secured data that identifies the user to the third party data base, i.e., like in my case, I would use a single sign on to populate user information into my database using this unique secured data item (i.e., access_token which contains the APP ID, the USER ID, and a hashed with secret sequence). None of this is a problem on the server side. You get a signed_request, you unpack it with secret, make HTTPS calls, get HTTPS responses back. When a user has information entered via the USER AGENT(browser) that must be stored via a POST, this unique secured data element would be sent via HTTPS such that they are validated prior to data base insertion. However, If there is NO secured piece of unique data that is supplied via the single sign on process, then there is no way to guarantee unauthorized access. The access_token is the one piece of data that is utilized by Facebook to make the HTTPS calls into the GRAPH API. it is considered unique in regards to BOTH the USER and the APPLICATION and is initially secure via the signed_request packaging. If however, it is subsequently transmitted in the clear and if I can sniff the wire and obtain the access_token, then I can pretend to be the application and gain the information they have authorized the application to see. I tried the above example from a Safari and IE browser and it returned all of my information to me in the browser. In conclusion, the access_token is part of the signed_request and that is how the application initially obtains it. After OAuth authentication and authorization, i.e., the USER has logged into Facebook and then runs your app, the access_token is stored as mentioned above and I have sniffed it such that I see it stored in a Cookie that is transmitted over the wire, resulting in there being NO UNIQUE SECURED IDENTIFIABLE piece of information that can be used to support interaction with the database, or in other words, unless there were one more piece of secure data sent along with the access_token to my database, i.e., a password, I would not be able to discern if it is a legitimate call. Luckily I utilized secure AJAX via POST and the call has to come from the same domain, but I am sure there is a way to hijack that. I am totally open to any ideas on this topic on how to uniquely identify my USERS other than adding another layer (password) via this single sign on process or if someone would just share with me that I read and analyzed my data incorrectly and that the access_token is always secure over the wire. Mahalo nui loa in advance.

  Read the article

• Find Label Control in Repeater Asp.net

  - by user2769165

  I am using repeater and I want to find the label control in my repeater. here is my code <asp:Repeater ID="friendRepeater" runat="server"> <table cellpadding="0" cellspacing="0"> <ItemTemplate> <tr style=" width:700px; height:120px;"> <td> <div style=" padding-left:180px;"> <div id="leftHandPost" style="float:left; width:120px; height:120px; border: medium solid #cdaf95; padding-top:5px;"> <div id="childLeft" style=" padding-left:5px;"> <div id="photo" style=" border: thin solid black; width:100px;height:100px;"> <asp:Image id="photoImage" runat="server" ImageUrl='<%# String.Concat("Images/", Eval("Picture")) %>' Width="100px" Height="100px" /> </div> </div><!--childLeft--> </div><!--leftHandPost--> </div> </td> <td> <div id="rightHandPost" style=" float:right; padding-right:260px;"> <div id="childRight" style="width:400px; height:120px; border: medium solid #cdaf95; padding-top:5px; padding-left:10px;"> <strong><asp:Label id="lblName" runat="server"><%# Eval("PersonName") %></asp:Label></strong><br /> <div style=" float:right; padding-right:10px;"><asp:Button runat="server" Text="Add" onClick="add" /></div><br /> <asp:Label id="lblID" runat="server"><%# Eval("PersonID") %></asp:Label><br /> <asp:Label id="lblEmail" runat="server"><%# Eval("Email") %></asp:Label> </div><!--childRight--> </div><!--rightHandPost--> </td> </tr> </ItemTemplate> <AlternatingItemTemplate> <tr style=" width:700px; height:120px;"> <td> <div style=" padding-left:180px;"> <div id="Div1" style="float:left; width:120px; height:120px; border: medium solid #cdaf95; padding-top:5px;"> <div id="Div2" style="padding-left:5px;"> <div id="Div3" style=" border: thin solid black; width:100px;height:100px;"> <asp:Image id="photoImage" runat="server" ImageUrl='<%# String.Concat("Images/", Eval("Picture")) %>' Width="100px" Height="100px" /> </div> </div><!--childLeft--> </div><!--leftHandPost--> </div> </td> <td> <div id="Div4" style=" float:right; padding-right:260px;"> <div id="Div5" style="width:400px; height:120px; border: medium solid #cdaf95; padding-top:5px; padding-left:10px;"> <strong><asp:Label id="lblName" runat="server"><%# Eval("PersonName")%></asp:Label></strong> <div style=" float:right; padding-right:10px;"><asp:Button id="btnAdd" runat="server" Text="Add" onClick="add"></asp:Button></div><br /> <br /> <asp:Label id="lblID" runat="server"><%# Eval("PersonID") %></asp:Label><br /> <asp:Label id="lblEmail" runat="server"><%# Eval("Email") %></asp:Label> </div><!--childRight--> </div><!--rightHandPost--> </td> </tr> </AlternatingItemTemplate> <FooterTemplate> </table> </FooterTemplate> </asp:Repeater> Here is the code behind for the add button. protected void add(object sender, EventArgs e) { DateTime date = DateTime.Now; System.Web.UI.WebControls.Label la = (System.Web.UI.WebControls.Label)friendRepeater.FindControl("PersonID"); String id = la.Text; try { MySqlConnection connStr = new MySqlConnection(); connStr.ConnectionString = "Server = localhost; Database = healthlivin; Uid = root; Pwd = khei92;"; String insertFriend = "INSERT INTO contactFriend(friendID, PersonID, PersonIDB, date) values (@id, @personIDA, @personIDB, @date)"; MySqlCommand cmdInsertStaff = new MySqlCommand(insertFriend, connStr); cmdInsertStaff.Parameters.AddWithValue("@id", "F000004"); cmdInsertStaff.Parameters.AddWithValue("@personIDA", "M000001"); cmdInsertStaff.Parameters.AddWithValue("@personIDB", id); cmdInsertStaff.Parameters.AddWithValue("@date", date); connStr.Open(); cmdInsertStaff.ExecuteNonQuery(); MessageBox.Show("inserted"); connStr.Close(); } catch (Exception ex) { MessageBox.Show(ex.ToString()); } } I have get the error of Object reference not set to an instance of an object. I think is because there are no value in the Label. The Find Control are not working. May I know how can fix this problem? Thank you very much

  Read the article

< Previous Page | 697 698 699 700 701 702 703 704 705 706 707 708  | Next Page >