Search Results

Search found 719 results on 29 pages for 'steven klein'.

Page 8/29 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • SQL Server view: how to add missing rows using interpolation

    - by Christopher Klein
    Running into a problem. I have a table defined to hold the values of the daily treasury yield curve. It's a pretty simple table used for historical lookup of values. There are notibly some gaps in the table on year 4, 6, 8, 9, 11-19 and 21-29. The formula is pretty simple in that to calculate year 4 it's 0.5*Year3Value + 0.5*Year5Value. The problem is how can I write a VIEW that can return the missing years? I could probably do it in a stored procedure but the end result needs to be a view.

    Read the article

  • WPF TreeView: How to style selected items with rounded corners like in Explorer

    - by Helge Klein
    The selected item in a WPF TreeView has a dark blue background with "sharp" corners. That looks a bit dated today: I would like to change the background to look like in Explorer of Windows 7 (with/without focus): What I tried so far does not remove the original dark blue background but paints a rounded border on top of it so that you see the dark blue color at the edges and at the left side - ugly. Interestingly, when my version does not have the focus, it looks pretty OK: I would like to refrain from redefining the control template as shown here or here. I want to set the minimum required properties to make the selected item look like in Explorer. Alternative: I would also be happy to have the focused selected item look like mine does now when it does not have the focus. When losing the focus, the color should change from blue to grey. Here is my code: <TreeView x:Name="TreeView" ItemsSource="{Binding TopLevelNodes}" VirtualizingStackPanel.IsVirtualizing="True" VirtualizingStackPanel.VirtualizationMode="Recycling"> <TreeView.ItemContainerStyle> <Style TargetType="{x:Type TreeViewItem}"> <Setter Property="IsExpanded" Value="{Binding IsExpanded, Mode=TwoWay}" /> <Setter Property="IsSelected" Value="{Binding IsSelected, Mode=TwoWay}" /> <Style.Triggers> <Trigger Property="IsSelected" Value="True"> <Setter Property="BorderBrush" Value="#FF7DA2CE" /> <Setter Property="Background" Value="#FFCCE2FC" /> </Trigger> </Style.Triggers> </Style> </TreeView.ItemContainerStyle> <TreeView.Resources> <HierarchicalDataTemplate DataType="{x:Type viewmodels:ObjectBaseViewModel}" ItemsSource="{Binding Children}"> <Border Name="ItemBorder" CornerRadius="2" Background="{Binding Background, RelativeSource={RelativeSource AncestorType=TreeViewItem}}" BorderBrush="{Binding BorderBrush, RelativeSource={RelativeSource AncestorType=TreeViewItem}}" BorderThickness="1"> <StackPanel Orientation="Horizontal" Margin="2"> <Image Name="icon" Source="/ExplorerTreeView/Images/folder.png"/> <TextBlock Text="{Binding Name}"/> </StackPanel> </Border> </HierarchicalDataTemplate> </TreeView.Resources> </TreeView>

    Read the article

  • bad performance from too many caught errors?

    - by Christopher Klein
    I have a large project in C# (.NET 2.0) which contains very large chunks of code generated by SubSonic. Is a try-catch like this causing a horrible performance hit? for (int x = 0; x < identifiers.Count; x++) {decimal target = 0; try { target = Convert.ToDecimal(assets[x + identifiers.Count * 2]); // target % } catch { targetEmpty = true; }} What is happening is if the given field that is being passed in is not something that can be converted to a decimal it sets a flag which is then used further along in the record to determine something else. The problem is that the application is literally throwing 10s of thousands of exceptions as I am parsing through 30k records. The process as a whole takes almost 10 minutes for everything and my overall task is to improve that time some and this seemed like easy hanging fruit if its a bad design idea. Any thoughts would be helpful (be kind, its been a miserable day) thanks, Chris

    Read the article

  • how can I validate column names and count in an List array? C#

    - by Christopher Klein
    I'm trying to get this resolved in .NET 2.0 and unfortunately that is not negotiable. I am reading in a csv file with columns of data that 'should' correspond to a List of tickers in IdentA with some modifications. The csv file columsn would read: A_MSFT,A_CSCO,_A_YHOO,B_MSFT,B_CSCO,B_YHOO,C_MSFT,C_CSCO,C_YHOO IdentA[0]="MSFT" IdentA[1]="CSCO" IdentA[2]="YHOO" The AssetsA array is populated with the csv data AssetsA[0]=0 AssetsA[1]=1.1 AssetsA[2]=0 AssetsA[3]=2 AssetsA[4]=3.2 AssetsA[5]=12 AssetsA[6]=54 AssetsA[7]=13 AssetsA[8]=0.2 The C_ columns are optional but if they exist they all need to exist. All of the suffixes must match the values in IdentA. The values in the csv files all need to be decimal. I'm using a group of 3 as an example, there could be any number of tickers in the IdentA array. Its easy enough to do the first part: for (int x = 0; x < IdentA.Count; x++) { decimal.TryParse(AssetsA[x + IdentA.Count], out currentelections); } So that will get me the first set of values for the A_ columns but how can I get through B_ and C_ ? I can't do something as simple as IdentA.Count*2...

    Read the article

  • Check whether Excel file is Password protected

    - by Torben Klein
    I am trying to open an Excel (xlsm) file via VBA. It may or may not be protected with a (known) password. I am using this code: On Error Resume Next Workbooks.Open filename, Password:=user_entered_pw opened = (Err.Number=0) On Error Goto 0 Now, this works fine if the workbook has a password. But if it is unprotected, it can NOT be opened. Apparently this is a bug in XL2007 if there is also workbook structure protection active. (http://vbaadventures.blogspot.com/2009/01/possible-error-in-excel-2007.html). On old XL2003, supplying a password would open both unprotected and password protected file. I tried: Workbooks.Open filename, Password:=user_entered_pw If (Err.Number <> 0) Then workbooks.open filename This works for unprotected and protected file. However if the user enters a wrong password it runs into the second line and pops up the "enter password" prompt, which I do not want. How to get around this?

    Read the article

  • Check wether Excel file is Password protected

    - by Torben Klein
    I am trying to open an Excel (xlsm) file via VBA. It may or may not be protected with a (known) password. I am using this code: On Error Resume Next Workbooks.Open filename, Password:=user_entered_pw opened = (Err.Number=0) On Error Goto 0 Now, this works fine if the workbook has a password. But if it is unprotected, it can NOT be opened. Apparently this is a bug in XL2007 if there is also workbook structure protection active. (http://vbaadventures.blogspot.com/2009/01/possible-error-in-excel-2007.html). On old XL2003, supplying a password would open both unprotected and password protected file. I tried: Workbooks.Open filename, Password:=user_entered_pw If (Err.Number <> 0) Then workbooks.open filename This works for unprotected and protected file. However if the user enters a wrong password it runs into the second line and pops up the "enter password" prompt, which I do not want. How to get around this?

    Read the article

  • How is the ">" operator implemented (on 32 bit integers)?

    - by Ron Klein
    Let's say that the environment is x86. How do compilers compile the "" operator on 32 bit integers. Logically, I mean. Without any knowledge of Assembly. Let's say that the high level language code is: int32 x, y; x = 123; y = 456; bool z; z = x > y; What does the compiler do for evaluating the expression x > y? Does it perform something like (assuming that x and y are positive integers): w = sign_of(x - y); if (w == 0) // expression is 'false' else if (w == 1) // expression is 'true' else // expression is 'false' Is there any reference for such information?

    Read the article

  • How to add multiple files to py2app?

    - by Niek de Klein
    I have a python script which makes a GUI. When a button 'Run' is pressed in this GUI it runs a function from an imported package (which I made) like this from predictmiP import predictor class MiPFrame(wx.Frame): [...] def runmiP(self, event): predictor.runPrediction(self.uploadProtInterestField.GetValue(), self.uploadAllProteinsField.GetValue(), self.uploadPfamTextField.GetValue(), \ self.edit_eval_all.Value, self.edit_eval_small.Value, self.saveOutputField) When I run the GUI directly from python it all works well and the program writes an output file. However, when I make it into an app, the GUI starts but when I press the button nothing happens. predictmiP does get included in build/bdist.macosx-10.3-fat/python2.7-standalone/app/collect/, like all the other imports I'm using (although it is empty, but that's the same as all the other imports I have). How can I get multiple python files, or an imported package to work with py2app?

    Read the article

  • Need help with a LINQ ArgumentOutOfRangeException in C#

    - by Christopher Klein
    Hi there, Hoping this is a nice softball of a question for a friday but I have the following line of code: //System.ArgumentOutOfRangeException generated if there is no matching data currentAnswers = new CurrentAnswersCollection().Where("PARTICIPANT_ID", 10000).Load()[0]; CurrentAnswersCollection is a strongly-typed collection populated by a view going back to my database. The problem of course is that if there is not a corresponding PARTICIPANT_ID = 10000 I get the error message. Is there a better way to write this so that I wouldn't get the error message at all? I just dont know enough about LINQ syntax to know if I can test for the existance first? thanks.

    Read the article

  • c++/cli pass (managed) delegate to unmanaged code

    - by Ron Klein
    How do I pass a function pointer from managed C++ (C++/CLI) to an unmanaged method? I read a few articles, like this one from MSDN, but it describes two different assemblies, while I want only one. Here is my code: 1) Header (MyInterop.ManagedCppLib.h): #pragma once using namespace System; namespace MyInterop { namespace ManagedCppLib { public ref class MyManagedClass { public: void DoSomething(); }; }} 2) CPP Code (MyInterop.ManagedCppLib.cpp) #include "stdafx.h" #include "MyInterop.ManagedCppLib.h" #pragma unmanaged void UnmanagedMethod(int a, int b, void (*sum)(const int)) { int result = a + b; sum(result); } #pragma managed void MyInterop::ManagedCppLib::MyManagedClass::DoSomething() { System::Console::WriteLine("hello from managed C++"); UnmanagedMethod(3, 7, /* ANY IDEA??? */); } I tried creating my managed delegate and then I tried to use Marshal::GetFunctionPointerForDelegate method, but I couldn't compile.

    Read the article

  • URL-Encoded post parameters don't Bind to model

    - by Steven Klein
    I have the following Model namespace ClientAPI.Models { public class Internal { public class ReportRequest { public DateTime StartTime; public DateTime EndTime; public string FileName; public string UserName; public string Password; } } } with the following method: [HttpPost] public HttpResponseMessage GetQuickbooksOFXService(Internal.ReportRequest Request){ return GetQuickbooksOFXService(Request.UserName, Request.Password, Request.StartTime, Request.EndTime, Request.FileName); } My webform looks like this: <form method="POST" action="http://localhost:56772/Internal/GetQuickbooksOFXService" target="_blank"> <input type="text" name="StartTime" value="2013-04-03T00:00:00"> <input type="text" name="EndTime" value="2013-05-04T00:00:00"> <input type="text" name="FileName" value="Export_2013-04-03_to_2013-05-03.qbo"> <input type="text" name="UserName" value="UserName"> <input type="text" name="Password" value="*****"> <input type="submit" value="Submit"></form> My question is: I get into the GetQuickbooksOFXService function but my model has all nulls in it instead something useful. Am I doing something wrong?

    Read the article

  • What reasons are there to place member functions before member variables or vice/versa?

    - by Cory Klein
    Given a class, what reasoning is there for either of the two following code styles? Style A: class Foo { private: doWork(); int bar; } Style B: class Foo { private: int bar; doWork(); } For me, they are a tie. I like Style A because the member variables feel more fine-grained, and thus would appear past the more general member functions. However, I also like Style B, because the member variables seem to determine, in a OOP-style way, what the class is representing. Are there other things worth considering when choosing between these two styles?

    Read the article

  • How to schedule dynamic function with cron job?

    - by iBrazilian2
    I want to know how I can schedule a dynamic(auto populated data) function to auto run everyday at saved time? Let's say I have a form that once the button is clicked it sends the data to the function, which the posts the data. I simply want to automate that so that I don't have to press the button. <ul> <?php foreach($Class->retrieveData as $data) { <form method="post" action=""> <li> <input type="hidden" name="name">'.$data['name'].'<br/> <input type="hidden" name="description">'.$data['description'].'<br/> <input type="submit" name="post_data" value="Post"> </li> </form> } ?> </ul> Now, the form will pass the data to the function. if(isset($_POST['post_data'])) // if post_data button is clicked then it runs myFunction() { myFunction(); } myFunction() { $name = $_POST['name']; $description = $_POST['description']; } I tried doing the following but the problem is that Cron Job can only run the whole .php file, and I am retrieving the saved time to run from MySQL. foreach($Class->getTime() as $timeData) { $timeHour = $timeData['timeHour']; $timeMinute = $timeData['timeMinute']; $hourMin = date('H:i'); $timeData = ''.$timeHour.':'.$timeMinute.''; if($hourMin == $timeData) { run myFunction. } } $hourMin is the current hour:minute which is being matched against a saved time to auto run from Mysql. So if $hourMin == $timeData then the function will run. How can I run Cron Job to auto run myFunction() if the $hourMin equals $timeData? So... List 1 = is to be runned at 10am List 2 = is to be runned at 12pm List 3 = is to be runned at 2pm The 10am, 12pm, 2pm is the $timeHour and $timeMinute that is retrieved from MySQL but based on each list id's. EDIT @randomSeed, 1) I can schedule cron jobs. 2) $name and $description will all be arrays, so the following is what I am trying to accomplish. $name = array( 'Jon', 'Steven', 'Carter' ); $description = array( 'Jon is a great person.', 'Steven has an outgoing character.', 'Carter is a horrible person.' ); I want to parse the first arrays from both $name and $description if the scheduled time is correct. In database I have the following postDataTime table +----+---------+----------+------------+--------+ | iD | timeDay | timeHour | timeMinute | postiD | +--------------------------------------+--------+ | 1 | * | 9 | 0 | 21 | |----|---------|----------|------------|--------| | 2 | * | 10 | 30 | 22 | |----|---------|----------|------------|--------| | 3 | * | 11 | 0 | 23 | +----|---------+----------+------------+--------+ iD = auto incremented on upload. timeDay = * is everyday (cron job style) timeHour = Hour of the day to run the script timeMinute = minute of the hour to run script postiD = this is the id of the post that is located in another table (n+1 relationship) If it's difficult to understand.. if(time() == 10:30(time from MySQL postiD = 22)) { // run myFunction with the data that is retrieved for that time ex: $postiD = '22'; $name = 'Steven'; $description = 'Steven has an outgoing character.'; // the above is what will be in the $_POST from the form and will be // sent to the myFunction() } I simply want to schedule everything according to the time that is saved to MySQL as I showed at the very top(postDataTime table). (I'd show what I have tried, but I have searched for countless hours for an example of what I am trying to accomplish but I cannot find anything and what I tried doesn't work.). I thought I could use the exec() function but from what it seems that does not allow me to run functions, otherwise I would do the following.. $time = '10:30'; if($time == time()) { exec(myFunction()); }

    Read the article

  • ArchBeat Link-o-Rama for 2012-04-13

    - by Bob Rhubart
    TGIF! Mobile Commerce and Engagement Stats | @digbymobile www.digby.com Solution architects take note: mobile is shaping your future. OTN Architect Day - Reston, VA - May 16 www.oracle.com The live one-day event in Reston, VA brings together architects from a broad range of disciplines and domains to share insights and expertise in the use of Oracle technologies to meet the challenges today’s solution architects regularly face. Registration is free, but seating is limited. BPEL 11.1.1.6 Certified for Prebuilt E-Business Suite 12.1.3 SOA Integrations | Steven Chan blogs.oracle.com A load of links and useful information from Steven Chan. OTN: There's an App for That blogs.oracle.com Get your OTN developer community content on the go with this free app for your mobile device. Five Best Practices for Going Mobile | John Brunswick blogs.oracle.com John Brunswick offers some strategic considerations for delivering products, services, and information to mobile constituents. Why My Slime Mold is Better than Your Hadoop Cluster | Todd Hoff highscalability.com What architects can learn from naturally occurring, self-propelled goop. ADF version of "Modern" dialog windows | Martin Deh blogs.oracle.com Martin Deh describes how to use OOTB ADF components and CSS3 style elements to create iOS-style UI elements. Perfect fit: The cloud and SOA -- but don't call it that | David Linthicum www.infoworld.com "The fact of the matter," says David Linthicum, "is that the best and most effective way to move to the cloud for an enterprise whose technology platforms reflect decades of enterprise IT neglect is to use SOA as an approach and process. Just don't call it 'SOA.'" Thought for the Day "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." — Jeremy S. Anderson

    Read the article

  • Oracle DB, Oracle ADF, GlassFish, JDeveloper, NetBeans IDE

    - by Geertjan
    Today I started some experiments with Oracle guru Steven Davelaar, who lives about 20 minutes away from my place in Amsterdam by underground. Very convenient. He showed me a bunch of things in JDeveloper, while I showed him a bunch of things in NetBeans IDE. He managed to deploy an ADF application to GlassFish in JDeveloper. And, so far, I failed to do the same thing in NetBeans IDE. Quite a few (around 100) JARs are needed, aside from the question of correctly setting up or importing an ADF application, and we're still figuring out which and who and when and where. And how. And if. And why. Nonetheless, I did manage to get Oracle DB set up in NetBeans IDE, after downloading it from here: http://www.oracle.com/technetwork/products/express-edition/downloads/index.html Here's what it looks like when registered in NetBeans IDE, i.e., notice that I have a cool sample database available:   Data from the above database I managed to display very easily via the various NetBeans code generators in a PrimeFaces application, exactly as has been done many times in demonstrations and tutorials everywhere, i.e., generate JPA entities, then create an EJB, then inject the EJB into a PrimeFaces data table: The next step is to somehow do the same with ADF in NetBeans IDE. I had some trouble with passwords for Oracle DB, the command line (with Steven's help) proved helpful: Wish us luck as we continue our ADF-inspired journey. This blog entry by Shay is also relevant: Deploying Oracle ADF Essentials Applications to Glassfish

    Read the article

  • the best way to convert delimited to fixed width

    - by ehosca
    What is the BEST way to convert this : FirstName,LastName,Title,BirthDate,HireDate,City,Region Nancy,Davolio,Sales Representative,1948-12-08,1992-05-01,Seattle,WA Andrew,Fuller,Vice President Sales,1952-02-19,1992-08-14,Tacoma,WA Janet,Leverling,Sales Representative,1963-08-30,1992-04-01,Kirkland,WA Margaret,Peacock,Sales Representative,1937-09-19,1993-05-03,Redmond,WA Steven,Buchanan,Sales Manager,1955-03-04,1993-10-17,London,NULL Michael,Suyama,Sales Representative,1963-07-02,1993-10-17,London,NULL Robert,King,Sales Representative,1960-05-29,1994-01-02,London,NULL Laura,Callahan,Inside Sales Coordinator,1958-01-09,1994-03-05,Seattle,WA Anne,Dodsworth,Sales Representative,1966-01-27,1994-11-15,London,NULL to this : FirstName LastName Title BirthDate HireDate City Region ---------- -------------------- ------------------------------ ----------- ---------- --------------- --------------- Nancy Davolio Sales Representative 1948-12-08 1992-05-01 Seattle WA Andrew Fuller Vice President, Sales 1952-02-19 1992-08-14 Tacoma WA Janet Leverling Sales Representative 1963-08-30 1992-04-01 Kirkland WA Margaret Peacock Sales Representative 1937-09-19 1993-05-03 Redmond WA Steven Buchanan Sales Manager 1955-03-04 1993-10-17 London NULL Michael Suyama Sales Representative 1963-07-02 1993-10-17 London NULL Robert King Sales Representative 1960-05-29 1994-01-02 London NULL Laura Callahan Inside Sales Coordinator 1958-01-09 1994-03-05 Seattle WA Anne Dodsworth Sales Representative 1966-01-27 1994-11-15 London NULL

    Read the article

  • SQL Server Group Concat with Different characters

    - by Molloch
    I have looked through a number of solutions to emulating "Group concat" functionality in SQL Server. I wanted to make a more human readable solution though and I can't work out how to do it. I have a view: ParentID | ChildName Which contains the records, for example: 1 | Max 1 | Jessie 2 | Steven 2 | Lucy 2 | Jake 3 | Mark I want to "Group Concat" these to get: 1 | Max and Jessie 2 | Steven, Lucy and Jake 3 | Mark So If there is only 1 child, just return name, if there are more than one, concat the last 2 with an ' and ' and all others with a ', '. I am a bit stuck on how to do this without resorting to CLR, which I don't want to do. I am happy with a function - but speed is an issue and how do I determine the child number so I can choose between ' and ', ', ' or ''?

    Read the article

  • Making a textfile into a list in matlab?

    - by Ben Fossen
    I have a textfile and would like to import it onto Matlab and make it a list Person1 name = steven grade = 11 age= 17 Person2 name = mike grade = 9 age= 15 Person3 name = taylor grade = 11 age= 17 There are a few hundred entries like these above. Each are seperated by a blank line I was thinking I could scan the text and make the information between each blank line into an item in the list. I also would like to be able to look up each person by name once I have a list like the one below. I want something like x = [Person1 Person2 Person3 name = steven name = mike name = taylor grade = 11 grade = 9 grade = 11 age = 17 age = 15 age = 17] This seems very straight forward but I have been having trouble with this so far, I may be overlooking something. anyone have any ideas or advice?

    Read the article

  • Securing an ASP.NET MVC 2 Application

    - by rajbk
    This post attempts to look at some of the methods that can be used to secure an ASP.NET MVC 2 Application called Northwind Traders Human Resources.  The sample code for the project is attached at the bottom of this post. We are going to use a slightly modified Northwind database. The screen capture from SQL server management studio shows the change. I added a new column called Salary, inserted some random salaries for the employees and then turned off AllowNulls.   The reporting relationship for Northwind Employees is shown below.   The requirements for our application are as follows: Employees can see their LastName, FirstName, Title, Address and Salary Employees are allowed to edit only their Address information Employees can see the LastName, FirstName, Title, Address and Salary of their immediate reports Employees cannot see records of non immediate reports.  Employees are allowed to edit only the Salary and Title information of their immediate reports. Employees are not allowed to edit the Address of an immediate report Employees should be authenticated into the system. Employees by default get the “Employee” role. If a user has direct reports, they will also get assigned a “Manager” role. We use a very basic empId/pwd scheme of EmployeeID (1-9) and password test$1. You should never do this in an actual application. The application should protect from Cross Site Request Forgery (CSRF). For example, Michael could trick Steven, who is already logged on to the HR website, to load a page which contains a malicious request. where without Steven’s knowledge, a form on the site posts information back to the Northwind HR website using Steven’s credentials. Michael could use this technique to give himself a raise :-) UI Notes The layout of our app looks like so: When Nancy (EmpID 1) signs on, she sees the default page with her details and is allowed to edit her address. If Nancy attempts to view the record of employee Andrew who has an employeeID of 2 (Employees/Edit/2), she will get a “Not Authorized” error page. When Andrew (EmpID 2) signs on, he can edit the address field of his record and change the title and salary of employees that directly report to him. Implementation Notes All controllers inherit from a BaseController. The BaseController currently only has error handling code. When a user signs on, we check to see if they are in a Manager role. We then create a FormsAuthenticationTicket, encrypt it (including the roles that the employee belongs to) and add it to a cookie. private void SetAuthenticationCookie(int employeeID, List<string> roles) { HttpCookiesSection cookieSection = (HttpCookiesSection) ConfigurationManager.GetSection("system.web/httpCookies"); AuthenticationSection authenticationSection = (AuthenticationSection) ConfigurationManager.GetSection("system.web/authentication"); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, employeeID.ToString(), DateTime.Now, DateTime.Now.AddMinutes(authenticationSection.Forms.Timeout.TotalMinutes), false, string.Join("|", roles.ToArray())); String encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); if (cookieSection.RequireSSL || authenticationSection.Forms.RequireSSL) { authCookie.Secure = true; } HttpContext.Current.Response.Cookies.Add(authCookie); } We read this cookie back in Global.asax and set the Context.User to be a new GenericPrincipal with the roles we assigned earlier. protected void Application_AuthenticateRequest(Object sender, EventArgs e){ if (Context.User != null) { string cookieName = FormsAuthentication.FormsCookieName; HttpCookie authCookie = Context.Request.Cookies[cookieName]; if (authCookie == null) return; FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); string[] roles = authTicket.UserData.Split(new char[] { '|' }); FormsIdentity fi = (FormsIdentity)(Context.User.Identity); Context.User = new System.Security.Principal.GenericPrincipal(fi, roles); }} We ensure that a user has permissions to view a record by creating a custom attribute AuthorizeToViewID that inherits from ActionFilterAttribute. public class AuthorizeToViewIDAttribute : ActionFilterAttribute{ IEmployeeRepository employeeRepository = new EmployeeRepository(); public override void OnActionExecuting(ActionExecutingContext filterContext) { if (filterContext.ActionParameters.ContainsKey("id") && filterContext.ActionParameters["id"] != null) { if (employeeRepository.IsAuthorizedToView((int)filterContext.ActionParameters["id"])) { return; } } throw new UnauthorizedAccessException("The record does not exist or you do not have permission to access it"); }} We add the AuthorizeToView attribute to any Action method that requires authorization. [HttpPost][Authorize(Order = 1)]//To prevent CSRF[ValidateAntiForgeryToken(Salt = Globals.EditSalt, Order = 2)]//See AuthorizeToViewIDAttribute class[AuthorizeToViewID(Order = 3)] [ActionName("Edit")]public ActionResult Update(int id){ var employeeToEdit = employeeRepository.GetEmployee(id); if (employeeToEdit != null) { //Employees can edit only their address //A manager can edit the title and salary of their subordinate string[] whiteList = (employeeToEdit.IsSubordinate) ? new string[] { "Title", "Salary" } : new string[] { "Address" }; if (TryUpdateModel(employeeToEdit, whiteList)) { employeeRepository.Save(employeeToEdit); return RedirectToAction("Details", new { id = id }); } else { ModelState.AddModelError("", "Please correct the following errors."); } } return View(employeeToEdit);} The Authorize attribute is added to ensure that only authorized users can execute that Action. We use the TryUpdateModel with a white list to ensure that (a) an employee is able to edit only their Address and (b) that a manager is able to edit only the Title and Salary of a subordinate. This works in conjunction with the AuthorizeToViewIDAttribute. The ValidateAntiForgeryToken attribute is added (with a salt) to avoid CSRF. The Order on the attributes specify the order in which the attributes are executed. The Edit View uses the AntiForgeryToken helper to render the hidden token: ......<% using (Html.BeginForm()) {%><%=Html.AntiForgeryToken(NorthwindHR.Models.Globals.EditSalt)%><%= Html.ValidationSummary(true, "Please correct the errors and try again.") %><div class="editor-label"> <%= Html.LabelFor(model => model.LastName) %></div><div class="editor-field">...... The application uses View specific models for ease of model binding. public class EmployeeViewModel{ public int EmployeeID; [Required] [DisplayName("Last Name")] public string LastName { get; set; } [Required] [DisplayName("First Name")] public string FirstName { get; set; } [Required] [DisplayName("Title")] public string Title { get; set; } [Required] [DisplayName("Address")] public string Address { get; set; } [Required] [DisplayName("Salary")] [Range(500, double.MaxValue)] public decimal Salary { get; set; } public bool IsSubordinate { get; set; }} To help with displaying readonly/editable fields, we use a helper method. //Simple extension method to display a TextboxFor or DisplayFor based on the isEditable variablepublic static MvcHtmlString TextBoxOrLabelFor<TModel, TProperty>(this HtmlHelper<TModel> htmlHelper, Expression<Func<TModel, TProperty>> expression, bool isEditable){ if (isEditable) { return htmlHelper.TextBoxFor(expression); } else { return htmlHelper.DisplayFor(expression); }} The helper method is used in the view like so: <%=Html.TextBoxOrLabelFor(model => model.Title, Model.IsSubordinate)%> As mentioned in this post, there is a much easier way to update properties on an object. Download Demo Project VS 2008, ASP.NET MVC 2 RTM Remember to change the connectionString to point to your Northwind DB NorthwindHR.zip Feedback and bugs are always welcome :-)

    Read the article

  • Domain name rewriting and URL rewriting in the meantime in .htaccess

    - by Steven
    Ugly URLs: www.domainname.com/en/piece/piece.php?piece_id=1 www.domainname.com/en/piece/piece.php?piece_id=2 www.domainname.com/en/piece/piece.php?piece_id=3 ... Friendly URLs: piece.domainname.com/en/1 piece.domainname.com/en/2 piece.domainname.com/en/3 ... I want to present website users only friendly URLs. When I apply RewriteEngine On RewriteRule ^en/([^/]*)$ /en/piece/piece.php?piece_id=$1 [L] only the URL is rewrote.Besides the CSS file can not be found in web page of the friendly URL. How to rewrite the domain name and the URL in the meantime? Do I have to use RedirectMatch, if so, how to do it?

    Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >