Search Results

Search found 14074 results on 563 pages for 'programmers'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 98/563 | < Previous Page | 94 95 96 97 98 99 100 101 102 103 104 105  | Next Page >

  • What do you do when a client requires Rich Text Editing on their website?

    - by George Stocker
    As we all know by now, XSS attacks are dangerous and really easy to pull off. Various frameworks make it easy to encode HTML, like ASP.NET MVC does: <%= Html.Encode("string"); %> But what happens when your client requires that they be able to upload their content directly from a Microsoft Word document? Here's the scenario: People can copy and paste content from Microsoft word into a WYSIWYG editor (in this case tinyMCE), and then that information is posted to a web page. The website is public, but only members of that organization will have access to post information to a webpage. What is the best way to handle this requirement? Currently there is no checking done on what the client posts (since only 'trusted' users can post), but I'm not particularly happy with that and would like to lock it down further in case an account is hacked. The platform in question is ASP.NET MVC. The only conceptual method that I'm aware of that meets these requirements is to whitelist HTML tags and let those pass through. Is there another way? If not, is the best way to let them store it in the Database in any form, but only display it properly encoded and stripped of bad tags? NB: The questions differ in that he only assumes there's one way. I'm also asking the following questions: 1. Is there a better way that doesn't rely on HTML Whitelists? 2. Is there a better way that relies on a different view engine? 3. Is there a WYSIWYG editor that includes the ability to whitelist on the fly? 4. Should I even worry about this since it will only be for 'private posting' (Much in the same way that a private blog allows HTML From the author, but since only he can post, it's not an issue)? Edit #2: If suggesting a WYSIWYG editor, it must be free (as in speech, or as in beer). Update: All of the suggestions thus far revolve around a specific Rich Text Editor to use: Only provide an editor as a suggestion if it allows for sanitization of HTML tags; and it fulfills the requirement of accepting pasted documents from a WYSIWYG Editor like Microsoft Word. There are three methods that I know of: 1. Not allow HTML. 2. Allow HTML, but sanitize it 3. Find a Rich Text Editor that sanitizes and allows HTML. The previous questions remain (1-4 above). Related Question Preventing Cross Site Scripting (XSS)

    Read the article

  • What ways are there to determine if an idea for change is viable or not?

    - by Kenneth
    A recent discussion on here about whether or not program windows should still be called screens or if we should have improved terminology got me thinking... Dangerous I know! People as a whole tend to be fairly resistant to change. We get comfortable in our niches and used to the way things are. While some changes lead to good results and improve our lives or the way things are done, others are clearly not enough of a change or overall bad and not even worth attempting. What guides can we use as we program to determine if an improvement (whether it be to coding style, terminology, user interface, language use, etc) is really an improvement or not? I'm sure to some extent nothing will replace the try-it-out approach but are there any tests or guides that can be used to eliminate certain ideas that would eventually turn out to be worthless or a waste of time to pursue? EDIT: For anyone who is wondering the discussion that brought this question up in my mind is found here: Does your organization still use the term "screens" to describe a user interface?

    Read the article

  • how to follow python polymorphism standards with math functions

    - by krishnab
    So I am reading up on python in Mark Lutz's wonderful LEARNING PYTHON book. Mark makes a big deal about how part of the python development philosophy is polymorphism and that functions and code should rely on polymorphism and not do much type checking. However, I do a lot of math type programming and so the idea of polymorphism does not really seem to apply--I don't want to try and run a regression on a string or something. So I was wondering if there is something I am missing here. What are the applications of polymorphism when I am writing functions for math--or is type checking philosophically okay in this case.

    Read the article

  • How could RDBMSes be considered a fad?

    - by StuperUser
    Completing my Computing A-level in 2003 and getting a degree in Computing in 2007, and learning my trade in a company with a lot of SQL usage, I was brought up on the idea of Relational Databases being used for storage. So, despite being relatively new to development, I was taken-aback to read a comment (on Is LinqPad site quote "Tired of querying in antiquated SQL?" accurate? ) that said: [Some devs] despise [SQL] and think that it and RDBMS are a fad Obviously, a competent dev will use the right tool for the right job and won't create a relational database when e.g. flat file or another solution for storage is appropriate, but RDBMs are useful in a massive number of circumstances, so how could they be considered a fad?

    Read the article

  • Best Programming Language for Web Development

    - by Harish Kurup
    I am a Web Developer in PHP, and also know Javascript and some bit of CSS which is needed for web development. I use Symfony framework to build Websites and Web Application. As now i want to learn new Programming Language, which is best for Web Development(like Ruby, Python), as i have heard about Frameworks like Rails and Django. Which language will be best for Web Development apart from PHP or like PHP?

    Read the article

  • Clarification about Event Producer in StreamInsight

    - by sandy
    I need a small clarification about streamInsight, I know by doc's that StreamInsight can handle multiple concurrent Events. But will the event producer be a separate function, for ex: I need to watch a folder for new Files becoz all my sensors il write readings every day in a new file in particular drive. Method 1: FileSystemWatcher: These is the traditional approach where we write a service using FileSystemWatcher to watch a folder for new files,etc.. Upon receiving event from FileSystemWatcher il perform some operations on these files. How to do these using streamInsight??? I came know that using IObservable i can push events to StreamInsight. But is there anything to watch folder is sreamInsight like FileSystemWatcher. OR In order to raise events to streamInsight do we need to use FileSystemWacther? Any suggestion regarding these is highly appreciated. Thank in Advance

    Read the article

  • Model Driven Architecture Approach in programming / modelling

    - by yak
    I know the basics of the model driven architecture: it is all about model the system which I want to create and create the core code afterwards. I used CORBA a while ago. First thing that I needed to do was to create an abstract interface (some kind of model of the system I want to build) and generate core code later. But I have a different question: is model driven architecture a broad approach or not? I mean, let's say, that I have the language (modelling language) in which I want to model EXISTING system (opposite to the system I want to CREATE), and then analyze the model of the created system and different facts about that modeled abstraction. In this case, can the process I described above be considered the model driven architecture approach? I mean, I have the model, but this is the model of the existing system, not the system to be created.

    Read the article

  • What about introduction to programming with C# via LINQPad?

    - by Gulshan
    From different questions/answers/articles in this and some other sites, I got the idea that the introductory language for programming should be- High level Less verbose C# is one of the heavily used high level languages being used these days. It's also multi-paradigm and descendant of C, the lingua-franca of all programming languages. So, I think it has the potential to be the introductory programming language. But I felt it's a bit verbose for the novice learners. Then LINQPad came into my mind. With LINQPad, someone can start with C# without it's verbosity. Because you can just run one statement or few statements or a standalone function with LINQPad. Again you can run a full source file also. Another thing it provide is- using SQL. So, it can be used for learning SQL too. And not to mention, it's free. So, what you guys think about the idea of introducing programming with C# via LINQPad? Any thing to watch out? Any suggestion?

    Read the article

  • Web2.0, AJAX, HTML5, Facebook, Social web, openid, Oauth, web browsers... where is all this going ?

    - by jokoon
    We have seen many new things appear in the last 7 or 5 five years on the web: Facebook, html5 appeared, new browsers grew strongly, Google failed with Wave... Since Facebook and other stuff like Gtalk and Gmail, I thought and hoped that forums, chat, mail, usenet, conversation rooms and p2p protocols could inter operate to allow the user to use all those services transparently. Of course I realized that things are far much complicated, for several reasons: the IETF cannot invent new things: they just propose standards. Microsoft as well as big players often are obstacles to relevant innovation regarding open formats. The biggest stories being document formats or internet explorer with its long reaction to support web standards. Smartphones, thanks to the appearances of OSes such as iOS and Android, are finally able to navigate on internet: former devices were deaf, they weren't directly connected to internet. The mail protocol were left unchanged even with the grow of spam and malwares. I don't know what to think, because I think there is still a lot to do, but I feel like it will never happen or that nobody seems interested in those basic text transmit features... So what do you think what are the next big steps in the evolution of the web ? Do you think is will still walk hand in hand with open source ?

    Read the article

  • Using Visual Studio as a Task-Focused IDE

    - by Jay Stevens
    Are there patterns or libraries or any official Microsoft SDK for using Visual Studio as a specifically Task-Focused UI? For example, both Revolution R (IDE for the R language) and SQL 2012 (and I think SQL 2008 and possibly 2005) use Visual Studio as the underlying IDE framework. Is there an officially supported SDK and/or examples/samples for doing this type of thing? I am building a language Parser for an existing language - whose only available IDE is INSANELY expensive - using Irony (and eventually will generate a Language Service as well). Any direct or indirect suggestions/answers are appreciated.

    Read the article

  • Collaboration using github and testing the code

    - by wyred
    The procedure in my team is that we all commit our code to the same development branch. We have a test server that runs updated code from this branch so that we can test our code on the servers. The problem is that if we want to merge the development branch to the master branch in order to publish new features to our production servers, some features that may not have been ready will be applied to the production servers. So we're considering having each developer work on a feature/topic branch where each of them work on their own features and when it's ready, merge it into the development branch for testing, and then into the master branch. However, because our test server only pulls changes from the development branch, the developers are unable to test their features. While this is not a huge issue as they can test it on their local machine, the only problem I foresee is if we want to test callbacks from third-party services like sendgrid (where you specify a url for sendgrid to update you on the status of emails sent out). How to handle this problem? Note: We're not advanced git users. We use the Github app for MacOSX and Windows to commit our work.

    Read the article

  • "My stuff" vs. "Your stuff" in UI texts

    - by JD Isaacks
    When refering to a users stuff should you use My or Your, for example: My Cart | My Account | My Wishlist Or Your Cart | Your Account | Your Wishlist I found this article that argues for the use of your. It says flikr does this. It also says MySpace and MyYahoo are wrong. I also noticed today that Amazon uses the term Your. However, I have heard they are the masters at testing variations and finding the best one, so what you see on their site might be the best variation, or simply something they are currently testing. I personally like the way my looks better, but thats just my opinion. What do you think? What will hever the better impact on customers? Does it really even matter?

    Read the article

  • Do you own your tools?

    - by Mike Brown
    A colleague of mine wrote a post a while ago asking Do you own your tools. It raises an important question. Do you? I answered way down in the comments. As an independent, I do own my tools. Even when I wasn't independent, I had my own (fully licensed) tools that I used for personal development. I don't think buying your own tools are something to puff your chest up about (just because you can buy a $100 pair of basketball sneakers they won't make you as good as Michael Jordan), but it IS an investment in yourself that shouldn't be taken lightly. What do you think good people?

    Read the article

  • Are there any companies using BDD in a .NET environment?

    - by Nick
    I've seen BDD in action (in this case using SpecFlow and Selenium in a .NET environment) for a small test project. I was very impressed - mainly due to the fact that the language used to specify the acceptance tests meant they engaged with the product owner much more easily. I'm now keen to bring this into my current organisation. However I'm asked 'who else uses this?' and 'show me some case-studies'. Unfortunately I cannot find any 'big names' (or even 'small names' for that matter!) of companies who are actively using BDD. I have two questions really: Is BDD adopted by companies out there? Who are they? How can BDD be implemented in an agile .NET environment and are there any significant drawbacks to doing it?

    Read the article

  • Switching from Visual Studio to Eclipse [closed]

    - by Jouke van der Maas
    I've been using Visual Studio for about 6 years now, which is enough time to know most useful keyboard shortcuts and little features. I recently had to switch to Eclipse and java for school, and now I'm constantly searching for the right keys to press. I have searched around for a definitve guide on this, but I couldn't find any. Here's what I want to know: For any feature in Visual Studio, what is the equivalent feature in Eclipse called and what is it's default keyboard shortcut? Are there any things that work very differently in Eclipse, that one might misunderstand or do wrong at first when switching? Are there features in Visual Studio that Eclipse does not have, and is there a workaround? I hope we can create a guide to make life easier for future developers that have to make this switch. You can answer any of the three questions above (no need to do all three), and multiple per answer if you want. I can't mark questions as community wiki anymore, but I do think that's appropriate here.

    Read the article

  • Browser-based GUI for a python application

    - by ack__
    I want to create a web/browser-based GUI for a command-line python application. The goal is to make use of HTML/JS technologies to create this GUI. As the application itself, it needs to run on Linux and Windows, and the interface will be accessible only from localhost (not exposed to internet). The GUI will contain 5 to 10 pages. I don't want a traditional desktop GUI that includes HTML/JS, but just a bunch of html files and some kind of controller between those and the application. I also want to make use of asynchronous programming (ajax like) so I can load and print data in the GUI without refreshing the whole page. I'd probably use jQuery for that and a couple other things. How would you recommend to design this? Performance is not the key here, I'm rather looking at reliability, portability and simplicity. I'm thinking of using a lightweight python HTTP server / framework (like CherryPy) and maybe later a Python templating system (at the begining it will just be a couple pages). EDIT: I'm looking for ideas/recommendations how to build this, not for alternatives to browser/web-based GUI.

    Read the article

  • Microsoft SDET position

    - by Mark
    I was curious about MS's SDET position. I've heard a lot of people speak negatively and positively about this position. I was wondering if any current or previous SDETs could comment on a couple of issues. 1) Is career development in any way hurt by this position within and outside of MS? 1.5) Is it harder to get hired as a developer at another company after being an SDET? 2) Within MS culture, how is the SDET position viewed with respect to PM or SDE? Is it respected or looked down upon? 3) If you worked as an SDET, did you like it?

    Read the article

  • In which cases Robolectric is a relevant solution?

    - by Francis Toth
    As you may now, Robolectric is a framework that provides stubs for Android objects, in order to make tests runnable outside the Dalvik environment. My concern is that, by doing this, one can fake a third party library, which is, I believe, not a good practice (it should be encapsulated instead). If you make assumptions about an interface you don't own, which is changed once your test has been written, you won't be always noticed about the modifications. This can lead to a misunderstanding between your implementations and the interface they depends on. In addition, Android use mostly inheritance over interfaces which limits contract testing. So here's my question: Are there situations when Robolectric is the way to go? Here are some links you can check for further information: test-doubles-with-mockito in-brief-contract-tests

    Read the article

  • Studies of Pair Programming on Translation Projects

    - by gmletzkojr
    I am looking for information (ie, studies, metrics, etc) for pair programming when translating a project from an "older" language to a "newer" language. In this particular case, translating means line for line translation where ever possible, and only modifying the design when absolutely necessary, not when the modification would provide improved performance. I have performed pair programming in new development, and I am well aware of the pros and cons of pairing in that environment. However, I haven't been able to find any information in this particular case. Any help is appreciated.

    Read the article

  • A design pattern for data binding an object (with subclasses) to asp.net user control

    - by Rohith Nair
    I have an abstract class called Address and I am deriving three classes ; HomeAddress, Work Address, NextOfKin address. My idea is to bind this to a usercontrol and based on the type of Address it should bind properly to the ASP.NET user control. My idea is the user control doesn't know which address it is going to present and based on the type it will parse accordingly. How can I design such a setup, based on the fact that, the user control can take any type of address and bind accordingly. I know of one method like :- Declare class objects for all the three types (Home,Work,NextOfKin). Declare an enum to hold these types and based on the type of this enum passed to user control, instantiate the appropriate object based on setter injection. As a part of my generic design, I just created a class structure like this :- I know I am missing a lot of pieces in design. Can anybody give me an idea of how to approach this in proper way.

    Read the article

  • I need to develop a parser. Can I use Lex and Yacc for the purpose?

    - by Scrooge
    I need to extract very particular data from log files(of different types and formats). Since I am a recent college passout; my mind ran to using Lex and Yacc for the purpose. Now I have the following Questions 1. Will it be legal to do so ? (This product I am working for belongs to one of the biggest tech companies in the world.) 2. Also ; I would like to know if I am being too afraid to write my own parser? 3. How can I use Lex and Yacc if my product is Windows based? Please tell me if you need any clarification or extra information.

    Read the article

  • Whether to go for part MBA or not [closed]

    - by Santosh singh
    I need your help in knowing more about SP Jain Finance MBA. I am currently working in Singapore as a tech lead having 6.5 year experience in IT, planning to do part time MBA. There are currently 3 specialisation offered- marketing,operations and finance- I am not sure which one to choose. Whether I would be able to find a job in finance after getting MBA degree from SP Jain. Basically I do not forsee any career growth in my present company, so in a fix should I do MBA or go for some specialised course if you suggest.

    Read the article

  • What's the difference between Scala and Red Hat's Ceylon language?

    - by John Bryant
    Red Hat's Ceylon language has some interesting improvements over Java: The overall vision: learn from Java's mistakes, keep the good, ditch the bad The focus on readability and ease of learning/use Static Typing (find errors at compile time, not run time) No “special” types, everything is an object Named and Optional parameters (C# 4.0) Nullable types (C# 2.0) No need for explicit getter/setters until you are ready for them (C# 3.0) Type inference via the "local" keyword (C# 3.0 "var") Sequences (arrays) and their accompanying syntactic sugariness (C# 3.0) Straight-forward implementation of higher-order functions I don't know Scala but have heard it offers some similar advantages over Java. How would Scala compare to Ceylon in this respect?

    Read the article

  • Implementing a modern web application with Web API on top of old services

    - by Gaui
    My company has many WCF services which may or may not be replaced in the near future. The old web application is written in WebForms and communicates straight with these services via SOAP and returns DataTables. Now I am designing a new modern web application in a modern style, an AngularJS client which communicates with an ASP.NET Web API via JSON. The Web API then communicates with the WCF services via SOAP. In the future I want to let the Web API handle all requests and go straight to the database, but because the business logic implemented in the WCF services is complicated it's going to take some time to rewrite and replace it. Now to the problem: I'm trying to make it easy in the near future to replace the WCF services with some other data storage, e.g. another endpoint, database or whatever. I also want to make it easy to unit test the business logic. That's why I have structured the Web API with a repository layer and a service layer. The repository layer has a straight communication with the data storage (WCF service, database, or whatever) and the service layer then uses the repository (Dependency Injection) to get the data. It doesn't care where it gets the data from. Later on I can be in control and structure the data returned from the data storage (DataTable to POCO) and be able to test the logic in the service layer with some mock repository (using Dependency Injection). Below is some code to explain where I'm going with this. But my question is, does this all make sense? Am I making this overly complicated and could this be simplified in any way possible? Does this simplicity make this too complicated to maintain? My main goal is to make it as easy as possible to switch to another data storage later on, e.g. an ORM and be able to test the logic in the service layer. And because the majority of the business logic is implemented in these WCF services (and they return DataTables), I want to be in control of the data and the structure returned to the client. Any advice is greatly appreciated. Update 20/08/14 I created a repository factory, so services would all share repositories. Now it's easy to mock a repository, add it to the factory and create a provider using that factory. Any advice is much appreciated. I want to know if I'm making things more complicated than they should be. So it looks like this: 1. Repository Factory public class RepositoryFactory { private Dictionary<Type, IServiceRepository> repositories; public RepositoryFactory() { this.repositories = new Dictionary<Type, IServiceRepository>(); } public void AddRepository<T>(IServiceRepository repo) where T : class { if (this.repositories.ContainsKey(typeof(T))) { this.repositories.Remove(typeof(T)); } this.repositories.Add(typeof(T), repo); } public dynamic GetRepository<T>() { if (this.repositories.ContainsKey(typeof(T))) { return this.repositories[typeof(T)]; } throw new RepositoryNotFoundException("No repository found for " + typeof(T).Name); } } I'm not very fond of dynamic but I don't know how to retrieve that repository otherwise. 2. Repository and service // Service repository interface // All repository interfaces extend this public interface IServiceRepository { } // Invoice repository interface // Makes it easy to mock the repository later on public interface IInvoiceServiceRepository : IServiceRepository { List<Invoice> GetInvoices(); } // Invoice repository // Connects to some data storage to retrieve invoices public class InvoiceServiceRepository : IInvoiceServiceRepository { public List<Invoice> GetInvoices() { // Get the invoices from somewhere // This could be a WCF, a database, or whatever using(InvoiceServiceClient proxy = new InvoiceServiceClient()) { return proxy.GetInvoices(); } } } // Invoice service // Service that handles talking to a real or a mock repository public class InvoiceService { // Repository factory RepositoryFactory repoFactory; // Default constructor // Default connects to the real repository public InvoiceService(RepositoryFactory repo) { repoFactory = repo; } // Service function that gets all invoices from some repository (mock or real) public List<Invoice> GetInvoices() { // Query the repository return repoFactory.GetRepository<IInvoiceServiceRepository>().GetInvoices(); } }

    Read the article

  • Email Service or CRM

    - by MG1
    I am creating a process for a client who is a chapel. They have people who sign up to receive notifications of a death anniversary. I exported a CSV from the db, imported it into Mailchimp and I was about to launch a Mailchimp automation based on a date. Not I realized that are many instances where the same person singed up for multiple death reminders. Mailchimp doesn't allow for duplicate email addresses in one list. Is there another service or application that I can use for this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 94 95 96 97 98 99 100 101 102 103 104 105  | Next Page >