Search Results

Search found 21802 results on 873 pages for 'erx vb next coder'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 113/873 | < Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120  | Next Page >

  • Prevent SQL Injection in Dynamic column names

    - by Mr Shoubs
    I can't get away without writing some dynamic sql conditions in a part of my system (using Postgres). My question is how best to avoid SQL Injection with the method I am currently using. EDIT (Reasoning): There are many of columns in a number of tables (a number which grows (only) and is maintained elsewhere). I need a method of allowing the user to decide which (predefined) column they want to query (and if necessary apply string functions to). The query itself is far too complex for the user to write themselves, nor do they have access to the db. There are 1000's of users with varying requirements and I need to remain as flexible as possible - I shouldn't have to revisit the code unless the main query needs to change - Also, there is no way of knowing what conditions the user will need to use. I have objects (received via web service) that generates a condition (the generation method is below - it isn't perfect yet) for some large sql queries. The _FieldName is user editable (parameter name was, but it didn't need to be) and I am worried it could be an attack vector. I put double quotes (see quoted identifier) around the field name in an attempt to sanitize the string, this way it can never be a key word. I could also look up the field name against a list of fields, but it would be difficult to maintain on a timely basis. Unfortunately the user must enter the condition criteria, I am sure there must be more I can add to the sanatize method? and does quoting the column name make it safe? (my limited testing seems to think so). an example built condition would be "AND upper(brandloaded.make) like 'O%' and upper(brandloaded.make) not like 'OTHERBRAND'" ... Any help or suggestions are appreciated. Public Function GetCondition() As String Dim sb As New Text.StringBuilder 'put quote around the table name in an attempt to prevent some sql injection 'http://www.postgresql.org/docs/8.2/static/sql-syntax-lexical.html sb.AppendFormat(" {0} ""{1}"" ", _LogicOperator.ToString, _FieldName) Select Case _ConditionOperator Case ConditionOperatorOptions.Equals sb.Append(" = ") ... End Select sb.AppendFormat(" {0} ", Me.UniqueParameterName) 'for parameter Return Me.Sanitize(sb) End Function Private Function Sanitize(ByVal sb As Text.StringBuilder) As String 'compare against a similar blacklist mentioned here: http://forums.asp.net/t/1254125.aspx sb.Replace(";", "") sb.Replace("'", "") sb.Replace("\", "") sb.Replace(Chr(8), "") Return sb.ToString End Function Public ReadOnly Property UniqueParameterName() As String Get Return String.Concat(":" _UniqueIdentifier) End Get End Property

    Read the article

  • How Do You Databind Avalon DateTimePicker Start Value?

    - by discwiz
    Trying to set the start time of the Avalon DateTimePicker, but all I get is the current time. Anyone had any success with this control. FYI, I am stuck using .Net 3.0. <wf:DateTimePicker x:Name="DatePickerStartTime" DateTimeSelected="{Binding Path=StartTime,Mode=TwoWay}" > </wf:DateTimePicker> Thanks, Dave

    Read the article

  • Pattern for limiting number of simultaneous asynchronous calls

    - by hitch
    I need to retrieve multiple objects from an external system. The external system supports multiple simultaneous requests (i.e. threads), but it is possible to flood the external system - therefore I want to be able to retrieve multiple objects asynchronously, but I want to be able to throttle the number of simultaneous async requests. i.e. I need to retrieve 100 items, but don't want to be retrieving more than 25 of them at once. When each request of the 25 completes, I want to trigger another retrieval, and once they are all complete I want to return all of the results in the order they were requested (i.e. there is no point returning the results until the entire call is returned). Are there any recommended patterns for this sort of thing? Would something like this be appropriate (pseudocode, obviously)? private List<externalSystemObjects> returnedObjects = new List<externalSystemObjects>; public List<externalSystemObjects> GetObjects(List<string> ids) { int callCount = 0; int maxCallCount = 25; WaitHandle[] handles; foreach(id in itemIds to get) { if(callCount < maxCallCount) { WaitHandle handle = executeCall(id, callback); addWaitHandleToWaitArray(handle) } else { int returnedCallId = WaitHandle.WaitAny(handles); removeReturnedCallFromWaitHandles(handles); } } WaitHandle.WaitAll(handles); return returnedObjects; } public void callback(object result) { returnedObjects.Add(result); }

    Read the article

  • Entity Framework 4 / POCO - Where to start?

    - by Basiclife
    Hi, I've been programming for a while and have used LINQ-To-SQL and LINQ-To-Entities before (although when using entities it has been on a Entity/Table 1-1 relationship - ie not much different than L2SQL) I've been doing a lot of reading about Inversion of Control, Unit of Work, POCO and repository patterns and would like to use this methodology in my new applications. Where I'm struggling is finding a clear, concise beginners guide for EF4 which doesn't assume knowledge of EF1. The specific questions I need answered are: Code first / model first? Pros/cons in regards to EF4 (ie what happens if I do code first, change the code at a later date and need to regenerate my DB model - Does the data get preserved and transformed or dropped?) Assuming I'm going code-first (I'd like to see how EF4 converts that to a DB schema) how do I actually get started? Quite often I've seen articles with entity diagrams stating "So this is my entity model, now I'm going to ..." - Unfortunately, I'm unclear if they're created the model in the designer, saved it to generate code then stopped any further auto-code generation -or- They've coded (POCO)? classes and the somehow imported them into the deisgner view? I suppose what I really need is an understanding of where the "magic" comes from and how to add it myself if I'm not just generating an EF model directly from a DB. I'm aware the question is a little vague but I don't know what I don't know - So any input / correction / clarification appreciated. Needless to say, I don't expect anyone to sit here and teach me EF - I'd just like some good tutorials/forums/blogs/etc. for complete entity newbies Many thanks in advance

    Read the article

  • Generate Info (wrapper) Class from stored procedure

    - by Adem
    Hello everybody I am in a crucial project and I am trying to speed up the development phase by using codesmith for generating the business class DAL and info class for the tables of my project. There are about 50 tables with relationships parent child many to many and for retrieving data I have to code several inner joins in stored procedures. I have to combine fields from many tables and this makes working with the info class difficult. Is there anyway to generate info class from stored procedures or to be more exact is there a way to parse the result set of the stored procedure and to generate the info class with properties for every column in that result set. Please if anyone can give me some advice and tell me how to achieve this. Best Regards

    Read the article

  • Vbscript / webcam. using flash API - Save streaming file as image

    - by remi
    Hi. Based on a php app we've tried to developp our own webapp in vbscript. All is working well. The camera starts, etc.. The problem we're left with is the following: the flash API is streaming the content of the video to a webpage, this page saves the photo as a jpg. The PHP code we're trying to emulate is as follow $str = file_get_contents("php://input"); file_put_contents("/tmp/upload.jpg", pack("H*", $str)); After intensive googling the best we can come up with is Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Dim sImagePath As String = Server.MapPath("/registration/") & "test.jpg" Dim data As Byte() = Request.BinaryRead(Request.TotalBytes) Dim Ret As Array Dim imgbmp As New System.Drawing.Bitmap("test.jpg") Dim ms As MemoryStream = New MemoryStream(data) imgbmp.Save(ms, System.Drawing.Imaging.ImageFormat.Jpeg) Ret = ms.ToArray() Dim fs As New FileStream(sImagePath, FileMode.Create, FileAccess.Write) fs.Write(Ret, 0, Ret.Length) fs.Flush() fs.Close() End Sub which is not working, does anybody have any suggestion?

    Read the article

  • ObjectDataSource DataObjectTypeName Help. Pass object as parameter

    - by Kettenbach
    I have a partial class (the main class is a LinqToSql generated class) <DataObject(True)> _ Partial Public Class MBI_Contract <DataObjectMethod(DataObjectMethodType.Select, True)> _ Public Shared Function GetCancelableContracts(ByVal dealer As Dealer) As List(Of MBI_Contract) Return Utilities.GetCancelableContractsForDealer(dealer) End Function End Class Here is the method it's calling Public Function GetCancelableContractsForDealer(ByVal dealer As Dealer) As List(Of MBI_Contract) Dim db As TestDataContext = TestDataContext.Create() Return (From mbi As MBI_Contract In db.MBI_Contracts _ Where mbi.MBI_DealerNumber = dealer.DealerNumber _ AndAlso mbi.MBI_PaidFor = True _ AndAlso mbi.MBI_Deleted = False).ToList() End Function I want to use the ObjectDataSource to drive a DropDownList. <asp:ObjectDataSource ID="contractOds" runat="server" TypeName="MBI_Contract" SelectMethod="GetCancelableContracts" DataObjectTypeName="Dealer"> </asp:ObjectDataSource> My aspx page has a Dealer property that is set in a BasePage. My question is how can I pass this property(object) to the ObjectDataSource, so it can be evaluated in my select method. Does anyone know how I can do this? Or am I totally doing this the wrong way? Thanks for any Advice, Cheers, ~ck in San Diego

    Read the article

  • Controlling 3rd party program.

    - by madlan
    Hi my program launches a 3rd party program with a few switches to update itself. Once these updates are complete I need to manually click save from the applications menu. This can be done via the keyboard (Alt Gr + M then Alt Gr + S) The application will take several seconds to load at which point the application will open maximised and the save option will be enabled. Can anyone suggest a method or example for doing such a thing? Monitoring a lauched process? Macro? Thanks.

    Read the article

  • Databinding Error when Recreating object

    - by Maxim Gershkovich
    Hi All, Figure there is a simple solution to this problem but I have been unable to find it. I have databinding in an ASP.Net application to a GridView. This gridview is bound to an ObjectDataSource as per standard usage. The problem I have is that one of my bound fields uses the property DataFormatString="{0:C}" and due to the currency format being displayed when an update is attempted and the object recreated I get a error as such "$13.00 is not a valid value for Decimal." Clearly this is a result of the column using a FormatString and then attempting to bind it back to a decimal property I have in my object called UnitPrice. I am assuming there is some markup I can set that can specify how the value is translated back? Thanks in advance for any help.

    Read the article

  • VisualBasic.net Database Boiler Plate

    - by Shiftbit
    Is there any built in .net Classes to assist in the reduction of boiler plate code? I have numerous database operations going on and I find that I am reproducing the connection, command, transaction and occassianlly data set. I am aware of the Java Related Question, however, the solutions pertain to Java. I was wondering if anyone was aware of a .net solution? http://stackoverflow.com/questions/1072925/remove-boilerplate-from-db-code Public Sub ReadData(ByVal connectionString As String) Dim queryString As String = "SELECT EmpNo, EName FROM Emp" Using connection As New OracleConnection(connectionString) Dim command As New OracleCommand(queryString, connection) connection.Open() Using reader As OracleDataReader = command.ExecuteReader() ' Always call Read before accessing data. While reader.Read() Console.WriteLine(reader.GetInt32(0).ToString() + ", " _ + reader.GetString(1)) End While End Using End Using End Sub MSDN

    Read the article

  • Can't return a List from a Compiled Query.

    - by Andrew
    I was speeding up my app by using compiled queries for queries which were getting hit over and over. I tried to implement it like this: Function Select(ByVal fk_id As Integer) As List(SomeEntity) Using db As New DataContext() db.ObjectTrackingEnabled = False Return CompiledSelect(db, fk_id) End Using End Function Shared CompiledSelect As Func(Of DataContext, Integer, List(Of SomeEntity)) = _ CompiledQuery.Compile(Function(db As DataContext, fk_id As Integer) _ (From u In db.SomeEntities _ Where u.SomeLinkedEntity.ID = fk_id _ Select u).ToList()) This did not work and I got this error message: Type : System.ArgumentNullException, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : Value cannot be null. Parameter name: value However, when I changed my compiled query to return IQueryable instead of List like so: Function Select(ByVal fk_id As Integer) As List(SomeEntity) Using db As New DataContext() db.ObjectTrackingEnabled = False Return CompiledSelect(db, fk_id).ToList() End Using End Function Shared CompiledSelect As Func(Of DataContext, Integer, IQueryable(Of SomeEntity)) = _ CompiledQuery.Compile(Function(db As DataContext, fk_id As Integer) _ From u In db.SomeEntities _ Where u.SomeLinkedEntity.ID = fk_id _ Select u) It worked fine. Can anyone shed any light as to why this is? BTW, compiled queries rock! They sped up my app by a factor of 2.

    Read the article

  • Problem using ScriptManager.RegisterStartUpScript in user control - Script Error "function is not de

    - by poojad
    I have a aspx page which contains a User Control uc1 ans within uc1, there is another user control uc2. Now I need to call a javascript function in the uc2's page load. (I understand that the Pages are not properly designed, but I am sorry as this is an old application, I am not supposed to make any changes in the design) I am doing this using ScriptManager.RegisterStartUpScript as I have an update panel, but the function is not being called and the script error "load is not defined" is fired. (load is the javascript function in uc2) Can anyone help me out with this? Thank you.

    Read the article

  • Access Elements inside a DataTemplate... How to for more than 1 DataTemplate?

    - by GaaTY
    I've got 2 DataTemplates defined for a Listbox Control. 1 Template is for the UnSelected State and the other one is for the Selected State(showing more detail than the UnSelected State). I followed the example here: http://blogs.msdn.com/b/wpfsdk/archive/2007/04/16/how-do-i-programmatically-interact-with-template-generated-elements-part-ii.aspx about how to access the Elements inside the DataTemplates from Code behind. I get it right, but it only finds and returns an element of the UnSelected DataTemplate. But when i search for an element in the Selected DataTemplate i get a NullReferenceException. What could i be doing wrong?

    Read the article

  • Dispose Form opened in MainForm tab

    - by fireBand
    Hi, I have a MainForm which has tab Control and several independent form. I open each Individual From in the tab of the main form. A "Close Tab" button on the MainFrom closes the current tab, its implementation is below. This closes the current tab but what I also need is to dispose the From whose tab is closed but I am not sure how to get the instance of the form.' Any help is appreciated Thanks in Advance. 'Close the current tab Private Sub CloseCurrentTab() 'Close the current tab Dim tabPageSave As TabPage tabPageSave = tcDisplayDetails.SelectedTab tcDisplayDetails.TabPages.Remove(tabPageSave) End Sub

    Read the article

  • C# Value member property repopulate the control..

    - by karthik
    Hi.. I just wanted to confirm couple of things. I) Code snippet: cmb1.Datasource= dt; cmb1.Valuemember = "value"; Here data population happens 2 time for the control, 1 More time extra,bcoz of value member getting changed after data source assigned. Is it true? II) How can I trace these re population in C#? I just wanted to debug and see and confirm? example please? Thanks Karthik

    Read the article

  • ASP.NET Repeater datasource bound to a function. Would it call the function twice?

    - by Frenchie
    In the code behind I have a function that returns a List(Of SomeClass): rptRepeater.DataSource = SomeFunction(SomeVariable) rptRepeater.DataBind() In the html I have a basic repeater layout and am using the below code to get the Properties of each object returned. <%#Databinder.Eval(Container.DataItem, "Parameter1")% My question is, would there ever be a case that it would execute the Function more than once?

    Read the article

  • Creating share programmatically fails with error 9

    - by Christopher
    Directory.CreateDirectory("C:\MyTestShare") Dim managementClass As New ManagementClass("Win32_Share") Dim inParams As ManagementBaseObject = managementClass.GetMethodParameters("Create") inParams.Item("Description") = "My Files Share" inParams.Item("Name") = "My Files Share" inParams.Item("Path") = "C:\MyTestShare" inParams.Item("Type") = 0 If (DirectCast(managementClass.InvokeMethod("Create", inParams, Nothing).Properties.Item("ReturnValue").Value, UInt32) <> 0) Then Throw New Exception("Unable to share directory.") End If I am using the following code to set up a share, but I am always getting a return value of 9 which means invalid name. I am passing a string and have tried to use an explicit string and I still get error 9. I am creating the share remotely rather than on local machine however. Not sure if that matter.

    Read the article

  • Appending data into Listview control results

    - by strakastroukas
    In my webpage i use the following in order filling the listview control <asp:ListView ID="ListView1" runat="server"> <layouttemplate> <asp:PlaceHolder id="itemPlaceholder" runat="server" /></layouttemplate> <ItemTemplate> <tr> <td><asp:Label ID="Label1" runat="server" Text = '<%# DataBinder.Eval(Container.DataItem, "Ans1") %>' Visible = '<%# DataBinder.Eval(Container.DataItem, "Ans1Visible") %>'></asp:Label> <br /> <asp:Label ID="Label2" runat="server" Text = '<%# DataBinder.Eval(Container.DataItem, "Ans2") %>' Visible = '<%# DataBinder.Eval(Container.DataItem, "Ans2Visible") %>'></asp:Label> <br /> <asp:Label ID="Label3" runat="server" Text = '<%# DataBinder.Eval(Container.DataItem, "Ans3") %>' Visible = '<%# DataBinder.Eval(Container.DataItem, "Ans3Visible") %>'></asp:Label> <br /> <asp:Label ID="Label4" runat="server" Text = '<%# DataBinder.Eval(Container.DataItem, "Ans4") %>' Visible = '<%# DataBinder.Eval(Container.DataItem, "Ans4Visible") %>'></asp:Label> <br /> <asp:Label ID="Label5" runat="server" Text = '<%# DataBinder.Eval(Container.DataItem, "Ans5") %>' Visible = '<%# DataBinder.Eval(Container.DataItem, "Ans5Visible") %>'></asp:Label> <br /> <asp:Label ID="Label6" runat="server" Text = '<%# DataBinder.Eval(Container.DataItem, "Ans6") %>' Visible = '<%# DataBinder.Eval(Container.DataItem, "Ans6Visible") %>'></asp:Label> </td> </tr> </ItemTemplate> </asp:ListView> Now i would like to add numbers to the labels before they are rendered. For example currently the data displayed are like Tennis Football Basketball Nfl Nba Polo and the output i would like to have is 1. Tennis 2. Football 3. Basketball 4. Nfl 5. Nba 6. Polo Could i use ListView1_ItemCreated or the ListView1_ItemDataBound event to achieve this? If that is true, could you point me a place to start?

    Read the article

  • Trouble upgrading to .NET 4 with VS2008. What am I missing?

    - by Matt H.
    I downloaded the .NET 4 framework from miscrosoft here: http://www.microsoft.com/downloads/details.aspx?FamilyID=9cfb2d51-5ff4-4491-b0e5-b386f32c0992&displaylang=en I installed and rebooted. When I go to compile options -- target framework... .NET 4 isn't on the list. Is .net 4 not compatible with VS2008? It would be nice if Microsoft stated that somewhere...

    Read the article

  • Getting my string value from my form into my class( not another form)

    - by jovany
    Hello all, I have a question regarding the some data which is being transfered from one form to my class. It's not going quite the way i'd like to , so I figured maybe there is someone who could help me. This is my code in my class Public Class DrawableTextBox Inherits Drawable Dim i_testString As Integer Private s_InsertLabel As String Private drawFont As Font Public Sub New(ByVal fore_color As Color, ByVal fill_color As Color, Optional ByVal line_width As Integer = 0, Optional ByVal new_x1 As Integer = 0, Optional ByVal new_y1 As Integer = 0, Optional ByVal new_x2 As Integer = 1, Optional ByVal new_y2 As Integer = 1) MyBase.New(fore_color, fill_color, line_width) X1 = new_x1 Y1 = new_y1 X2 = new_x2 Y2 = new_y2 Trace.WriteLine(s_InsertLabel) End Sub Friend WriteOnly Property _textBox() As String Set(ByVal Value As String) s_InsertLabel = Value Trace.WriteLine(s_InsertLabel) End Set End Property ' Draw the object on this Graphics surface. Public Overrides Sub Draw(ByVal gr As System.Drawing.Graphics) ' Make a Rectangle representing this rectangle. Dim rect As Rectangle = GetBounds() ' Fill the rectangle as usual. Dim fill_brush As New SolidBrush(FillColor) gr.FillRectangle(fill_brush, rect) fill_brush.Dispose() ' See if we're selected. If IsSelected Then ' Draw the rectangle highlighted. Dim highlight_pen As New Pen(Color.Yellow, LineWidth) gr.DrawRectangle(highlight_pen, rect) highlight_pen.Dispose() ' Draw grab handles. Trace.WriteLine("drawing the lines for my textbox") DrawGrabHandle(gr, X1, Y1) DrawGrabHandle(gr, X1, Y2) DrawGrabHandle(gr, X2, Y2) DrawGrabHandle(gr, X2, Y1) Else 'TextBox() Dim fg_pen As New Pen(Color.Red, LineWidth) 'Dim fontSize As Single = 0.1 + ((Y2 - Y1) / 2) Dim fontSize As Single = 20 Try Dim drawFont As New Font("Arial", fontSize, FontStyle.Bold) Trace.WriteLine(s_InsertLabel) gr.DrawString(s_InsertLabel, drawFont, Brushes.Brown, X1, Y1) Catch ex As ArgumentException End Try gr.DrawRectangle(Pens.Azure, rect) ' gr.DrawRectangle(fg_pen, rect) fg_pen.Dispose() End If End Sub Public Function GetValueString(ByVal ValueType As String) Return ValueType End Function ' Return the object's bounding rectangle. Public Overrides Function GetBounds() As System.Drawing.Rectangle Return New Rectangle( _ Min(X1, X2), _ Min(Y1, Y2), _ Abs(100), _ Abs(30)) Trace.WriteLine("don't forget to make variables in GetBounds DrawableTextbox") End Function ' Return True if this point is on the object. Public Overrides Function IsAt(ByVal x As Integer, ByVal y As Integer) As Boolean Return (x >= Min(X1, X2)) AndAlso _ (x <= Max(X1, X2)) AndAlso _ (y >= Min(Y1, Y2)) AndAlso _ (y <= Max(Y1, Y2)) End Function ' Move the second point. Public Overrides Sub NewPoint(ByVal x As Integer, ByVal y As Integer) X2 = x Y2 = y End Sub ' Return True if the object is empty (e.g. a zero-length line). Public Overrides Function IsEmpty() As Boolean Return (X1 = X2) AndAlso (Y1 = Y2) End Function End Class I've got a form with a textbox( form1) in which the text is being inserted and passed through a buttonclick (al via properties). As you can see I've placed several traces and in the property of the class my trace works fine , however if I look in my Draw function it is already gone. And I get a blank trace. Does anyone know what's happening here. thanks in advance. (forgive me I'm new )

    Read the article

  • Is there a limit on number of OLE objects that can be embedded in an excel sheet?

    - by Varun Mahajan
    I am adding OLE objects to an excel sheet through .net interop. However, after some calls, excel is not allowing adding more objects through code. Is there a limit? or am I doing something wrong. Dim Htmlshape As Microsoft.Office.Interop.Excel.Shape Htmlshape = xlWorkSheet.Shapes.AddOLEObject(, tmpFile, , True, strExplorerPath, 1, "") Running this code gives an error after say 1000 calls. So, am I crossing some limit here?

    Read the article

  • Why won't my anonymous function fire on grid.prerender?

    - by adam0101
    In my gridview I have fields for inserting a new record in the footer. In my objectdatasource selecting event if no records came back I bind a single mock row to force the footer to show so they can still add records. Since the row does not contain real data I hide the row. ... If result.ItemCount = 0 Then result = mockRow AddHandler mygridview.PreRender, AddressOf HideRow End If End Sub Private Sub HideRow(ByVal sender as Object, ByVal e as EventArgs) mygridview.Rows(0).Visible = False End Sub This works fine. However, I'd like to condense it like this: ... If result.ItemCount = 0 Then result = mockRow AddHandler mygridview.PreRender, Function() mygridview.Rows(0).Visible = False End If End Sub This compiles fine, but the row doesn't get hidden. Can anyone tell me why my anonymous function isn't getting hit?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120  | Next Page >