Search Results

Search found 8692 results on 348 pages for 'patterns and practices'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 140/348 | < Previous Page | 136 137 138 139 140 141 142 143 144 145 146 147  | Next Page >

  • What is the most EVIL code you have ever seen in a production enterprise environment?

    - by Registered User
    What is the most evil or dangerous code fragment you have ever seen in a production environment at a company? I've never encountered production code that I would consider to be deliberately malicious and evil, so I'm quite curious to see what others have found. The most dangerous code I have ever seen was a stored procedure two linked-servers away from our core production database server. The stored procedure accepted any NVARCHAR(8000) parameter and executed the parameter on the target production server via an double-jump sp_executeSQL command. That is to say, the sp_executeSQL command executed another sp_executeSQL command in order to jump two linked servers. Oh, and the linked server account had sysadmin rights on the target production server.

    Read the article

  • What is there so useful in the Decorator Pattern? My example doesn't work

    - by Green
    The book says: The decorator pattern can be used to extend (decorate) the functionality of a certain object I have a rabbit animal. And I want my rabbit to have, for example, reptile skin. Just want to decorate a common rabbit with reptile skin. I have the code. First I have abstract class Animal with everythig that is common to any animal: abstract class Animal { abstract public function setSleep($hours); abstract public function setEat($food); abstract public function getSkinType(); /* and more methods which for sure will be implemented in any concrete animal */ } I create class for my rabbit: class Rabbit extends Animal { private $rest; private $stomach; private $skinType = "hair"; public function setSleep($hours) { $this->rest = $hours; } public function setFood($food) { $this->stomach = $food; } public function getSkinType() { return $this->$skinType; } } Up to now everything is OK. Then I create abstract AnimalDecorator class which extends Animal: abstract class AnimalDecorator extends Animal { protected $animal; public function __construct(Animal $animal) { $this->animal = $animal; } } And here the problem comes. Pay attention that AnimalDecorator also gets all the abstract methods from the Animal class (in this example just two but in real can have many more). Then I create concrete ReptileSkinDecorator class which extends AnimalDecorator. It also has those the same two abstract methods from Animal: class ReptileSkinDecorator extends AnimalDecorator { public function getSkinColor() { $skin = $this->animal->getSkinType(); $skin = "reptile"; return $skin; } } And finaly I want to decorate my rabbit with reptile skin: $reptileSkinRabbit = ReptileSkinDecorator(new Rabbit()); But I can't do this because I have two abstract methods in ReptileSkinDecorator class. They are: abstract public function setSleep($hours); abstract public function setEat($food); So, instead of just re-decorating only skin I also have to re-decorate setSleep() and setEat(); methods. But I don't need to. In all the book examples there is always ONLY ONE abstract method in Animal class. And of course it works then. But here I just made very simple real life example and tried to use the Decorator pattern and it doesn't work without implementing those abstract methods in ReptileSkinDecorator class. It means that if I want to use my example I have to create a brand new rabbit and implement for it its own setSleep() and setEat() methods. OK, let it be. But then this brand new rabbit has the instance of commont Rabbit I passed to ReptileSkinDecorator: $reptileSkinRabbit = ReptileSkinDecorator(new Rabbit()); I have one common rabbit instance with its own methods in the reptileSkinRabbit instance which in its turn has its own reptileSkinRabbit methods. I have rabbit in rabbit. But I think I don't have to have such possibility. I don't understand the Decarator pattern right way. Kindly ask you to point on any mistakes in my example, in my understanding of this pattern. Thank you.

    Read the article

  • How to allow for modular development while still running in same JVM?

    - by Marcus
    Our current app runs in a single JVM. We are now splitting up the app into separate logical services where each service runs in its own JVM. The split is being done to allow a single service to be modified and deployed without impacting the entire system. This reduces the need to QA the entire system - just need to QA the interaction with the service being changed. For interservice communication we use a combination of REST, an MQ system bus, and database views. What I don't like about this: REST means we have to marshal data to/from XML DB views couple the systems together which defeats the whole concept of separate services MQ / system bus is added complexity There is inevitably some code duplication between services You have set up n JBoss server configurations, we have to do n number of deployments, n number of set up scripts, etc, etc. Is there a better way to structure an internal application to allow modular development and deployment while allowing the app to run in a single JVM (and achieving the associated benefits)?

    Read the article

  • Best practice for Google app engine and Git.

    - by systempuntoout
    I'm developing a small pet project on Google App Engine and i would like to keep code under source control using github; this will allow a friend of mine to checkout and modify the sources. I just have a directory with all sources (call it PetProject) and Google App Engine development server points to that directory. Is it correct to create a Repo directly from PetProject directory or is it preferable to create a second directory (mirror of the develop PetProject directory); in this case, anytime my friend will release something new, i need to pull from Git and then copy the modified files to the develop PetProject directory. If i decide to keep the Repo inside the develop directory, skippin .git on yaml is enough? What's the best practice here?

    Read the article

  • Magento Onepage Success Conversion Tracking Design Pattern

    - by user1734954
    My intent is to track conversions through multiple channels by inserting third party javascript (for example google analytics, optimizely, pricegrabber etc.) into the footer of onepage success . I've accomplished this by adding a block to the footer reference inside of the checkout success node within local.xml and everything works appropriately. My questions are more about efficiency and extensibility. It occurred to me that it would be better to combine all of the blocks into a single block reference and then use a various methods acting on a single call to the various related models to provide the data needed for insertion into the javascript for each of the conversion tracking scripts. Some examples of the common data that conversion tracking may rely on(pseudo): Order ID , Order Total, Order.LineItem.Name(foreach) and so on Currently for each of the scripts I've made a call to the appropriate model passing the customers last order id as the load value and the calling a get() assigning the return value to a variable and then iterating through the data to match the values with the expectations of the given third party service. All of the data should be pulled once when checkout is complete each third party services may expect different data in different formats Here is an example of one of the conversion tracking template files which loads at the footer of checkout success. $order = Mage::getModel('sales/order')->loadByIncrementId(Mage::getSingleton('checkout/session')->getLastRealOrderId()); $amount = number_format($order->getGrandTotal(),2); $customer = Mage::helper('customer')->getCustomer()->getData(); ?> <script type="text/javascript"> popup_email = '<?php echo($customer['email']);?>'; popup_order_number = '<?php echo $this->getOrderId() ?>'; </script> <!-- PriceGrabber Merchant Evaluation Code --> <script type="text/javascript" charset="UTF-8" src="https://www.pricegrabber.com/rating_merchrevpopjs.php?retid=<something>"></script> <noscript><a href="http://www.pricegrabber.com/rating_merchrev.php?retid=<something>" target=_blank> <img src="https://images.pricegrabber.com/images/mr_noprize.jpg" border="0" width="272" height="238" alt="Merchant Evaluation"></a></noscript> <!-- End PriceGrabber Code --> Having just a single piece of code like this is not that big of a deal, but we are doing similar things with a number of different third party services. Pricegrabber is one of the simpler examples. A more sophisticated tracking service expects a comma separated list of all of the product names, ids, prices, categories , order id etc. I would like to make it all more manageable so my idea to do the following: combine all of the template files into a single file Develop a helper class or library to deliver the data to the conversion template Goals Include Extensibility Minimal Model Calls Minimal Method Calls The Questions 1. Is a Mage helper the best route to take? 2. Is there any design pattern you may recommend for the "helper" class? 3. Why would this the design pattern you've chosen be best for this instance?

    Read the article

  • What are the weaknesses of this user authentication method?

    - by byronh
    I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

    Read the article

  • Best practice with respect to NPE and multiple expressions on single line

    - by JRL
    I'm wondering if it is an accepted practice or not to avoid multiple calls on the same line with respect to possible NPEs, and if so in what circumstances. For example: getThis().doThat(); vs Object o = getThis(); o.doThat(); The latter is more verbose, but if there is an NPE, you immediately know what is null. However, it also requires creating a name for the variable and more import statements. So my questions around this are: Is this problem something worth designing around? Is it better to go for the first or second possibility? Is the creation of a variable name something that would have an effect performance-wise? Is there a proposal to change the exception message to be able to determine what object is null in future versions of Java ?

    Read the article

  • DRYing up Rails Views with Nested Resources

    - by viatropos
    What is your solution to the problem if you have a model that is both not-nested and nested, such as products: a "Product" can belong_to say an "Event", and a Product can also just be independent. This means I can have routes like this: map.resources :products # /products map.resources :events do |event| event.resources :products # /events/1/products end How do you handle that in your views properly? Note: this is for an admin panel. I want to be able to have a "Create Event" page, with a side panel for creating tickets (Product), forms, and checking who's rsvp'd. So you'd click on the "Event Tickets" side panel button, and it'd take you to /events/my-new-event/tickets. But there's also a root "Products" tab for the admin panel, which could list tickets and other random products. The 'tickets' and 'products' views look 90% the same, but the tickets will have some info about the event it belongs to. It seems like I'd have to have views like this: products/index.haml products/show.haml events/products/index.haml events/products/show.haml But that doesn't seem DRY. Or I could have conditionals checking to see if the product had an Event (@product.event.nil?), but then the views would be hard to understand. How do you deal with these situations? Thanks so much.

    Read the article

  • What is the proper way to code a read-while loop in Scala?

    - by ARKBAN
    What is the "proper" of writing the standard read-while loop in Scala? By proper I mean written in a Scala-like way as opposed to a Java-like way. Here is the code I have in Java: MessageDigest md = MessageDigest.getInstance( "MD5" ); InputStream input = new FileInputStream( "file" ); byte[] buffer = new byte[1024]; int readLen; while( ( readLen = input.read( buffer ) ) != -1 ) md.update( buffer, 0, readLen ); return md.digest(); Here is the code I have in Scala: val md = MessageDigest.getInstance( hashInfo.algorithm ) val input = new FileInputStream( "file" ) val buffer = new Array[ Byte ]( 1024 ) var readLen = 0 while( readLen != -1 ) { readLen = input.read( buffer ) if( readLen != -1 ) md.update( buffer, 0, readLen ) } md.digest The Scala code is correct and works, but feels very un-Scala-ish. For one it is a literal translation of the Java code, taking advantage of none of the advantages of Scala. Further it is actually longer than the Java code! I really feel like I'm missing something, but I can't figure out what. I'm fairly new to Scala, and so I'm asking the question to avoid falling into the pitfall of writing Java-style code in Scala. I'm more interested in the Scala way to solve this kind of problem than in any specific helper method that might be provided by the Scala API to hash a file. (I apologize in advance for my ad hoc Scala adjectives throughout this question.)

    Read the article

  • Overcoming C limitations for large projects

    - by Francisco Garcia
    One aspect where C shows its age is the encapsulation of code. Many modern languages has classes, namespaces, packages... a much more convenient to organize code than just a simple "include". Since C is still the main language for many huge projects. How do you to overcome its limitations? I suppose that one main factor should be lots of discipline. I would like to know what you do to handle large quantity of C code, which authors or books you can recommend.

    Read the article

  • Designing a class in such a way that it doesn't become a "God object"

    - by devoured elysium
    I'm designing an application that will allow me to draw some functions on a graphic. Each function will be drawn from a set of points that I will pass to this graphic class. There are different kinds of points, all inheriting from a MyPoint class. For some kind of points it will be just printing them on the screen as they are, others can be ignored, others added, so there is some kind of logic associated to them that can get complex. How to actually draw the graphic is not the main issue here. What bothers me is how to make the code logic such that this GraphicMaker class doesn't become the so called God-Object. It would be easy to make something like this: class GraphicMaker { ArrayList<Point> points = new ArrayList<Point>(); public void AddPoint(Point point) { points.add(point); } public void DoDrawing() { foreach (Point point in points) { if (point is PointA) { //some logic here else if (point is PointXYZ) { //...etc } } } } How would you do something like this? I have a feeling the correct way would be to put the drawing logic on each Point object (so each child class from Point would know how to draw itself) but two problems arise: There will be kinds of points that need to know all the other points that exist in the GraphicObject class to know how to draw themselves. I can make a lot of the methods/properties from the Graphic class public, so that all the points have a reference to the Graphic class and can make all their logic as they want, but isn't that a big price to pay for not wanting to have a God class?

    Read the article

  • Best way for user authentication on JavaEE 6 using JSF 2.0?

    - by ngeek
    I'm wondering what the current state of art recommendation is regarding user authentication for a web application making use of JSF 2.0 (and if any components do exist) and JEE6 core mechanisms (login/check permissions/logouts) with user information hold in a JPA entity. The Sun tutorial is a bit sparse on this (only handles servlets). This is without making use of a whole other framework, like Spring-Security (acegi), or Seam, but trying to stick hopefully with the new Java EE 6 platform (web profile) if possible. Thanks, Niko

    Read the article

  • Fast read of certain bytes of multiple files in C/C++

    - by Alejandro Cámara
    I've been searching in the web about this question and although there are many similar questions about read/write in C/C++, I haven't found about this specific task. I want to be able to read from multiple files (256x256 files) only sizeof(double) bytes located in a certain position of each file. Right now my solution is, for each file: Open the file (read, binary mode): fstream fTest("current_file", ios_base::out | ios_base::binary); Seek the position I want to read: fTest.seekg(position*sizeof(test_value), ios_base::beg); Read the bytes: fTest.read((char *) &(output[i][j]), sizeof(test_value)); And close the file: fTest.close(); This takes about 350 ms to run inside a for{ for {} } structure with 256x256 iterations (one for each file). Q: Do you think there is a better way to implement this operation? How would you do it?

    Read the article

  • MVC and conditional formatting - strategies for implementation

    - by Extrakun
    Right now I am writing a simulation program which output is formatted according to certain factors. The question is in a MVC architecture, where is the conditional formatting to be taken place? What are some strategies for implement this feature? FYI, The platform I am using is rather bare-bone in its GUI/front-end execution. To change color and formatting, it requires a change to the formatting state (much like OpenGL).

    Read the article

  • How do I put an ASP.NET website project and class library projects in one .sln file on Subversion

    - by JustinP8
    My company has several class libraries we use in multiple website projects (not web application projects). Website projects don't have .sln files, but I'm sure I've read in my past research that you can make a blank solution and put your website and class library projects in it. After answers to my previous questions, this is the direction that I'm going (based slightly on [http://amadiere.com/blog/2009/06/multiple-subversion-projects-in-one-visual-studio-solution-using-svnexternals/][1]: /websites /website1 /trunk /website1 /libraries /library1 /trunk /library1 /library2 /trunk /library2 /etc... Then I planed on using svn:externals to copy /library1, /library2, and so on into the working_copy/websites/website1/ folder. I want my team members to be able to checkout the /trunk folder for website1 and get a .sln file, /library1 external, /library2 external, etc. I want that .sln file to contain the website1 website project, and all of the library external projects. Hopefully that would look something like: /working_copy /websites /website1 /trunk /website1 /library1 (svn:external of libraries/library1/trunk/library1) /library2 (svn:external of libraries/library2/trunk/library2) /etc. website1.sln So, at the end of all of this, the goal is that my teammates check out the trunk, open the solution, and everyone has the exact same solution. When we commit, everything is committed appropriately to subversion (the website code, and the libraries are committed to their appropriate place on the repo). How have others solved these issues? How can I make a .sln file that my team members and I can share in this manner? [1]: "This Article"

    Read the article

  • Separation of interfaces and implementation

    - by bonefisher
    From assembly(or module) perspective, what do you think of separation of Interface (1.assembly) and its Implementation (2.assembly)? In this way we can use some IoC container to develop more decoupling desing.. Say we have an assembly 'A', which contains interfaces only. Then we have an assembly 'B' which references 'A' and implements those interfaces..It is dependent only on 'A'. In assembly 'C' then we can use the IoC container to create objects of 'A' using dependency injection of objects from 'B'. This way 'B' and 'C' are completely unaware (not dependent) of themselves..

    Read the article

  • How to solve the problem of not being informed of successful payments by the 3rd party system used b

    - by user68759
    I have a subscription based website that interacts with a 3rd party system to handle the payments. The steps to process a new subscriber registration are as follow: The subscriber enters his/her details in the subscription form and click on the submit button. Assuming the details specified are valid, a new record is created in the database to store these details. The subscriber is then redirected to the website of the 3rd party system (similar to paypal) to process the payment. Once the payment is succesful, the 3rd party website then redirect the subscriber back to our website. At this time, I know that the payment was succesful, so the record in the database is updated to indicate that payment has been made successfully. A problem that I have found occurring quite often is that if a subscriber pays but does not complete the process correctly (e.g. uses the back browser, closes the window), his/her record in the database doesn't get updated about this. Accordingly, I don't know if s/he has paid by just looking the record and need to wait for the report from the 3rd party system to find this out. How do you solve this problem? PS. One of the main reasons to store their details into the database before the payment process is done is so they can come back to complete the payment without re-entering their details again. For example, when their credit cards were rejected by the 3rd party system and they need to sort this out with their financial institution which may take a while.

    Read the article

  • Extension Methods - IsNull and IsNotNull, good or bad use?

    - by Jaimal Chohan
    I like readability. So, I came up with an extension mothod a few minutes ago for the (x =! null) type syntax, called IsNotNull. Inversly, I also created a IsNull extension method, thus if(x == null) becomes if(x.IsNull()) and if(x != null) becomes if(x.IsNotNull()) However, I'm worried I might be abusing extension methods. Do you think that this is bad use of Extenion methods?

    Read the article

  • Problem implementing Interceptor pattern

    - by ph0enix
    I'm attempting to develop an Interceptor framework (in C#) where I can simply implement some interfaces, and through the use of some static initialization, register all my Interceptors with a common Dispatcher to be invoked at a later time. The problem lies in the fact that my Interceptor implementations are never actually referenced by my application so the static constructors never get called, and as a result, the Interceptors are never registered. If possible, I would like to keep all references to my Interceptor libraries out of my application, as this is my way of (hopefully) enforcing loose coupling across different modules. Hopefully this makes some sense. Let me know if there's anything I can clarify... Does anyone have any ideas, or perhaps a better way to go about implementing my Interceptor pattern? Update: I came across Spring.NET. I've heard of it before, but never really looked into it. It sounds like it has a lot of great features that would be very useful for what I'm trying to do. Does anyone have any experience with Spring.NET? TIA, Jeremy

    Read the article

  • What are the virtues of using XML comments in .NET?

    - by Michal Czardybon
    I can't understand the virtues of using XML comments. I know they can be converted into nice documentation external to the code, but the same can be achieved with the much more concise DOxygen syntax. In my opinion the XML comments are wrong, because: They obfuscate the comments and the code in general. (They are more difficult to read by humans). Less code can be viewed on a single screen, because "summary" and "/summary" take additional lines. They suggest that all method parameters have to be commented, whereas 90% of them are obvious and SHOULD be left not commented. The only problem I have with this is that my point of view seems to be in minority. Why?

    Read the article

  • Proper way of naming your Java Google App Engine Project

    - by Saif Bechan
    I am starting out with Google's App Engine in Java. I have seen the tutorial video but I do not understand the naming of the project package. It is going to be a guestbook, that's why the name is guestbook, I understand that part. But after that I see package name. 1)Is that something you import into the project, or is is something you create. I have seen this a lot in projects, something like com.xxx.xxx. 2)How do you name this type of thing or is this an import. I have looked at another tutorial there they take the naming to a whole new level. The name of both the project and the package is de.vogella.gae.java.todo. 3)What does this mean in java terms. 4)Maybe one of you can help me with this specific project I want to start. I want to create a Google App project that for now only serves static files. I will leave the project empty and just put all my static files in the war directory of the project. I want the domain name to be mydomainstatic

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 136 137 138 139 140 141 142 143 144 145 146 147  | Next Page >