Search Results

Search found 14074 results on 563 pages for 'programmers'.

Page 142/563 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

• How can you become a competent web application security expert without breaking the law?

  - by hal10001

  I find this to be equivalent to undercover police officers who join a gang, do drugs and break the law as a last resort in order to enforce it. To be a competent security expert, I feel hacking has to be a constant hands-on effort. Yet, that requires finding exploits, testing them on live applications, and being able to demonstrate those exploits with confidence. For those that consider themselves "experts" in Web application security, what did you do to learn the art without actually breaking the law? Or, is this the gray area that nobody likes to talk about because you have to bend the law to its limits?

  Read the article

• Syntactic sugar in PHP with static functions

  - by Anna

  The dilemma I'm facing is: should I use static classes for the components of an application just to get nicer looking API? Example - the "normal" way: // example component class Cache{ abstract function get($k); abstract function set($k, $v); } class APCCache extends Cache{ ... } class application{ function __construct() $this->cache = new APCCache(); } function whatever(){ $this->cache->add('blabla'); print $this->cache->get('blablabla'); } } Notice how ugly is this->cache->.... But it gets waay uglier when you try to make the application extensible trough plugins, because then you have to pass the application instance to its plugins, and you get $this->application->cache->... With static functions: interface CacheAdapter{ abstract function get($k); abstract function set($k, $v); } class Cache{ public static $ad; public function setAdapter(CacheAdapter $a){ static::$ad = $ad; } public static function get($k){ return static::$ad->get($k); } ... } class APCCache implements CacheAdapter{ ... } class application{ function __construct(){ cache::setAdapter(new APCCache); } function whatever() cache::add('blabla', 5); print cache::get('blabla'); } } Here it looks nicer because you just call cache::get() everywhere. The disadvantage is that I loose the possibility to extend this class easily. But I've added a setAdapter method to make the class extensible to some point. I'm relying on the fact that I won't need to rewrite to replace the cache wrapper, ever, and that I won't need to run multiple application instances simultaneously (it's basically a site - and nobody works with two sites at the same time) So, am doing it wrong?

  Read the article

• Is monkeypatching considered good programming practice?

  - by vartec

  I've been under impression, that monkeypatching is more in quick and dirty hack category, rather than standard, good programming practice. While I'd used from time to time to fix minor issues with 3rd party libs, I considered it temporary fix and I'd submit proper patch to the 3rd party project. However, I've seen this technique used as "the normal way" in mainstream projects, for example in Gevent's gevent.monkey module. Has monkeypatching became mainstream, normal, acceptable programming practice? See also: "Monkeypatching For Humans" by Jeff Atwood

  Read the article

• Can someone explain to me C#'s coding convention?

  - by AedonEtLIRA

  I recently started working with Unity3D and primarily scripting with C#. As, I normally program in Java, the differences aren't too great but I still referred to a crash course just to make sure I am on the right track. However, My biggest curiosity with C# is that is capitalises the first letter its method names (eg. java: getPrime() C#: GetPrime() aka: Pascal Case?). Is there a good reason for this? I understand from the crash course page that I read that apparently it's convention for .Net and I have no way of ever changing it, but I am curious to hear why it was done like this as opposed to the normal (relative?) camel case that, say, Java uses. Note: I understand that languages have their own coding conventions (python methods are all lower case which also applies in this question) but I've never really understood why it isn't formalised into a standard.

  Read the article

• Is there a best practice / standard approach to a free trial for a web app

  - by wobbily_col

  I have an idea for a web app, and would be interested in implementing it, and offering a free trial of say 5 uses before asking people to sign up. I can think of numerous ways of doing this (using cookies , logging IP adresses off the top of my head, limiting functionality). Is there a standard approach to this? Are there best practices? Are there any good tutorials on this? (I would prefer not to go the liited functionality route, as it will not show what the app is capable of).

  Read the article

• How you return to a code when you don't remember what you were doing?

  - by speeder

  Well, I have some problems with procrastination and whatnot, but those get infinitely worse, when I cannot remember what I should be doing. I mean, I know my project, I wrote 100% of the code so far, and I knew more or less what I was doing, but I don't remember exactly what, I don't remember what file I was editing and why. How I get back on track? (because right now my technique of opening the source code and staring at it is not working)

  Read the article

• IL and case-sensitivity

  - by Ali .NET

  Quoted from A Brief Introduction To IL code, CLR, CTS, CLS and JIT In .NET CLS stands for Common Language Specifications. It is a subset of CTS. CLS is a set of rules or guidelines which if followed ensures that code written in one .NET language can be used by another .NET language. For example one rule is that we cannot have member functions with same name with case difference only i.e we should not have add() and Add(). This may work in C# because it is case-sensitive but if try to use that C# code in VB.NET, it is not possible because VB.NET is not case-sensitive. Based on above text I want to confirm two points here: Does the case-sensitivity of IL is a condition for member functions only, and not for member properties? Is it true that C# wouldn't be inter-operable with VB.NET if it didn't take care of the case sensitivity?

  Read the article

• Finding co-maintainers for open source projects

  - by Mike Samuel

  I have a number of open-source projects that have gotten some significant usage and would like to find co-maintainers so that I am not a bottleneck when it comes to maintenance and support requests and to get other perspectives on how the project should evolve. Where should I look for co-maintainers, what should I look for in a co-maintainer, and how should I go about bringing them up to speed on the code and maintainer responsibilities?

  Read the article

• Rewrote GNU GPL v2 code in another language: can I change a license?

  - by Anton Gogolev

  I rewrote some parts of Mercurial (which is licensed under GNU GPL v2) in C#. Naturally, I looked a lot into original Python code and some parts are direct translations from Python to C#. Is is possible have "my code" licensed under different terms or to even make a part of a closed-source commercial application? If not, can I re-license "my-code" under LGPL, open-source it and then use this open-sourced C# library in my closed-source commercial application?

  Read the article

• Dark themes in IDE with multiple monitors

  - by nivlam

  There has been numerous posts about developers that prefer a dark color scheme in their IDE. Most of the themes at studiostyl.es are dark themes. Back when I had a single monitor, I did enjoy using a dark theme since it was easier on the eyes. But now that I utilize multiple monitors, I find dark themes actually hurt my eyes. Most of the time I have my IDE open on one monitor and a browser/email/documentation open on my other monitors. Only my IDE has a dark theme and most of websites/documentation have a white background. This forces my eyes to constantly adjust between my dark IDE and the white website, which puts strain on my eyes. I'm sure I'm not the only person who tries to use a dark theme for the IDE and have multiple monitors. How do other people deal with this issue?

  Read the article

• Why prefer a wildcard to a type discriminator in a Java API (Re: Effective Java)

  - by Michael Campbell

  In the generics section of Bloch's Effective Java (which handily is the "free" chapter available to all: http://java.sun.com/docs/books/effective/generics.pdf), he says: If a type parameter appears only once in a method declaration, replace it with a wildcard. (See page 31-33 of that pdf) The signature in question is: public static void swap(List<?> list, int i, int j) vs public static void swap(List<E> list, int i, int j) And then proceeds to use a static private "helper" function with an actual type parameter to perform the work. The helper function signature is EXACTLY that of the second option. Why is the wildcard preferable, since you need to NOT use a wildcard to get the work done anyway? I understand that in this case since he's modifying the List and you can't add to a collection with an unbounded wildcard, so why use it at all?

  Read the article

• Dictionary as DataMember in WCF after installing .NET 4.5 [migrated]

  - by Mauricio Ulate

  After installing .NET Framework 4.5 with Visual Studio 2012, whenever I want to obtain the reference from a WCF service, my dictionaries are changed into arrays. For example, Dictionary<int, double> is changed into ArrayOfKeyValueOfintdoubleKeyValueOfintdouble. This happens in both Visual Studio 2012 and 2010 (both Express). I've reviewed my configuration and the dictionary data type in the service reference configuration is System.Collection.Generic.Dictionary. Changing this doesn't make a difference. Reverting to just using Visual Studio 2010 and .NET 4.0 is not an option.

  Read the article

• Security of logging people in automatically from another app?

  - by Simon

  I have 2 apps. They both have accounts, and each account has users. These apps are going to share the same users and accounts and they will always be in sync. I want to be able to login automatically from one app to the other. So my solution is to generate a login_key, for example: 2sa7439e-a570-ac21-a2ao-z1qia9ca6g25 once a day. And provide a automated login link to the other app... for example if the user clicks on: https://account_name.securityhole.io/login/2sa7439e-a570-ac21-a2ao-z1qia9ca6g25/user/123 They are logged in automatically, session created. So here we have 3 things that a intruder has to get right in order to gain access; account name, login key, and the user id. Bad idea? Or should I can down the path of making one app an oauth provider? Or is there a better way?

  Read the article

• Interviewing a DBA

  - by kev

  Our Company is in the Process of recuiting a DBA. I have built a group test of questions from basic questions such as Pk and Fk constraints, simple querries(fizzbuzz style) to more advanced things such as indexes, Collation, isolation levels and how to trace deadlocks. However, that is the limit of my knowledge. So my question to all the DBA's is what is the base level knowledge that all DBA's should have? We are really looking for someone that will be able to manage our replication, analyzing some of our slower running queries(that the devs can go to for help) and someone that can trace some of the deadlock issues that we are having. Any help would be most appreciated!

  Read the article

• Button postion not changing in View Controller. (Xcode)

  - by theCodeKing

  I have a View controller in xcode 6 (beta 5). I have put 4 buttons in it through the Object library in a .xib. But when i open the app in iOS simulator the buttons are the right y position but not correct x-position()they are on the right edge. No matter where i move them in the xib they only change y-position. I even moved them using the size inspector, but to no avail. How can i actually move them?

  Read the article

• GIS-based data visualization and maintenance tool

  - by Dave Jarvis

  Background Looking to leverage an existing GIS system for exploring organizational data. Architecture The following figure represents a high-level overview of the system's desired features: The most basic usage would be as follows: The user visits a web site. The system presents a map (having regions, cities, and buildings). The user drills-down on the map to a particular building. The system provides a basic CRUD interface. The user can view and modify information about personnel (e.g., their assigned teams), equipment (e.g., network appliances), applications, and the building itself (e.g., contact and phone numbers). Ideally, all the components should be open-source (or otherwise free). Problem This must be a small project that needs a quick (but functional) prototype, mostly to confirm whether or not such a system would be useful in the long term. Questions What software components would you use to quickly develop a working prototype? What open-source solutions already exist, if any? Ideas Here is what I am thinking: PostGIS - Define the regions, cities, and sites Google Maps - Display an interactive, clickable map geoJSON - Protocol between PostGIS and Google Maps Seam - CRUD interface Custom Development For example, this would entail: Installation and configuration Configure SSH for remote logins Subversion (or git) PostgreSQL PostGIS Java Tomcat Seam JasperReports Enter GIS information into PostGIS Aggregate data sources into PostgreSQL database Develop starting page for map interface Develop clickable Google Maps interface Develop summary reports Develop CRUD interface using Seam for data maintenance Surely something like this already exists? Thank you!

  Read the article

• Linux Learning curve for a 'Lifetime' windows user [closed]

  - by gary

  I am using windows for almost 8-10 years and have never worked on linux. Mostly i used to work in VB, VC++ MFC and little bit of .NET(C# and VB) so i didn't bother about Linux. But now when i got an opportunity to work with linux i dont want to miss it, here are my questions : Where can i find useful resources for Linux newbies? Which books/Tutorials will you suggest to start? Which distro shall i use? What was your experience while moving from Windows to Linux?

  Read the article

• Is a Model Driven Architecture in Language Oriented Programming (MPS) feasible at this time

  - by Steven Jeuris

  As a side project I am developing some sort of DSL where I describe a data model, and generate desired code files from it. I believe this is called Model Driven Architecture. My partial existing implementation uses C#, CodeDOM, XML and XSLT to do this manually. I discovered there already exist better environments to do this in. The one which fascinated me the most is called MPS, which follows the Language Oriented Programming paradigm. This article, written by a cofounder of JetBrains was a real eye opener for me. I truly believe LOP has a very good chance of becoming the next big programming paradigm once it has broader support. From my short experience with MPS, I noticed it is still mainly Java-oriented. My question is, how feasible is it to generate code files for other (multiple) languages instead of just Java. I don't need full language support from the start, so preferably, I need to be able to implement a language in a agile way. E.g. first support only one type, add access modifiers, ... Perhaps some other (free) environment already provides this out of the box. P.S.: I find it important to have a lot of control over the naming conventions and such of the generated code. This is one of the reasons why I started my own implementation.

  Read the article

• Demonstrate bad code to client?

  - by jtiger

  I have a new client that has asked me to do a redesign of their website, an ASP.NET Webforms application that was developed by another consultant. It seemed straight-forward (it never is) but I took a look at the code to make sure I knew what I was in for. This application was not written well. At all. It is extremely vulnerable to SQL Injection attacks, business logic is spread throughout the entire application, a lot of duplication, and dead end code that does nothing. On top of that, it keeps throwing exceptions that are being smothered, so it all appears to be running smoothly. My job is to simply update the html and css, but much of the html is being generated in business logic and would be a nightmare for me to sort everything out. My estimates on the redesign were longer than the client was aiming for, and they are asking why so long. How can I explain to my client just how bad this code is? In their mind, the application is running great and the redesign should be a quick one-off. It's my word against the previous consultant, so how can I actually give simple, concrete examples that a non-technical client would understand?

  Read the article

• Leading an offshore team

  - by Chuck Conway

  I'm in a position where I am leading two teams of 4. Both teams are located in India. I am on the west coast of the U.S. I'm finding leading remote teams challenging: First, their command of the English language is weak. Second, I'm having difficultly understanding them through their accents. Third is timing, we are 12 hours apart. We use Skype to communicate. I have a month to get the project done. We've burned through a week just setting up the environments. At this point I'm considering working their hours, 11p PDT to 7a PDT, to get them up to speed, so that I can get the project off the ground. A 12 hour lag time is too much. I'm looking for steps I can take to be successful at leading an offshore team. Update The offshore team's primary task is coding, of course, most coding tasks do involve some design work. The offshore team's are composed of one lead, 2 mid level (4 to 5 years) developers and a junior (~2 years) developer. The project is classic waterfall. We've handed the offshore team a business and a technical design document. We are trying to manage the offshore in an agile way. We have daily conference calls with them and I'm requiring the teams to send me a daily scrum in the form of an email answering the following questions: What did I do today? What am I going to do tomorrow? What do I need from Chuck so I can do my job tomorrow? There is some ambiguity in the tasks. The intent was to give them enough direction for them to develop the task with out writing the code for them. I don't have a travel budget. I am using Fogbugz to track the tasks. Each task has been entered into Fogbugz and given a priority. Each team member has access to FogBugz and can choose what task they wish to complete. Related question: What can we do to improve the way outsourcing/offshoring works? Update 2 I've decided that I can not talk to the team once a day. I must work with them. Starting tonight I've started working the same hours they are. This makes me available to them when they have questions. It also allows me to gain their trust and respect. Stackoverflow question Leading an offshore team

  Read the article

• The problems with Avoiding Smurf Naming classes with namespaces

  - by Daniel Koverman

  I pulled the term smurf naming from here (number 21). To save anyone not familiar the trouble, Smurf naming is the act of prefixing a bunch of related classes, variables, etc with a common prefix so you end up with "a SmurfAccountView passes a SmurfAccountDTO to the SmurfAccountController", etc. The solution I've generally heard to this is to make a smurf namespace and drop the smurf prefixes. This has generally served me well, but I'm running into two problems. I'm working with a library with a Configuration class. It could have been called WartmongerConfiguration but it's in the Wartmonger namespace, so it's just called Configuration. I likewise have a Configuration class which could be called SmurfConfiguration, but it is in the Smurf namespace so that would be redundant. There are places in my code where Smurf.Configuration appears alongside Wartmonger.Configuration and typing out fully qualified names is clunky and makes the code less readable. It would be nicer to deal with a SmurfConfiguration and (if it was my code and not a library) WartmongerConfiguration. I have a class called Service in my Smurf namespace which could have been called SmurfService. Service is a facade on top of a complex Smurf library which runs Smurf jobs. SmurfService seems like a better name because Service without the Smurf prefix is so incredibly generic. I can accept that SmurfService was already a generic, useless name and taking away smurf merely made this more apparent. But it could have been named Runner, Launcher, etc and it would still "feel better" to me as SmurfLauncher because I don't know what a Launcher does, but I know what a SmurfLauncher does. You could argue that what a Smurf.Launcher does should be just as apparent as a Smurf.SmurfLauncher, but I could see `Smurf.Launcher being some kind of class related to setup rather than a class that launches smurfs. If there is an open and shut way to deal with either of these that would be great. If not, what are some common practices to mitigate their annoyance?

  Read the article

• Software bug/defect classification

  - by Dustin K

  We're trying to come up with terms that better describe our bugs/defects. To us, the term 'bug' or 'defect' is too generic and doesn't accurately reflect what is happening. For example, instead of saying that there is a bug (in the general sense), we'd rather say what type of bug (an error, or enhancement, or improvement, etc.). What names do you use for describing 'bugs'? I found http://www.softwaredevelopment.ca/bugs.shtml which has some pretty good classifications. How do you classify them?

  Read the article

• What is the best way to go about testing that we handle failures appropriately?

  - by Earlz

  we're working on error handling in an application. We try to have fairly good automated test coverage. One big problem though is that we don't really know of a way to test some of our error handling. For instance, we need to test that whenever there is an uncaught exception, a message is sent to our server with exception information. The big problem with this is that we strive to never have an uncaught exception(and instead have descriptive error messages). So, how do we test something what we never want to actually happen?

  Read the article

• Question about the no-endorsment clause on the BSD license

  - by Earlz

  I'm developing a non-free library and I want to use Bcrypt.Net in it. The clause in question: Neither the name of BCrypt.Net nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. To what extent does this mean I can't use the name of Bcrypt.Net? For instance, could I say "the only ASP.Net authentication library capable of using Bcrypt" or can I even include "supports Bcrypt for password hashing" in promotional materials? Note: I do not actually modify any of Bcrypt.Net's code

  Read the article

• How to facilitate code reviews in a small team for embedded software?

  - by Adam Lewis

  Short Question Does a cost-effective tool / workflow exist to facilitate code reviews in a small team? More specifically, a small team that relies on post-commit code reviews. Background Our team currently consists of 3 full time and 1 part time software engineers, with plans on hiring more in the near future. Due to our team size and volume of projects we all must juggle, the pre-commit workflow that major tools (such as Review Board and Code Collaborator) use is not obtainable for us right now. The best we can do at the moment is to perform post-commit reviews before major releases or as time permits. Nearly all of our projects are hosted on RepositoryHosting.com (which I highly recommend) and contain a mixture of SVN and GIT repositories. Current Thoughts Since I cannot find a tool that fits our needs right now, I am turning to TRAC that is built into our repository's site. At the moment we use TRAC to file tickets and track milestones, so to me this seems like a natural fit for code review results as well. The direction I am heading in right now is to use a spread sheet(s) to log all of the bugs and comments. Do some macro magic to get it in a format that I can use TRAC's import ticket method and use TRAC's ticketing system to create the action items / bug reports automatically. The auto ticket generation is darn near a must have, adding in bugs and comments one at a time from a web-gui is really painful. Secondary Question If this workflow makes sense, is there a good / standard template to use as a code review log?

  Read the article

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >