Search Results

Search found 14074 results on 563 pages for 'programmers'.

Page 291/563 | < Previous Page | 287 288 289 290 291 292 293 294 295 296 297 298  | Next Page >

• what are some good interview questions for a position that consists of reviewing code for security vulnerabilities?

  - by John Smith

  The position is an entry-level position that consists of reading C++ code and identifying lines of code that are vulnerable to buffer overflows, out-of-bounds reads, uncontrolled format strings, and a bunch of other CWE's. We don't expect the average candidate to be knowledgeable in the area of software security nor do we expect him or her to be an expert computer programmer; we just expect them to be able to read the code and correctly identify vulnerabilities. I guess I could ask them the typical interview questions: reverse a string, print a list of prime numbers, etc, but I'm not sure that their ability to write code under pressure (or lack thereof) tells me anything about their ability to read code. Should I instead focus on testing their knowledge of C++? Ask them if they understand what a pointer is and how bitwise operators work? My only concern about asking that kind of question is that I might unfairly weed out people who don't happen to have the knowledge but have the ability to acquire it. After all, it's not like they will be writing a single line of code, and it's not like we are looking only for people who already know C++, since we are willing to train the right candidate. (It is true that I could ask those questions only to those candidates who claim to know C++, but I'd like to give the same "test" to everyone.) Should I just focus on trying to get an idea of their level of intelligence? In other words, should I get them to talk and pay attention to the way they articulate their thoughts, and so on?

  Read the article

• What's the normal way machine-learning algorithms are integrated into normal programs?

  - by Benjamin Pollack

  I'm currently taking a machine learning course for fun, and the course heavily focuses on Matlab/Octave to write the code. One thing mentioned in the course is that, while Matlab/Octave are great for prototyping, they're very rarely used for production algorithms. Instead, those algorithms are typically rewritten in C++/Python/etc., using appropriate libraries, before reaching customers. Fair enough; I get that. But here's my question: is that done for cultural reasons, for technical reasons, or because there is really no language that provides Matlab/Octave-like fluidity, but in a compiled form that can be linked from C/C++/$MainstreamLanguage? The game industry uses Lua for game logic because it's easy to embed, and vastly superior for expressing things like AI. Likewise, there are Prolog variants for rules-heavy applications, Scheme variants for compilers, and so on. If there's a matrix equivalent language, what is it? If there isn't, why is this field different?

  Read the article

• Automated Acceptance tests under specific contraints

  - by HH_

  This is a follow up to my previous question, which was a bit general, so I'll be asking for a more precise situation. I want to automate acceptance testing on a web application. Briefly, this application allows the user to create contracts for subscribers with the two constraints: You cannot create more than one contract for a subscriber. Once a contract is created, it cannot be deleted (from the UI) Let's say TestCreate is a test case with tests for the normal creation of a contract. The constraints have introduced complexities to the testing process, mainly dependencies between test cases and test executions. Before we run TestCreate we need to make sure that the application is in a suitable state (the subscriber has no contract) If we run TestCreate twice, the second run will fail since the state of the application will have changed. So we need to revert back to the initial state (i.e. delete the contract), which is impossible to do from the UI. More generally, after each test case we should guarantee that the state is reverted back. And since, in this case, it is impossible to do it from the UI, how do you handle this? Possible solution: I thought about doing a backup of the database in the state that I desire, and after each test case, run a script which deletes the db and restores the backup. However, I find that to be too heavy to do for each single test case. In addition, what if some information are stored in files? or in multiple or unaccessible databases? My question: In this situation, what would an experienced tester do to write automated and maintanable tests. Thank you. More info: I'm trying to integrate tests into a BDD framework, which I find to be a neat solution for test documentation and communication, but it does not solve this particular problem (it even makes it harder)

  Read the article

• What are the basic skills a BEGINNING JavaScript programmer should have?

  - by Sanford

  In NYC, we are working on creating a collaborative community programming environment and trying to segment out software engineers into differing buckets. At present, we are trying to define: Beginners Intermediates Advanced Experts (and/or Masters) Similar to an apprenticeship, you would need to demonstrate specific skills to achieve different levels. Right now, we have identified Beginner programming skills as: Object - method, attributes, inheritance Variable - math, string, array, boolean - all are objects Basic arithmetic functions - precedence of functions String manipulation Looping - flow control Conditionals - boolean algebra This is a first attempt, and it is a challenge since we know the natural tension between programming and software engineering. How would you create such a skills-based ranking for JavaScript in this manner? For example, what would be the Beginner Javascript skills that you would need to have to advance to the Intermediate Training? And so on.

  Read the article

• What should come first: testing or code review?

  - by Silver Light

  Hello! I'm quite new to programming design patterns and life cycles and I was wondering, what should come first, code review or testing, regarding that those are done by separate people? From the one side, why bother reviewing code if nobody checked if it even works? From the other, some errors can be found early, if you do the review before testing. Which approach is recommended and why? Thank you!

  Read the article

• Linkedin recommendations, useful? [closed]

  - by scottyab

  Linkedin has been around a few years now and while not everyone is keen on it. Chatting to a few people they viewed Linkedin recommendations as mutual back starching where poor candidates can recommend each other and and provide little value. I take a honest approach when recommending colleagues, trying to note specifics that person has performed well at and don't recommend colleagues on linkedin who wouldn't recommend in real life. What regard do people hold the Linkedin recommendations? would it effect your hiring decision?

  Read the article

• Should I return iterators or more sophisticated objects?

  - by Erik

  Say I have a function that creates a list of objects. If I want to return an iterator, I'll have to return iter(a_list). Should I do this, or just return the list as it is? My motivation for returning an iterator is that this would keep the interface smaller -- what kind of container I create to collect the objects is essentially an implementation detail On the other hand, it would be wasteful if the user of my function may have to recreate the same container from the iterator which would be bad for performance.

  Read the article

• When will java change to 64bit addressing and how can we get there faster?

  - by Ido Tamir

  Having to work with large files now, I would like to know when the java libraries will start switching to long for indexing in their methods. From Inputstreams read(byte[] b, int off, int len) - funnily there is long skip(long) also - to MappedByteBuffer to the basic indexing of arrays and lists, everything is adressed as int. Is there an official plan for enhancment of the libraries? Do initiatives exist to pressure oracle into enhancing the libraries, if there is no official plan yet?

  Read the article

• Website inheritance of ownership question

  - by Adrian Denham

  I paid for a web site for my motel business, then due to my landlord actions I was placed in a position to file for bankrupcy. I asked my IT manager and web developer to close down the web site for the business. He has since then sold my web site to the new owners. I took all the photos myself and I am in at least 4 of the photos on the site. There are no changes to the site as I left it and it now states that it is under the copyright on the new owners? I am not sure what I should do as this happen 10 months ago and I have just found this out. Thank you for your help, I am in Australia.

  Read the article

• What is the philosophy/reasoning behind C#'s Pascal-casing method names?

  - by Nocturne

  I'm just starting to learn C#. Coming from a background in Java, C++ and Objective-C, I find C#'s Pascal-casing its method-names rather unique, and a tad difficult to get used to at first. What is the reasoning and philosophy behind this? I'm guessing it is because of C# properties. Unlike in Objective-C, where method names can be exactly the same as an instance variables, this is not the case with C#. I would guess one of the goals with properties (as it is with most of the languages that support it) is to make properties truly indistinguishable from variables and methods. So, one can have an "int x" in C#, and the corresponding property becomes X. To ensure that properties and methods are indistinguishable, all method names I'm guessing are also therefore expected to start with an uppercase letter. (This is just my hypothesis based on what I know of C# so far—I'm still learning). I'm very curious to know how this curious guideline came into being (given that it's not something one sees in most other languages where method names are expected to start with a lowercase letter) (EDIT: By Pascal-casing, I mean PascalCase (which is basically camelCase but starting with a capital letter). Method names typically start with a lowercase letter in most languages)

  Read the article

• Checking form input data on submit with pure PHP [migrated]

  - by Leron

  I have some experience with PHP but I have never even try to do this wit pure PHP, but now a friend of mine asked me to help him with this task so I sat down and write some code. What I'm asking is for opinion if this is the right way to do this when you want to use only PHP and is there anything I can change to make the code better. Besides that I think the code is working at least with the few test I made with it. Here it is: <?php session_start(); // define variables and initialize with empty values $name = $address = $email = ""; $nameErr = $addrErr = $emailErr = ""; $_SESSION["name"] = $_SESSION["address"] = $_SESSION["email"] = ""; $_SESSION["first_page"] = false; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["name"])) { $nameErr = "Missing"; } else { $_SESSION["name"] = $_POST["name"]; $name = $_POST["name"]; } if (empty($_POST["address"])) { $addrErr = "Missing"; } else { $_SESSION["address"] = $_POST["address"]; $address = $_POST["address"]; } if (empty($_POST["email"])) { $emailErr = "Missing"; } else { $_SESSION["email"] = $_POST["email"]; $email = $_POST["email"]; } } if ($_SESSION["name"] != "" && $_SESSION["address"] != "" && $_SESSION["email"] != "") { $_SESSION["first_page"] = true; header('Location: http://localhost/formProcessing2.php'); //echo $_SESSION["name"]. " " .$_SESSION["address"]. " " .$_SESSION["email"]; } ?> <DCTYPE! html> <head> <style> .error { color: #FF0000; } </style> </head> <body> <form method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> Name <input type="text" name="name" value="<?php echo htmlspecialchars($name);?>"> <span class="error"><?php echo $nameErr;?></span> <br /> Address <input type="text" name="address" value="<?php echo htmlspecialchars($address);?>"> <span class="error"><?php echo $addrErr;?></span> <br /> Email <input type="text" name="email" value="<?php echo htmlspecialchars($email);?>"> <span class="error"><?php echo $emailErr;?></span> <br /> <input type="submit" name="submit" value="Submit"> </form> </body> </html>

  Read the article

• What level/format of access should be given to a client to the issue tracking system?

  - by dukeofgaming

  So, I used to think that it would be a good idea to give the customer access to the issue tracking system, but now I've seen that it creates less than ideal situations, like: Customer judging progress solely on ticket count Developers denied to add issues to avoid customer thinking that there is less progress Customer appointing people on their side to add issues who don't always do a good job (lots of duplicate issues, insufficient information to reproduce, and other things that distract people from doing their real job) However, I think customers should have access to some indicators or proof that there is progress being done, as well as a right to report bugs. So, what would be the ideal solution to this situation?, specially, getting out of or improving the first situation described?

  Read the article

• Why should a class be anything other than "abstract" or "final/sealed"

  - by Nicolas Repiquet

  After 10+ years of java/c# programming, I find myself creating either: abstract classes: contract not meant to be instantiated as-is. final/sealed classes: implementation not meant to serve as base class to something else. I can't think of any situation where a simple "class" (i.e. neither abstract nor final/sealed) would be "wise programming". Why should a class be anything other than "abstract" or "final/sealed" ? EDIT This great article explains my concerns far better than I can.

  Read the article

• Is this an acceptable approach to undo/redo in Python?

  - by Codemonkey

  I'm making an application (wxPython) to process some data from Excel documents. I want the user to be able to undo and redo actions, even gigantic actions like processing the contents of 10 000 cells simultaneously. I Googled the topic, and all the solutions I could find involves a lot of black magic or is overly complicated. Here is how I imagine my simple undo/redo scheme. I write two classes - one called ActionStack and an abstract one called Action. Every "undoable" operation must be a subclass of Action and define the methods do and undo. The Action subclass is passed the instance of the "document", or data model, and is responsible for committing the operation and remembering how to undo the change. Now, every document is associated with an instance of the ActionStack. The ActionStack maintains a stack of actions (surprise!). Every time actions are undone and new actions are performed, all undone actions are removed for ever. The ActionStack will also automatically remove the oldest Action when the stack reaches the configurable maximum amount. I imagine the workflow would produce code looking something like this: class TableDocument(object): def __init__(self, table): self.table = table self.action_stack = ActionStack(history_limit=50) # ... def delete_cells(self, cells): self.action_stack.push( DeleteAction(self, cells) ) def add_column(self, index, name=''): self.action_stack.push( AddColumnAction(self, index, name) ) # ... def undo(self, count=1): self.action_stack.undo(count) def redo(self, count=1): self.action_stack.redo(count) Given that none of the methods I've found are this simple, I thought I'd get the experts' opinion before I go ahead with this plan. More specifically, what I'm wondering about is - are there any glaring holes in this plan that I'm not seeing?

  Read the article

• Google is good or bad for programmer? [closed]

  - by Vikas

  Recently I was being interviewed by a company and faced one question. The interviewer asked me a question and at that time I didn't know the answer but if I had been asked about just 4 months ago, I could have answered it. The question was from new language that I learned just 4 months ago. But I just get overview of the language and just get started working on that. Whenever I face difficultly, I google it. That means we do not have to memorize the whole programming language book! So in that situation I felt that Google screwed my job! Not talking subjectively, Is it good to google all the time?

  Read the article

• Java or C# for a PL/SQL Developer

  - by OracleDeveloper

  Hello, Can you Please suggest as what should be my next carrer move , I am an Oracle Developer , I worked in Forms and reports and know good PL/SQL and SQL. Now , I am thinking to learn new technology as there no jobs in PL/SQL alone and Oracle front-end Forms and reports are on the verge of extinction. The issue is that I have with Java is its HUGE and I need to learn a lot many other technologies as well ( struts , hibernate , spring etc ) in addtion to adv java and Java EE coming. I am think as which technology can give with edge , with PL/SQL and Oracle ... Thank you.

  Read the article

• What is So Unique About Node.js?

  - by Adrian Shum

  Recently there has been a lot of praise for Node.js. I am not a developer that has had much exposure to network application. From my bare understanding of Nodes.js, its strength is: we have only one thread handling multiple connections, providing an event-based architecture. However, for example in Java, I can create only one thread using NIO/AIO (which is non-blocking APIs from my bare understanding), and handle multiple connections using that thread, and I provide an event-based architecture to implement the data handling logic (shouldn't be that difficult by providing some callback etc) ? Given JVM being a even more mature VM than V8 (I expect it to run faster too), and event-based handling architecture seems to be something not difficult to create, I am not sure why Node.js is attracting so much attention. Did I miss some important points?

  Read the article

• A potential new hire may make more money you do..what should I do [migrated]

  - by Ali

  I have a very solid experience in Software Development and Project management. I just learned that the company I work for has posted a new position with half the experience of mine and even lesser set of skills than I have. However, the new position pays the same salary as my current salary while at the same time they declined to pay the asking salary when I was joining the company. How should I counter this? I know there are many projects in the pipeline where my involvement is crucial for the projects to be successful but I don't want to come across threating. Any advise would be helpful..!

  Read the article

• Algorithms for pairing a rating system to an assignment queue

  - by blunders

  Attempting to research how to allow a group of people to effectively rank a set of objects (each group member will have contributed one object to the group), and then assign each member an object that's not their own based on: Their ratings of the objects, Their objects rating, and The object remaining to be assigned. Idea is to attempt to assign objects to people based on the groups rating of their contribution to the group relative to other member's contribution, the the personal preferences expressed via the ratings. Any suggestions for: Further research, Refining the statement of the problem/solution, or A solution.

  Read the article

• When module calling gets ugly

  - by Pete

  Has this ever happened to you? You've got a suite of well designed, single-responsibility modules, covered by unit tests. In any higher-level function you code, you are (95% of the code) simply taking output from one module and passing it as input to the next. Then, you notice this higher-level function has turned into a 100+ line script with multiple responsibilities. Here is the problem. It is difficult (impossible) to test that script. At least, it seems so. Do you agree? In my current project, all of the bugs came from this script. Further detail: each script represents a unique solution, or algorithm, formed by using different modules in different ways. Question: how can you remedy this situation? Knee-jerk answer: break the script up into single-responsibility modules. Comment on knee-jerk answer: it already is! Best answer I can come up with so far: create higher-level connector objects which "wire" modules together in particular ways (take output from one module, feed it as input to another module). Thus if our script was: FooInput fooIn = new FooInput(1, 2); FooOutput fooOutput = fooModule(fooIn); Double runtimevalue = getsomething(fooOutput.whatever); BarInput barIn = new BarInput( runtimevalue, fooOutput.someOtherValue); BarOutput barOut = barModule(BarIn); It would become with a connector: FooBarConnectionAlgo fooBarConnector = new fooBarConnector(fooModule, barModule); FooInput fooIn = new FooInput(1, 2); BarOutput barOut = fooBarConnector(fooIn); So the advantage is, besides hiding some code and making things clearer, we can test FooBarConnectionAlgo. I'm sure this situation comes up a lot. What do you do?

  Read the article

• What ethical problems realistically arise in programming?

  - by Fishtoaster

  When I co-oped during college, I had to fill out an evaluation of the co-op afterwards. One metric I always had to rate was how much the company required me to "Make ethical decisions related to your profession." This always seemed kinda silly- I mean, my first co-op was writing java apps to manage industrial radios. There wasn't much moral ambiguity going on. Anyway, I'm wonder what sort of ethical dilemmas one might actually encounter in software development. Edit: It should be noted that no ethically-trained software engineer would ever consent to write a DestroyBaghdad procedure. Basic professional ethics would require him to write a DestroyCity procedure, to which Baghdad could be given as a parameter. - Nathanial Borenstein

  Read the article

• Best approach to designing multi-client applications

  - by Tomh

  Hi, I was wondering how you guys start out if you need to design a multi-client project where multiple clients can interact with a server. In specific how do you go about dealing with different states and message handling, how do you start designing and considering all these cases? For example a video webchat application where it is possible that you call another client, while that client is already in a call, or is stuck in a modal dialog such that the calling dialog does not come through.

  Read the article

• Learn a NoSQL or become a badass with traditional RDMS - Where is/will the work be?

  - by beck

  I'm half way through my MSc and am thinking about my dissertation which I get 3 months to work on full time. Im very comfortable with the traditional Relational Database, the question is should I work on a project where I get a good understanding of something like Cassandra, or should I really push my RDMS knowledge to the limit. Getting great at something like MySQL is a solid safe option, will there really be much work for me with Cassandra in my tool belt? I would love to do either.... Thanks for your opinions and advice.

  Read the article

• Are first-class functions a substitute for the Strategy pattern?

  - by Prog

  The Strategy design pattern is often regarded as a substitute for first-class functions in languages that lack them. So for example say you wanted to pass functionality into an object. In Java you'd have to pass in the object another object which encapsulates the desired behavior. In a language such as Ruby, you'd just pass the functionality itself in the form of an annonymous function. However I was thinking about it and decided that maybe Strategy offers more than a plain annonymous function does. This is because an object can hold state that exists independently of the period when it's method runs. However an annonymous function by itself can only hold state that ceases to exist the moment the function finishes execution. So my question is: when using a language that features first-class functions, would you ever use the Strategy pattern (i.e. encapsulate the functionality you want to pass around in an explicit object), or would you always use an annonymous function? When would you decide to use Strategy when you can use a first-class function?

  Read the article

• Authorization design-pattern / practice?

  - by Lawtonfogle

  On one end, you have users. On the other end, you have activities. I was wondering if there is a best practice to relate the two. The simplest way I can think of is to have every activity have a role, and assign every user every role they need. The problem is that this gets really messy in practice as soon as you go beyond a trivial system. A way I recently designed was to have users who have roles, and roles have privileges, and activities require some combinations of privileges. For the trivial case, this is more complex, but I think it will scale better. But after I implemented it, I felt like it was overkill for the system I had. Another option would be to have users, who have roles, and activities require you to have a certain role to perform with many activities sharing roles. A more complex variant of this would given activities many possible roles, which you only needed one of. And an even more complex variant would be to allow logical statements of role ownership to use an activity (i.e. Must have A and (B exclusive or C) and must not have D). I could continue to list more, but I think this already gives a picture. And many of these have trade offs. But in software design, there are oftentimes solutions, while perhaps not perfect in every possible case, are clearly top of the pack to an extent it isn't even considered opinion based (i.e. how to store passwords, plain text is worse, hashing better, hashing and salt even better, despite the increased complexity of each level) (i.e. 2, Smart UI designs for applications are bad, even if it is subjective as to what the best design is). So, is there a best practice for authorization design that is not purely opinion based/subjective?

  Read the article

< Previous Page | 287 288 289 290 291 292 293 294 295 296 297 298  | Next Page >