Search Results

Search found 8253 results on 331 pages for 'secure coding'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 3/331 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Create new variable or make multiple chained calls?

    - by Rodrigo
    What is the best way to get this attributes, thinking in performance and code quality? Using chained calls: name = this.product.getStock().getItems().get(index).getName(); id = this.product.getStock().getItems().get(index).getId(); Creating new variable: final item = this.product.getStock().getItems().get(index); name = item.getName(); it = item.getId(); I prefer the second way, to let the code cleaner. But I would like to see some opinions about it. Thank you!

    Read the article

  • Should you create a class within a method?

    - by Amndeep7
    I have made a program using Java that is an implementation of this project: http://nifty.stanford.edu/2009/stone-random-art/sml/index.html. Essentially, you create a mathematical expression and, using the pixel coordinate as input, make a picture. After I initially implemented this in serial, I then implemented it in parallel due to the fact that if the picture size is too large or if the mathematical expression is too complex (especially considering the fact that I made the expression recursively), it takes a really long time. During this process, I realized that I needed two classes which implemented the Runnable interface as I had to put in parameters for the run method, which you aren't allowed to do directly. One of these classes ended up being a medium sized static inner class (not large enough to make an independent class file for it though). The other though, just needed a few parameters to determine some indexes and the size of the for loop that I was making run in parallel - here it is: class DataConversionRunnable implements Runnable { int jj, kk, w; DataConversionRunnable(int column, int matrix, int wid) { jj = column; kk = matrix; w = wid; } public void run() { for(int i = 0; i < w; i++) colorvals[kk][jj][i] = (int) ((raw[kk][jj][i] + 1.0) * 255 / 2.0); increaseCounter(); } } My question is should I make it a static inner class or can I just create it in a method? What is the general programming convention followed in this case?

    Read the article

  • Should comments say WHY the program is doing what it is doing? (opinion on a dictum by the inventor of Forth)

    - by AKE
    The often provocative Chuck Moore (inventor of the Forth language) gave the following advice (paraphrasing): "Use comments sparingly. Programs are self-documenting, with a modicum of help from mnemonics. Comments should say WHAT the program is doing, not HOW." My question: Should comments say WHY the program is doing what it is doing? Update: In addition to the answers below, these two provide additional insight. Beginner's guide to writing comments? http://programmers.stackexchange.com/a/98609/62203

    Read the article

  • What should NOT be included in comments? (opinion on a dictum by the inventor of Forth)

    - by AKE
    The often provocative Chuck Moore (inventor of the Forth language) gave the following advice (paraphrasing): "Use comments sparingly. Programs are self-documenting, with a modicum of help from mnemonics. Comments should say WHAT the program is doing, not HOW." My question: Should comments say WHY the program is doing what it is doing? Update: In addition to the answers below, these two provide additional insight. 1: Beginner's guide to writing comments? 2: http://programmers.stackexchange.com/a/98609/62203

    Read the article

  • What is the benefit of not using Hungarian notation?

    - by user29981
    One of the things I struggle with is not using Hungarian notation. I don't want to have to go to the variable definition just to see what type it is. When a project gets extensive, it's nice to be able to look at a variable prefixed by 'bool' and know that it's looking for true/false instead of a 0/1 value. I also do a lot of work in SQL Server. I prefix my stored procedures with 'sp' and my tables with 'tbl', not to mention all of my variables in the database respectively. I see everywhere that nobody really wants to use Hungarian notation, to the point where they avoid it. My question is, what is the benefit of not using Hungarian notation, and why does the majority of developers avoid it like the plague?

    Read the article

  • Single quotes vs double quotes

    - by Eric Hydrick
    I just started a job where I'm writing Python after coming from a Java background, and I'm noticing that other developers tend to quote strings using single quotes ('') instead of double quotes (""). For example: line1 = 'This is how strings typically look.' line2 = "Not like this." Is there a particular reason for this other than personal preference? Is this the proper way to be quoting strings?

    Read the article

  • Eliminating Magic Numbers: When is it time to say "No"?

    - by oosterwal
    We're all aware that magic numbers (hard-coded values) can wreak havoc in your program, especially when it's time to modify a section of code that has no comments, but where do you draw the line? For instance, if you have a function that calculates the number of seconds between two days, do you replace seconds = num_days * 24 * 60 * 60 with seconds = num_days * HOURS_PER_DAY * MINUTES_PER_HOUR * SECONDS_PER_MINUTE At what point do you decide that it is completely obvious what the hard-coded value means and leave it alone?

    Read the article

  • Why do most of us use 'i' as a loop counter variable?

    - by kprobst
    Has anyone thought about why so many of us repeat this same pattern using the same variable names? for (int i = 0; i < foo; i++) { // ... } It seems most code I've ever looked at uses i, j, k and so on as iteration variables. I suppose I picked that up from somewhere, but I wonder why this is so prevalent in software development. Is it something we all picked up from C or something like that? Just an itch I've had for a while in the back of my head.

    Read the article

  • Long lines of text in source code [closed]

    - by ale
    Possible Duplicate: Is the 80 character limit still relevant in times of widescreen monitors? I used to set a vertical line set at 80 characters in my text editor and then I added carriage returns if the lines got too long. I later increased the value to 135 characters. I started using word wrap and not giving myself a limit but tried to keep lines short if I could because it took a lot of time shortening my lines. People at work use word wrap and don't give themselves a limit.. is this the correct way? What are you meant to do ? Many thanks.

    Read the article

  • How should I get my code ready for OpenSourcing it and putting it on GitHub?

    - by Sempus
    In a few weeks, my project is going to be finished and I want to start getting my code ready for other people to use it. I am going to be posting everything to GitHub so people can tweak it and hopefully make it better. I guess what I'm asking is, what would be the best way to make sure my code is sufficiently documented and worded right for other people to use? I know you should always comment everything and I'm going to be putting in the @params feature for every method, but are there any other tips in general?

    Read the article

  • using paperclip with secure and non-secure files

    - by crankharder
    First off, we have this namespaced/sti'd structure for our different types of 'Media' Media< Ar::Base Media::Local < Media Media::Local::Image < Media::Local Media::Local::Csv < Media::Local etc... etc.. This is excellent since a user can have many media, and how we display each piece of media is based on the class name and a co-responding partial. But what if we have some Csv's that need to be secure? That is, they can't reside inside of public. I really hate the idea of branching Media again and doing something like this: Media::Secure < Media Media::Secure::Image < Media::Secure Media::NotSecure < Media Media::NotSecure::Image < Media::NotSecure ...where Secure and NotSecure would have different params passed to has_attached_file. Now there are two classes that represent Image and it makes my view/helper system that much more complicated -- not to mention it feels very obtuse. What I would really like to do is be able to change where certain Paperclip::Attachment objects get saved before they get saved (e.g. anything uploaded through foo_secure_action) -- but I can't seem to make this work. Paperclip::Attachment has an @options hash with :path and :url, but changing those before it is saved doesn't have an effect on where it actually gets set. Even if this is possible, I'm not sure if it would have further consequences... I'm open to alternative ideas for structuring this data, but for the moment I like the idea of using STI for this situation.

    Read the article

  • hdparm - how to secure erase SATA SSD over USB

    - by cc0
    I have been following this guide on how to secure erase an SSD (trying to improve the performance of mine, which currently only writes at about 30mb/s seq). However, I'm using an USB--Sata docking device to avoid having the harddrive frozen. Apparently using this solution the SATA device is recognized as a SCSI drive, which is giving me trouble. I use the "hdparm -I /dev/sda" command with those parameters, and I get the error; HDIO_DRIVE_CMD (identify) failed: Invalid Exchange After a lot of googling on the issue I can't seem to find anyone who has actually solved this problem. However, I have not tried to just go ahead and use the secure erase. So I'm not sure if this would actually still work. I would love any and all input I can get on this, especially on whether it will still work to do a secure erase with the drive being recognized as a SCSI drive. The drive itself is a Samsung 256gb SSD (pm800), I'm sure you can understand my reluctance to go through this procedure without feeling reasonably safe that I won't mess it up beyond repair.

    Read the article

  • Keep coding the wrong way to remain consistent? [closed]

    - by bwalk2895
    Possible Duplicate: Code maintenance: keeping a bad pattern when extending new code for being consistent, or not? To keep things simple let's say I am responsible for maintaining two applications, AwesomeApp and BadApp (I am responsible for more and no that is not their actual names). AwesomeApp is a greenfield project I have been working on with other members on my team. It was coded using all the fancy buzzwords, Multilayer, SOA, SOLID, TDD, and so on. It represents the direction we want to go as a team. BadApp is a application that has been around for a long time. The architecture suffers from many sins, namely everything is tightly coupled together and it is not uncommon to get a circular dependency error from the compiler, it is almost impossible to unit test, large classes, duplicate code, and so on. We have a plan to rewrite the application following the standards established by AwesomeApp, but that won't happen for a while. I have to go into BadApp and fix a bug, but after spending months coding what I consider correctly, I really don't want do continue perpetuate bad coding practices. However, the way AwesomeApp is coded is vastly different from the way BadApp is coded. I fear implementing the "correct" way would cause confusion for other developers who have to maintain the application. Question: Is it better to keep coding the wrong way to remain consistent with the rest of the code in the application (knowing it will be replaced) or is it better to code the right way with an understanding it could cause confusion because it is so much different? To give you an example. There is a large class (1000+ lines) with several functions. One of the functions is to calculate a date based on an enumerated value. Currently the function handles all the various calculations. The function relies on no other functionality within the class. It is self contained. I want to break the function into smaller functions (at the very least) and put them into their own classes and hide those classes behind an interface (at the most) and use the factory pattern to instantiate the date classes. If I just broke it out into smaller functions within the class it would follow the existing coding standard. The extra steps are to start following some of the SOLID principles.

    Read the article

  • Secure Apache Virtual Hosts?

    - by Dr Hydralisk
    I am going to host a few small sites on VPS, and each of them are going to run my own custom PHP scripts. I am fairly certain that they are secure (did everything in the book, plus some of which is not in the book) to make sure they can't be exploited. But just to be safe I want to know how I could secure each of the virtual hosts so that they can't escape from there virtual host (if a hacker uploaded a shell they could not go above the www folder a legitimate user can't do in ftp no matter how many times they click ..) folder on Debian and Apache.

    Read the article

  • Software that supports ATA Secure Erase Command

    - by vy32
    We have a lot of drives that need to be sanitized. NIST SP 800-88 recommends software that uses the ATA Secure Erase command. That's apparently the only way to be sure that the drive is properly wiped, due to bad-block remapping and such. I know that this functionality is available in hdparm. The problem with that approach is that it is inconsistent on multiple platforms, occasionally times out, doesn't have error-checking logic, and doesn't check the resulting drive to make sure that it has, in fact, been erased. So a proper program might use hdparm, but hdparm by itself isn't an answer. I'm looking for open source software that implements ATA Secure Erase. Ideally it will be a bootable disk image like DBAN, but it will use the ATA command.

    Read the article

  • Secure Apache PHP vhost configuration

    - by jsimmons
    I'm looking to secure some websites running under apache using suexec. At the moment php is executed with the user/group of the file being executed. This seems to me, not secure enough. It stops vhosts interfering with each other, but does not stop malicious code writing anywhere in the vhost being used. I was thinking that a possibility would be to run scripts as nobody/vhost group, that way the vhost user could still have full access to the vhost directories, but executing php would only be able to write to files with g+w, and to execute files with g+x. This I think should stop arbitrary writing in the web dir from compromised php. Just wondering if this is crazy, ridiculous, stupid? Of course this would be done on top of existing security measures.

    Read the article

  • Best approach for coding ?

    - by ahmed
    What should or how should I decide the best approach for coding as a smart programmer. I have just started programming last year in VB, and I keep on listening this statement. But I never could find by myself to choose the best approach for coding. When I search for a coding example on internet I find different types of approach to achieve the same target. So help me finding the best approach. (asp.net,vb.net)

    Read the article

  • How can I promote clean coding at my workplace?

    - by Michael
    I work with a lot of legacy Java and RPG code on an internal company application. As you might expect, a lot of the code is written in many different styles, and often is difficult to read because of poorly named variables, inconsistent formatting, and contradictory comments (if they're there at all). Also, a good amount of code is not robust. Many times code is pushed to production quickly by the more experienced programmers, while code by newer programmers is held back by "code reviews" that IMO are unsatisfactory. (They usually take the form of, "It works, must be ok," than a serious critique of the code.) We have a fair number of production issues, which I feel could be lessened by giving more thought to the original design and testing. I have been working for this company for about 4 months, and have been complimented on my coding style a couple of times. My manager is also a fan of cleaner coding than is the norm. Is it my place to try to push for better style and better defensive coding, or should I simply code in the best way I can, and hope that my example will help others see how cleaner, more robust code (as well as aggressive refactoring) will result in less debugging and change time?

    Read the article

  • secure data transport between web server and database server

    - by atypicalgeek
    I asked this question in stackoverflow and it was suggested to try here so here goes... I'm planning on provisioning a web server and database server in a server farm environment. They will be in the same network but not in the same domain, both windows server 2008 and the database server is sql server 2008. My question being, what is the best way to secure data in transport between the servers? I've looked into IPSEC and SSL but not sure how to go about implementing either.

    Read the article

  • How to convincing Programmers that 'being in the zone' [coding] isn't always beneficial for the project?

    - by hawkeye
    In this book review: http://books.slashdot.org/story/11/06/13/1251216/Book-Review-The-Clean-Coder?utm_source=slashdot&utm_medium=twitter Chapter 4 talks about the coding process itself. One of the hardest statements the book makes here is to stay out of "the zone" when coding. Bob asserts that you lose parts of the big picture when you go down to that level. While I may struggle with that assertion, I do agree with his next statement that debugging time is expensive, so you should avoid having to do debugger-driven development whenever possible. He finishes the chapter with examples of pacing yourself (walking away, taking a shower) and how to deal with being late on your projects (remembering that hope is not a plan, and being clear about the impact of overtime) along with a reminder that it is good to both give and receive help, whether it be small questions or mentoring others. they talk about how 'being in the zone' - can actually be detrimental to the project. How do you convince your team members that this is the case?

    Read the article

  • I can't program because old coding style. This is normal to programmers?

    - by Renato Dinhani Conceição
    I'm in my first real job as programmer, but I can't solve any problems because of the coding style used. The code here: don't have comments don't have functions (50, 100, 200, 300 or more lines executed in sequence) uses a lot of if statements with a lot of paths has variables that make no sense (eg.: cf_cfop, CF_Natop, lnom, r_procod) uses a language I am unfamiliar with (Visual FoxPro 8 from 2002) I feel like I have gone back to 1970. Is it normal for a programmer familiar with OOP, clean-code, design patterns, etc. to have trouble with coding in this old-fashion way?

    Read the article

  • Coding events. What they actually are about, and are they worth it?

    - by BKC
    I'm a relatively new programmer, but am very much interested in it. I enrolled to this coding event (Yahoo! Hack India, to be precise), and got invited after the pre-coding contest. The event is like a contest where developers create an application in 24 hours, In group or individually. I've never been to such an event before, and certainly don't know anyone who did. So, here are my questions. First of all, is it worth it? What if we don't get any ideas in the first place to start with? I'm not actually a developer, I'm an electrical engineering student who just completed his 2nd semester. So will be able to match up to the level of other developers who will be there? Any other advice/suggestions Thank you in advance.

    Read the article

  • Which is more effective in coding? Reducing line of code and execution of code?

    - by Ayyappan.Anbalagan
    I have this doubt many years. I am wring some code to achieve some functionality. For example I am writing 20 lines of code to achieve the functionality and my co worker writing the code for the same functionality with just 5 lines. Since he used some looping statement to achieve that, but that code will execute around 30 to 50 times. So which is best way of coding? As per my knowledge I always try to reduce coding length as much I can.

    Read the article

  • Perl coding to PHP coding conversion

    - by Haskella
    Hi, I am trying to convert some Perl into PHP using this guideline: http://www.cs.wcupa.edu/~rkline/perl2php/#basedir Basically I know next to nothing about these two languages. Please give me some simple English explanation of what each line does, I'll be more than happy. Thanks for reading :D Perl CGI program: #!/usr/bin/perl -T use strict; use warnings; use CGI (); my %fruit_codes = ( apple => '2321.html', banana => '1234.html', coconut => '8889.html', ); my $c = CGI->new; my $fruit_parameter = $c->param('fruit_name'); my $iframe_document; if (defined $fruit_parameter and exists $fruit_codes{$fruit_parameter}) { $iframe_document = $fruit_codes{$fruit_parameter}; } else { $iframe_document = 'sorry-no-such-fruit.html'; } $c->header('application/xhtml+xml'); print <<"END_OF_HTML"; <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Fruits</title> </head> <body> <form action="fruits.cgi"> <fieldset> <label for="fruit">Name of the fruit:</label> <input id="fruit" name="fruit_name" type="text" /> <input type="submit" /> </fieldset> </form> <iframe src="$iframe_document"> <a href="$iframe_document">resulting fruit</a> </iframe> </body> </html> END_OF_HTML 1;

    Read the article

  • RTF template coding, XSLT coding

    - by sujith
    I have the below requirement <data> <dataset1> <number>1</number> <name>red</name> <number>2</number> <name>Yellow</name> <number>3</number> <name>black</name> <number>4</number> <name>Violet</name> </dataset1> <dataset2> <index>1</index> <index>2</index> <index>3</index> <index>4</index> </dataset2> </data> I need to loop through dataset2 take the index value, compare it with the value of number tag in dataset1. If a match occurs then display value of corresponding name tag. I need to get the output in rtf format. Please give BI tags or relevent xslt code to do the same. Thanks in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >