Search Results

Search found 6690 results on 268 pages for 'worst practices'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 76/268 | < Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >

  • How Can I Find Out *HOW* My Site Was Hacked? How Do I Find Site Vulnerabilities?

    - by Imageree
    One of my custom developed ASP.NET sites was hacked today: "Hacked By Swan (Please Stop Wars !.. )" It is using ASP.NET and SQL Server 2005 and IIS 6.0 and Windows 2003 server. I am not using Ajax and I think I am using stored procedures everywhere I am connecting to the database so I dont think it is SQL injection. I have now removed the write permission on the folders. How can I find out what they did to hack the site and what to do to prevent it from happening again? The server is up to date with all Windows updates. What they have done is uploading 6 files (index.asp, index.html, index.htm,...) to the main directory for the website. What log files should I upload? I have log files for IIS from this folder: c:\winnt\system32\LogFiles\W3SVC1. I am willing to show it to some of you but don't think it is good to post on the Internet. Anyone willing to take a look at it? I have already searched on Google but the only thing I find there are other sites that have been hacked - I haven't been able to see any discussion about it. I know this is not strictly related to programming but this is still an important thing for programmers and a lot of programmers have been hacked like this.

    Read the article

  • Invoicing vs Quoting

    - by FreshCode
    If invoices can be voided, should they be used as quotations? I have an Invoices tables that is created from inventory associated with a Job. I could have a Quotes table as a halfway-house between inventory and invoices, but it feels like I would have duplicate data structures and logic just to handle an "Is this a quote?" bit. From a business perspective, quotes are different from invoices: a quote is sent prior to an undertaking and an invoice is sent once it is complete and payment is due, but how to represent this in my repository and model. What is an elegant way to store and manage quotes & invoices in a database?

    Read the article

  • Ideal way to cancel an executing AsyncTask

    - by Samuh
    I am running remote audio-file-fetching and audio file playback operations in a background thread using AsyncTask. A Cancellable progress bar is shown for the time the fetch operation runs. I want to cancel/abort the AsyncTask run when the user cancels (decides against) the operation. What is the ideal way to handle such a case?

    Read the article

  • HMVC/PAC - how to handle shared abstractions/models?

    - by fig-gnuton
    In HMVC/PAC, what's the recommended way to code if two or more triads/agents share a common model/abstraction? Do you instantiate a new instance of that model wherever needed, and propogate a change in one to all the other instances via the controllers? Or do instantiate one model at some common upper level, and inject that instance wherever needed? (Or neither if I'm missing something fundamental about these patterns?)

    Read the article

  • Flexible design - customizable entity model, UI and workflow

    - by Ngm
    Hi All, I want to achieve the following aspects in the software I am building: 1. Customizable entity model 2. Customizable UI 3. Customizable workflow I have thought about an approach to achieve this, I want you to review this and make suggestions: Entity objects should be plain objects and will hold just data Separate Entity model and DB Schema by using an framework (like NHibernate?). This will allow easy modification of entity objects. Business logic to fetch/modify entities has to be granular enough so that they can be invoked as part of the workflow. Business objects should not hold any state, and hence will contain only static methods The workflow will decide depending upon the "state" of an entity/entities which methods on business object/objects to invoke. The workflow should obtain the results of the processing and then pass on the business objects to the appropriate UI screen. The UI screen has to contain instructions about how to display a given entity/entites. Possibly the UI has to be generated dynamically based on a set of UI instructions. (like XUL) What do you think about this approach? Suggest which existing frameworks (like NHiberante, Window Workflow) fit into this model, so that I will not spend time on coding these frameworks Also suggest is there any asp.net framework that can generate dynamic asp.net ajax pages based on a set of UI instructions (like Mozilla XUL)? I have recently been exploring Apache Ofbiz and was impressed by its ability to customize most areas of the application: UI, workflow, entities. Is there any similar (not necessarily an ERP system) application developed in C#/.Net which offers a similar level of customization? I am looking for examples of applications developed in C# that are highly customizable in terms of UI, Workflow and Entity Model

    Read the article

  • Revision histories and documenting changes

    - by jasonline
    I work on legacy systems and I used to see revision history of files or functions being modified every release in the source code, for example: // // Rev. No Date Author Description // ------------------------------------------------------- // 1.0 2009/12/01 johnc <Some description> // 1.1 2009/12/24 daveb <Some description> // ------------------------------------------------------- void Logger::initialize() { // a = b; // Old code, just commented and not deleted a = b + c; // New code } I'm just wondering if this way of documenting history is still being practiced by many today? If yes, how do you apply modifications on the source code - do you comment it or delete it completely? If not, what's the best way to document these revisions? If you use version control systems, does it follow that your source files contain pure source codes, except for comments when necessary (no revision history for each function, etc.)?

    Read the article

  • Naming convention for non-virtual and abstract methods

    - by eagle
    I frequently find myself creating classes which use this form (A): abstract class Animal { public void Walk() { // TODO: do something before walking // custom logic implemented by each subclass WalkInternal(); // TODO: do something after walking } protected abstract void WalkInternal(); } class Dog : Animal { protected override void WalkInternal() { // TODO: walk with 4 legs } } class Bird : Animal { protected override void WalkInternal() { // TODO: walk with 2 legs } } Rather than this form (B): abstract class Animal { public abstract void Walk(); } class Dog : Animal { public override void Walk() { // TODO: do something before walking // custom logic implemented by each subclass // TODO: walk with 4 legs // TODO: do something after walking } } class Bird : Animal { public override void Walk() { // TODO: do something before walking // custom logic implemented by each subclass // TODO: walk with 2 legs // TODO: do something after walking } } As you can see, the nice thing about form A is that every time you implement a subclass, you don't need to remember to include the initialization and finalization logic. This is much less error prone than form B. What's a standard convention for naming these methods? I like naming the public method Walk since then I can call Dog.Walk() which looks better than something like Dog.WalkExternal(). However, I don't like my solution of adding the suffix "Internal" for the protected method. I'm looking for a more standardized name. Btw, is there a name for this design pattern?

    Read the article

  • Separation of concerns and authentication

    - by Tom Gilder
    I'm trying to be a Good Developer and separate my concerns out. I've got an ASP.NET MVC project with all my web code, and a DAL project with all the model code. Sometimes code in the DAL needs to check if the current user is authorized to perform some actions, by checking something like CurrentUser.IsAdmin. For the web site, the current is derived from the Windows username (from HttpContext.Current.User.Identity), but this is clearly a web concern and shouldn't be coupled to the DAL. What's the best pattern to loosely couple the authentication? Should the DAL be asking the MVC code for a username, or the MVC be telling the DAL? Are there advantages or disadvantages to one or the other? Thank you!

    Read the article

  • Split html text in a SEO friendly manner

    - by al nik
    I've some html text like <h1>GreenWhiteRed</h1> Is it SEO friendly to split this text in something like <h1><span class="green">Green</span><span class="white">White</span><span class="red">Red</span></h1> Is the text still ranking well and is it interpreted as a single word 'GreenWhiteRed'?

    Read the article

  • SVN best practice - checking out root folder

    - by Stephen Dolier
    Hi all, quick question about svn checkout best practice. Once the structure of a repository is set up, ie trunk, branches, tags, is it normal to have the root checked out to our local machines. Or should you only check out the trunk if that's what you are working on or a branch if we so choose to create one. The reason i ask is that every time someone creates a branch or tag we all get a copy when we do an update. btw, we're recently migrated from vss.

    Read the article

  • Exception design: Custom exceptions reading data from file?

    - by User
    I have a method that reads data from a comma separated text file and constructs a list of entity objects, let's say customers. So it reads for example, Name Age Weight Then I take these data objects and pass them to a business layer that saves them to a database. Now the data in this file might be invalid, so I'm trying to figure out the best error handling design. For example, the text file might have character data in the Age field. Now my question is, should I throw an exception such as InvalidAgeException from the method reading the file data? And suppose there is length restriction on the Name field, so if the length is greater than max characters do I throw a NameTooLongException or just an InvalidNameException, or do I just accept it and wait until the business layer gets a hold of it and throw exceptions from there? (If you can point me to a good resource that would be good too)

    Read the article

  • To be effective on your home projects is it better using the same technologies used at work?

    - by systempuntoout
    To be more productive and effective, is it better to start developing an home project using the same technologies used at work? I'm not talking about a simple hello world web page but an home project with all bells and whistles that one day, maybe, you could sell on internet. This dilemma is often subject of flames between me and a friend. He thinks that if you want to make a great home-made project you need to use the same technologies used daily at work staying in the same scope too; for example, a c++ computer game programmer should develope an home-made c++ game. I'm pretty sure that developing using the same technologies used at work can be more productive at beginning, but surely less exciting and stimulating of working with other languages\ides\libraries out of your daily job. What's your opinion about that?

    Read the article

  • Java Date vs Calendar

    - by Marty Pitt
    Could someone please advise the current "best practice" around Date and Calendar types. When writing new code, is it best to always favour Calendar over Date, or are there circumstances where Date is the more appropriate datatype?

    Read the article

  • How to record different authentication types (username / password vs token based) in audit log

    - by RM
    I have two types of users for my system, normal human users with a username / password, and delegation authorized accounts through OAuth (i.e. using a token identifier). The information that is stored for each is quite different, and are managed by different subsytems. They do however interact with the same tables / data within the system, so I need to maintain the audit trail regardless of whether human user, or token-based user modified the data. My solution at the moment is to have a table called something like AuditableIdentity, and then have the two types inheriting off that table (either in the single table, or as two seperate tables with 1 to 1 PK with AuditableIdentity. All operations would use the common AuditableIdentity PK for CreatedBy, ModifiedBy etc columns. There isn't any FK constraint on the audit columns, so any text can go in there, but I want an easy way to easily determine whether it was a human or system that made the change, and joining to the one AuditableIdentity table seems like a clean way to do that? Is there a best practice for this scenario? Is this an appropriate way of approaching the problem - or would you not bother with the common table and just rely on joins (to the two seperate un-related user / token tables) later to determine which user type matches which audit records?

    Read the article

  • Security implications of writing files using PHP

    - by susmits
    I'm currently trying to create a CMS using PHP, purely in the interest of education. I want the administrators to be able to create content, which will be parsed and saved on the server storage in pure HTML form to avoid the overhead that executing PHP script would incur. Unfortunately, I could only think of a few ways of doing so: Setting write permission on every directory where the CMS should want to write a file. This sounds like quite a bad idea. Setting write permissions on a single cached directory. A PHP script could then include or fopen/fread/echo the content from a file in the cached directory at request-time. This could perhaps be carried out in a Mediawiki-esque fashion: something like index.php?page=xyz could read and echo content from cached/xyz.html at runtime. However, I'll need to ensure the sanity of $_GET['page'] to prevent nasty variations like index.php?page=http://www.bad-site.org/malicious-script.js. I'm personally not too thrilled by the second idea, but the first one sounds very insecure. Could someone please suggest a good way of getting this done?

    Read the article

  • VB Classes Best Practice - give all properties values?

    - by Becky Franklin
    Sorry if this is a bit random, but is it good practice to give all fields of a class a value when the class is instanciated? I'm just wondering if its better practice to have a constuctor that takes no parameters and gives all the fields default values, or whether fields that have values should be assigned and others left alone until required? I hope that makes sense, Becky

    Read the article

  • Is there a Standard or Best Practice for Perl Progams, as opposed to Perl Modules?

    - by swestrup
    I've written any number of perl modules in the past, and more than a few stand-alone perl programs, but I've never released a multi-file perl program into the wild before. I have a perl program that is almost at the beta stage and is going to be released open source. It requires a number of data files, as well as some external perl modules -- some I've written myself, and some from CPAN -- that I'll have to bundle with it so as to ensure that someone can just download my program and install it without worrying about hunting for obscure modules. So, it sounds to me like I need to write an installer to copy all the files to standard locations so that a user can easily install everything. The trouble is, I have no idea what the standard practice would be for this. I have found lots of tutorials on perl module standards, but none on perl program standards. Does anyone have any pointers to standard paths, installation proceedures, etc, for perl programs? This is going to be complicated by the fact that the program is multi-platform. I've been testing it in Linux, but its designed to work equally well in Windows.

    Read the article

  • Only perform jquery effects/operations on certain pages

    - by Galen
    Up until now i've been dropping all my jquery code right inside the document.ready function. I'm thinking that for certain situations this isnt the best way to go. for example: If i want an animation to perform when a certain page loads what is the best way to go about that. $(document).ready(function() { $("#element_1").fadeIn(); $("#element_2").delay('100').fadeIn(); $("#element_3").delay('200').fadeIn(); }); If this is right inside of document.ready then every time ANY page loads it's going to check each line and look for that element. What is the best way to tell jquery to only perform a chunk of code on a certain page to avoid this issue.

    Read the article

  • Performance Related features for migration from .net 2003 Framework 1.1 to .net 2008 framework 3.5?

    - by KuldipMCA
    I am work on VB.net 2003 Framework 1.1 for last 3.5 years in windows Application. We are currently migrating to VB.net 2008 framework 3.5, but i don't know about the features which related to ADO.net and which is important to performance. I know linq to SQL but our architecture is made in .net 2003 so we should follow this. Any features which is very important to enhance the performance?

    Read the article

  • Is jQuery always the answer?

    - by Kibbee
    I've come across a couple questions, such as this one, and I really have to wonder why "Use jQuery" seems to be the answer when somebody asks how to do something in JavaScript. I understand that jQuery can save you a lot of time, and can help you out a lot, especially when you are doing a lot of fancy JavaScript in your site. However, in instances like this, and in many other instances, it seems like it's just jumping around the problem instead of answering the question. I also feel like this builds too much dependency into libraries. I've seen way too many developers that simply rely too much on libraries, and if they encounter a situation where they didn't have the library, they would be completely unable to function. I feel like there are already enough developers who don't know JavaScript, without just telling everybody to not learn JavaScript, and use jQuery. So, just to reiterate the question. Do you think there's too much of a tendency to use jQuery, for small pieces of JavaScript, when most of the functionality of jQuery isn't being used. Should developers be fluent in the use of bare JavaScript so they don't get too dependent on using libraries? [Additional related conversation topic] Does the existence of jQuery give too much slack to web browser developers who write the JavaScript engines? If we just have workarounds to cover all the inconsistencies in JavaScript, what pressure is there on browser makers to ensure that their JavaScript library works as it should. I feel like this extrapolates the same problem discussed in SO Podcast #36 of "be conservative in what you send, liberal in what you accept". By being so liberal with bad JavaScript engines, and using a common library to work around the flaws, we are promoting their use, and extending the problem.

    Read the article

  • What's the best practice way to convert enum to string?

    - by dario
    Hi. I have enum like this: public enum ObectTypes { TypeOne, TypeTwo, TypeThree, ... TypeTwenty } then I need to convert this enum to string. Now Im doing this that way: public string ConvertToCustomTypeName(ObjectTypes typeObj) { string result = string.Empty; switch (typeObj) { case ObjectTypes.TypeOne: result = "This is type T123"; break; case ObjectTypes.TypeTwo: result = "This is type T234"; break; ... case ObjectTypes.TypeTwenty: result = "This is type last"; break; } return result; } Im quite sure that there is better way do do this, Im looking for some good practice solution. Thanks in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >