Search Results

Search found 5915 results on 237 pages for 'practices'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 77/237 | < Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >

  • Can per-user randomized salts be replaced with iterative hashing?

    - by Chas Emerick
    In the process of building what I'd like to hope is a properly-architected authentication mechanism, I've come across a lot of materials that specify that: user passwords must be salted the salt used should be sufficiently random and generated per-user ...therefore, the salt must be stored with the user record in order to support verification of the user password I wholeheartedly agree with the first and second points, but it seems like there's an easy workaround for the latter. Instead of doing the equivalent of (pseudocode here): salt = random(); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword, salt); Why not use the hash of the username as the salt? This yields a domain of salts that is well-distributed, (roughly) random, and each individual salt is as complex as your salt function provides for. Even better, you don't have to store the salt in the database -- just regenerate it at authentication-time. More pseudocode: salt = hash(username); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword); (Of course, hash in the examples above should be something reasonable, like SHA-512, or some other strong hash.) This seems reasonable to me given what (little) I know of crypto, but the fact that it's a simplification over widely-recommended practice makes me wonder whether there's some obvious reason I've gone astray that I'm not aware of.

    Read the article

  • Common programming mistakes for Scala developers to avoid

    - by jelovirt
    In the spirit of Common programming mistakes for Java developers to avoid? Common programming mistakes for JavaScript developers to avoid? Common programming mistakes for .NET developers to avoid? Common programming mistakes for Haskell developers to avoid? Common programming mistakes for Python developers to avoid? Common Programming Mistakes for Ruby Developers to Avoid Common programming mistakes for PHP developers to avoid? what are some common mistakes made by Scala developers, and how can we avoid them? Also, as the biggest group of new Scala developers come from Java, what specific pitfalls they have to be aware of? For example, one often cited problem Java programmers moving to Scala make is use a procedural approach when a functional one would be more suitable in Scala. What other mistakes e.g. in API design newcomers should try to avoid.

    Read the article

  • How convince other developers not to ignore Exceptions?

    - by Mnementh
    Recently I encountered a bug in an application I took over from another developer. I debugged for the reason and over an hour later I realized, that the problem wasn't the code producing the exception, but some code executed before this returning wrong data. If I dived into this, I encountered the following: try { ... } catch (XYException e){} If the Exception would have been propagated (a change I did), I would have found the reason for the bugs in a few minutes, as the stacktrace had pointed me to the problem. So how can I convince other developers to never catch and ignore exceptions in this way?

    Read the article

  • Creating/Maintaining a large project-agnostic code library

    - by bufferz
    In order to reduce repetition and streamline testing/debugging, I'm trying to find the best way to develop a group of libraries that many projects can utilize. I'd like to keep individual executable relatively small, and have shared libraries for math, database, collections, graphics, etc. that were previously scattered among several projects and in many cases duplicated (bad!). This library is to be in an SVN repo and several programmers will be working on it. This library will be in constant development along with the executables that utilize it. For example, I want a code file in ProjectA to look something like the following: using MyCompany.Math.2D; //static 2D math methods using MyCompany.Math.3D; //static #D math methods using MyCompany.Comms.SQL; //static methods for doing simple SQLDB I/O using MyCompany.Graphics.BitmapOperations; //static methods that play with bitmaps So in my ProjectA solution file in VisualStudio, in order to develop/debug the MyCompany library I have to add several projects (Math, Comms, Graphics). Things get pretty cluttered and Solution files get out of date quickly between programmer SVN commits. I'm just looking for a high level approach to maintaining a large, shared code base in an SCN repository. I am fully willing to radically redesign my approach. I'm looking for that warm fuzzy feeling you get when you're design approach is spot on and development is fluid and natural. And ideas? Thanks!!

    Read the article

  • Strategy for unsubscribing event handlers

    - by stiank81
    In my WPF application I have a View that is given a ViewModel, and when given this View it adds event handlers to the ViewModel's PropertyChanged event. When some action occur in the GUI I remove the View and add another View to the holding container - where this new one is bound to the same ViewModel. After this has happened the old View still keeps handling PropertyChanged events in the ViewModel. I'm assuming this happens because the View hasn't been collected by the Garbage Collector yet, and therefore is alive? Well - I need it to stop. My assumption is that I need to manually detach the event handler from the ViewModel? Is there a best-practice on how to handle this?

    Read the article

  • controlling if exceptions are swallowed by a static boolean

    - by sandis
    So we are a few guys developing this product that is communicating with a really unstable server. It often returns very strange and corrupt data. During testing we want the resulting crashes to be loud, so we discover them. But every other day we need to demonstrate our product for a potential customer. To the customer the errors will go undiscovered if we just swallow them. I am thinking about implementing something like this around all server communication to quickly switch between swallowing exceptions and crashing: try { apiCall(); } catch (Exception e) { if(!SWALLOW_EXCEPTION) { throw e; } } Is this an awesome idea, or can it be done in a better way?

    Read the article

  • Interface for classes that have nothing in common

    - by Tomek Tarczynski
    Lets say I want to make few classes to determine behaviour of agents. The good practice would be to make some common interface for them, such interface (simplified) could look like this: interface IModel { void UpdateBehaviour(); } All , or at least most, of such model would have some parameters, but parameters from one model might have nothing in common with parameters of other model. I would like to have some common way of loading parameters. Question What is the best way to do that? Is it maybe just adding method void LoadParameters(object parameters) to the IModel? Or creating empty interface IParameters and add method void LoadParameters(IParameters parameters)? That are two ideas I came up with, but I don't like either of them.

    Read the article

  • One repository per table or one per functional section?

    - by Ian Roke
    I am using ASP.NET MVC 2 and C# with Entity Framework 4.0 to code against a normalised SQL Server database. A part of my database structure contains a table of entries with foreign keys relating to sub-tables containing drivers, cars, engines, chassis etc. I am following the Nerd Dinner tutorial which sets up a repository for dinners which is fair enough. Do I do one for drivers, one for engines, one for cars and so on or do I do one big one for entries? Which is the best practise for this type of work? I am still new to this method of coding.

    Read the article

  • Where to store 3rd party libraries?

    - by zerkms
    I have asp.net mvc 2 application. Now I'm reimplementing it for working with Ninject. All is fine except one thing: where should I store Ninject.dll?? I've created lib directory inside my appdir and made reference to lib/Ninject.dll. But may be there are some general conventions on how to act in such cases?

    Read the article

  • REST doesn't work with Sever-Client-Client setup

    - by drozzy
    I am having a problem with my current RESTful api design. What I have is a REST api which is consumed by Django web-server, which renders the HTML templates. REST api > Django webserver > HTML The problem I am encountering is that I have to reconstruct all the URLS like mysite.com/main/cities/<id>/streets/ into equivalent rest api urls on my web-server layer: api.com/cities/<id>/streets/ Thus I have a lot of mapping back and forth, but as far as I know REST says that the client (in this case my web-server) should NOT need to know how to re-construct the urls. Can REST be used for such a setup and how? Or is it only viable for Server-Client architecture. Thanks

    Read the article

  • Throwing exception vs returning null value with switch statement

    - by Greg
    So I have function that formats a date to coerce to given enum DateType{CURRENT, START, END} what would be the best way to handling return value with cases that use switch statement public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... default:throw new ("Something strange happend"); } } OR throw excpetion at the end public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... } //It will never reach here, just to make compiler happy throw new IllegalArgumentException("Something strange happend"); } OR return null public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... } return null; } What would be the best practice here ? Also all the enum values will be handled in the case statement

    Read the article

  • Format for storing contacts in a database

    - by Gart
    I'm thinking of the best way to store personal contacts in a database for a business application. The traditional and straightforward approach would be to create a table with columns for each element, i.e. Name, Telephone Number, Job title, Address, etc... However, there are known industry standards for this kind of data, like for example vCard, or hCard, or vCard-RDF/XML or even Windows Contacts XML Schema. Utilizing an standard format would offer some benefits, like inter-operablilty with other systems. But how can I decide which method to use? The requirements are mainly to store the data. Search and ordering queries are highly unlikely but possible. The volume of the data is 100,000 records at maximum. My database engine supports native XML columns. I have been thinking to use some XML-based format to store the personal contacts. Then it will be possible to utilize XML indexes on this data, if searching and ordering is needed. Is this a good approach? Which contacts format and schema would you recommend for this?

    Read the article

  • Dynamically loading CSS and JavaScript using Prototype

    - by Salman A
    I have a classic ASP application that I've been constantly trying to modularize. Currently, almost all pages are divided in to two pages: an outer page that contains the layout, header, sidebar, footer an inner page that contains ASP code The outer pages use dreamweaver templates so updating layout and replicating changes is easy. The inner pages are managed by me. Now here is the problem: I had to add a lightbox to one page, I chose Lightbox 2 which requires Prototype. I ended up adding Prototype on every page, assuming that sooner or later I'll upgrade all pages, forms, ajax requests and other javascript to use Prototype. I've now added two other plugins -- Modalbox and Protofade; each with a pair of .JS and .CSS files. Since I'll be using these three plugins on specific set of pages I am wondering if I can load the required CSS and JS files dynamically. I do not want to access the document head and add include files there, I'll have to do this from inside a DIV where all ASP code is supposed to go.

    Read the article

  • How to get rid of the GUI access from shared library.

    - by Inso Reiges
    Hello, In my project i have a shared library with cross-platform code that provides a very convenient abstraction for a number of its clients. To be more specific, this library provides data access to encrypted files generated by main application on a number of platforms. There is a great deal of complicated code there that implements cryptographic protocols and as such is very error-prone and should be shared as much as possible across clients and platforms. However parsing all this encrypted stuff requires asking user for a number of different secrets ones in a while. The secret can be either a password, a number of shared passwords or a public key file and this list is a hot target for extension in the future. I can't really ask the user for any of those secrets beforehand from main application, because i really don't know what i need to ask for until i start working with the encrypted data directly in the library code. So i will have to create dialogs and call them from the library code. However i really see this as a bad idea, because (among other things) there is a possibility of a windows service using it and services can't have GUI access. The question is, are there any known ways or patterns to get rid of the GUI calls that are suitable for my case? Thank you.

    Read the article

  • Should I distinguish OpenIDs based on protocol prefix or not? http vs https

    - by Joannes Vermorel
    I have implemented a straightforward OpenID support for my ASP.NET app with DotNetOpenAuth. Yet I recently realized that the implementation was treating http://johndoe.example.com/ as a distinct user compared to https://johndoe.example.com. This lead to quite a few confused users. I am unsure what to do at this point. Is this a bug or a feature? Indeed, I can consider this behavior as a feature: if the user specifies the HTTPS, the user might not want the system to accept HTTP auth in the first place. On the other hand: if the user specifies HTTPS out of sheer cluelessness (the casual web visitor is clueless concerning the purpose of the "S" part), then rejecting it's authentication attempt is confusing. What is considered as the best practice?

    Read the article

  • When should you use intermediate variables for expressions?

    - by froadie
    There are times that one writes code such as this: callSomeMethod(someClass.someClassMethod()); And other times when one would write the same code like this: int result = someClass.someClassMethod(); callSomeMethod(result); This is just a basic example to illustrate the point. My question isn't if you should use an intermediate variable or not, as that depends on the code and can sometimes be a good design decision and sometimes a terrible one. The question is - when would you choose one method over the other? What factors would you consider when deciding whether to use an intermediate step? (I'd assume length and understandability of the fully inlined code would have something to do with it...)

    Read the article

  • Which articles I've should read before starting to make my custom drawn winforms app?

    - by Dmitriy Matveev
    Hello! I'm currently developing a windows forms application with a lot of user controls. Some of them are just custom drawn buttons or panels and some of them are a compositions of these buttons and panels inside of FlowLayoutPanels and TableLayoutPanels. And the window itself is also custom drawn. I don't have much experience in winforms development, but I've made a proper decomposition of proposed design into user controls and implementation is already almost finished. I've already solved many arisen problems during development by the help of the google, msdn, SO and several dirty hacks (when nothing were helping) and still experiencing some of them. There are a lot of gaps in my knowledge base, since I don't know answers to many questions like: When I should use things like double buffer, suspended layout, suspended redraw ? What should I do with the controls which shouldn't be visible at some moment ? Common performance pitfalls (I think I've fallen in in several ones) ? So I think there should be some great articles which can give some knowledge enough to avoid most common problems and improve performance and maintainability of my application. Maybe some of you can recommend a few?

    Read the article

  • do I need to use partial?

    - by wiso
    I've a general function, for example (only a simplified example): def do_operation(operation, a, b, name): print name do_something_more(a,b,name, operation(a,b)) def operation_x(a,b): return a**2 + b def operation_y(a,b): return a**10 - b/2. and some data: data = {"first": {"name": "first summation", "a": 10, "b": 20, "operation": operation_x}, "second": {"name": "second summation", "a": 20, "b": 50, "operation": operation_y}, "third": {"name": "third summation", "a": 20, "b": 50, "operation": operation_x}, # <-- operation_x again } now I can do: what_to_do = ("first", "third") # this comes from command line for sum_id in what_to_do: do_operation(data["operation"], data["a"], data["b"], data["name"]) or maybe it's better if I use functools.partial? from functools import partial do_operation_one = do_operation(name=data["first"]["name"], operation=data["first"]["operation"], a=data["first"]["a"], b=data["first"]["b"]) do_operation_two = do_operation(name=data["second"]["name"], operation=data["second"]["operation"] a=data["second"]["a"], b=data["second"]["b"]) do_operation_three = do_operation(name=data["third"]["name"], operation=data["third"]["operation"] a=data["third"]["a"], b=data["third"]["b"]) do_dictionary = { "first": do_operation_one, "second": do_operation_two, "third": do_operation_three } for what in what_to_do: do_dictionary[what]()

    Read the article

  • Controls added in the designer are null during Page_Load

    - by mwright
    All of the names below are generic and not the actual names used. I have a custom UserControl with a Panel that contains a a couple Labels, both .aspx controls. .aspx: <asp:Panel runat="server"> <asp:Label ID="label1" runat="server"> </asp:Label> </asp:Panel> <asp:Panel runat="server"> <asp:Label ID="label2" runat="server"> </asp:Label> </asp:Panel> Codebehind: private readonly Object object; protected void Page_Load(object sender, EventArgs e) { // These are the lines that are failing // label1 and label2 are null label1.Text = object.Value1; label2.Text = object.Value2; } public ObjectRow(Object objectToDisplay) { object = objectToDisplay; } On another page, in the code behind, I create a new instance of the custom user control. protected void Page_Load(object sender, EventArgs e) { CustomControl control = new CustomControl(object); } The user control takes the parameter and attempts to set the labels based off of the object passed in. The labels that it tries to assign the values to are however, null. Is this an ASP.net lifecycle issue that I'm not understanding? My understanding based on the Microsoft ASP.net lifecycle page was that page controls were available after the Page_Initialization. What is the proper way to do this? Is there a better way?

    Read the article

  • Advice on software / database design to avoid using cursors when updating database

    - by Remnant
    I have a database that logs when an employee has attended a course and when they are next due to attend the course (courses tend to be annual). As an example, the following employee attended course '1' on 1st Jan 2010 and, as the course is annual, is due to attend next on the 1st Jan 2011. As today is 20th May 2010 the course status reads as 'Complete' i.e. they have done the course and do not need to do it again until next year: EmployeeID CourseID AttendanceDate DueDate Status 123456 1 01/01/2010 01/01/2011 Complete In terms of the DueDate I calculate this in SQL when I update the employee's record e.g. DueDate = AttendanceDate + CourseFrequency (I pull course frequency this from a separate table). In my web based app (asp.net mvc) I pull back this data for all employees and display it in a grid like format for HR managers to review. This allows HR to work out who needs to go on courses. The issue I have is as follows. Taking the example above, suppose today is 2nd Jan 2011. In this case, employee 123456 is now overdue for the course and I would like to set the Status to Incomplete so that the HR manager can see that they need to action this i.e. get employee on the course. I could build a trigger in the database to run overnight to update the Status field for all employees based on the current date. From what I have read I would need to use cursors to loop over each row to amend the status and this is considered bad practice / inefficient or at least something to avoid if you can??? Alternatively, I could compute the Status in my C# code after I have pulled back the data from the database and before I display it on screen. The issue with this is that the Status in the database would not necessarily match what is shown on screen which just feels plain wrong to me. Does anybody have any advice on the best practice approach to such an issue? It helps, if I did use a cursor I doubt I would be looping over more than 1000 records at any given time. Maybe this is such small volume that using cursors is okay?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >