Wednesday, May 7, 2008
GPS Navigation Unit
I am debating buying this new GPS navigation unit for driving around. I have read really good reviews about it. I am opting for one that has bluetooth so that I can talk on the phone.
Tuesday, April 15, 2008
Add in Manager missing
I was trying to use an add in tool for visual studio c++ express 2008 when I discovered that it was missing. I went looking for a list that compares the features between express and the other versions of visual studio. Unfortunately I have not yet found one.
Wednesday, April 2, 2008
A little busy
I have been working on some projects with clients, and have been a little busy with other projects. I have some ideas for posts I would like to post soon. In the mean time I started a photoshelter account. I am going to try this out and see how well it works.
Sunday, March 23, 2008
You Weren't Meant to Have a Boss
I usually am against reposting blog articles. However, if I find something that is really good I will definitely post it. I am an avid read of www.escapefromcubiclenation.com. On her blog I came across this post. It's about programmers not being meant to have bosses because it inherently goes against their nature. This is a very thought provoking read.
Saturday, March 22, 2008
Calculating when Easter falls
There is an excellent post on how to calculate when Easter occurs.
http://godplaysdice.blogspot.com/2008/03/easters-early-this-year-deal-with-it.html
http://godplaysdice.blogspot.com/2008/03/easters-early-this-year-deal-with-it.html
Friday, March 21, 2008
No Zip For You : (
I was looking to unzip documents using C#. What I discovered was that there were and still are no standard assemblies for this in .net. To clarify there are zip assemblies however, every one is almost unusable. One of the assemblies unzips but only works on zip files containing at most one file. The other has an ooxml version that requires an xml index file in the zip. Meaning if someone hands you a zip file and says unzip all of the files you can't use a standard .net assembly without lots of grief.
Fortunately there is the sharpzip assembly that is free. I have used this assembly and found it very easy implement. It took only about five minutes to test. I was very pleased with the turn around time.
Fortunately there is the sharpzip assembly that is free. I have used this assembly and found it very easy implement. It took only about five minutes to test. I was very pleased with the turn around time.
Wednesday, March 19, 2008
50+ Resource For Boosting Your Income
I saw this list and wanted to post it quickly. Looks interesting.
Typography of Code
I was just reading this and thought it was a great read. Fonts do matter especially in code. I really liked how his samples had vertical lines. I am going to see if I can alter my IDE's to have this. Very useful.
Tuesday, March 18, 2008
C# Using Keyword
Today a coworker and I were discussing what we dislike about the try catch finally block. Specifically we do not like that the scope in the try does not carry through to the finally block. This is especially egregious in methods where database access is handled. The using keyword helps address this issue. I have not used the using keyword enough to state how I feel about it.
Thursday, March 13, 2008
C#. and VB.net
I was reading an article yesterday where the author was tired of people arguing over which was a more powerful language vb.net or C#. Many people say they are the same but languages are rarely the same. Just because they are both .net languages does not mean they are equal. Would one say that version 2 of C# is just as powerful as version 3? Not likely. I am not interested in arguing over which is better. I just do not agree that languages are equal.
As a side note C# programmers are paid more. Someone else suggests that C# programmers are generally previous C++ programmers. And from their experience generally more competent.
As a side note C# programmers are paid more. Someone else suggests that C# programmers are generally previous C++ programmers. And from their experience generally more competent.
Wednesday, March 12, 2008
I have been wanting to do this
I have wanted for a while to do a csszengarden entry. I was working on an entry and decided it was time to post it. I was told it was rather simple looking. At which point I thought more is not always better. You can see the whole site here.
Saturday, March 8, 2008
Possible mysqli bug?
Today while I was programming I was having difficulty with some code that went something like this
$mysqli = new mysqli
$stmt = $mysqli->prepare($somequery);
$stmt->bind_param($params);
$stmt->execute();
$mysqli->store_result();
while($row = $stmt->fetch_assoc()){
print_r $row;
}
//snip
My output was strange in that the fields were present just the values were in the wrong ones and some values were missing. I did not want to bind the result because I wanted an array.
It was taking too long to proceed so I used the bind_result method. I want to investigate this further. Nothing in the php docs said this is not meant to be used this way. I found someone mention thisas a possible problem. Unfortunately it appears that someone did not investigate it
the person classified it as not a php bug. Which it may not be. Who knows?
$mysqli = new mysqli
$stmt = $mysqli->prepare($somequery);
$stmt->bind_param($params);
$stmt->execute();
$mysqli->store_result();
while($row = $stmt->fetch_assoc()){
print_r $row;
}
//snip
My output was strange in that the fields were present just the values were in the wrong ones and some values were missing. I did not want to bind the result because I wanted an array.
It was taking too long to proceed so I used the bind_result method. I want to investigate this further. Nothing in the php docs said this is not meant to be used this way. I found someone mention thisas a possible problem. Unfortunately it appears that someone did not investigate it
the person classified it as not a php bug. Which it may not be. Who knows?
Profile of a Cyber Hacker
I was reading this article. I started laughing when I read the following.
"If there is a profile of a cyber hacker, these three are straight from central casting -- young and thin, with skin pale from spending too many long nights in front of a computer."
"If there is a profile of a cyber hacker, these three are straight from central casting -- young and thin, with skin pale from spending too many long nights in front of a computer."
A new take on the workaholic
This post is great because it causes people to ask the question "are workaholics really valuable players to have on your team?" Check out his five reason why they aren't.
Thursday, March 6, 2008
Acid Three Test Is Out
An acid test is used to appraise the worth of something, in this case browsers. The most recent version is 3 that came out the 3rd of march 2008. This test ECMAScript and the DOM. What is good about these test is that the put browsers in the spotlight. It sheds light on the problems. It puts pressure on them to improve. The results were interesting. As expected Firefox did the best with 50 percent. Microsoft did the worst with 12 percent. Check the wiki article for more details
Debugging Tip
Meet Jack my debugging pal. Jack and his mini-twin sit on my desk at home and at work respectively. What my coworkers do not know is that Jack actually serves a purpose. He is not there to entertain guests that come into my cube area. Though he does that quite well. Ask him about being cautioned taped to a power mac as entertainment to one of the nefarious network admins.
Jack is actually there so that I can explain my problems to him. When I was in college I had a TA that told us this story. While he was an undergraduate his TA would not help with with a problem unless they had already went up to a teddy bear and explained their problem. This caused the students to be self reliant. It forced them to to explain the what their code was doing line by line out loud. Instead of raising their hand at the first sign of trouble.
These TAs were very smart in that they were as the story goes teaching the students to fish instead of simply giving them fish. That they may never be hungry.
Monday, March 3, 2008
New Design
I just made some changes to the design on my other blog. Last weekend I was going through old photos and I came across some of my favorite pictures. This sunflower really appeals to me. I never noticed that there were star shapes in sunflowers before. I will be changing the look on this blog soon.
Saturday, March 1, 2008
Doom and Gloom of Recession
It appears that everywhere I go the hot topic is how we are in a recession. I can see how the housing bust has affected some of the economy. But really how big of a change is there? I will admit that I noticed that gas prices have gone way up. Other than that, I can't say that I have noticed anything.
Fire Fox 3
I really like firefox. The firebug plug-in is also great! However, I did feel like my computer always got slower and slower with firefox. There was controversy over memory leaks.
I have been testing out version three and I have to say it feels much faster. The user interface looks different also. I can't say if I like the visual changes or not. What I can say is that I like how it allows the user to save the currently opened tabs. Unfortunately firebug is not yet available for this version. Can't wait for version three to be completed.
I have been testing out version three and I have to say it feels much faster. The user interface looks different also. I can't say if I like the visual changes or not. What I can say is that I like how it allows the user to save the currently opened tabs. Unfortunately firebug is not yet available for this version. Can't wait for version three to be completed.
Thursday, February 28, 2008
How to prevent sql injection when using php and mysql
What is sql injection?
SQL injection is when sql statement that a programmer designed is hijacked to do other potentially bad things. Here is an example
$query = "select true from users where user='".$_POST['user']."'";
Why is this bad? (Hint what if a person submitted the following in the form field)
$_POST['user']="whatever;select true";
How can I prevent against sql injection?
there are a few ways:
use mysqli
use stored procedures and limit permissions for the account being used
use regular expressions
mysqli is a newer extension for accessing mysql in php. It is designed to be more secure than the previous mysql extension. The main point we are interested in for this post is the prepare and bind_param methods. As a good example is already available on the php site we will not show it here.
first we want to limit the permissions an account has to only being allowed to execute stored procedures. If the mysql stored procedure is done safely similar to how the mysqli extension handles it then we do not need to worry about sql injection.
regular expressions can be used to filter out items that we want to guard against. A common approach is to guard against the ';' as it is used to separate mysql commands. But event this does not protect against everything. The regular expression method is generally not favored as much as it is more difficult and error prone.
This post is brief but I intended to get add more to it later.
SQL injection is when sql statement that a programmer designed is hijacked to do other potentially bad things. Here is an example
$query = "select true from users where user='".$_POST['user']."'";
Why is this bad? (Hint what if a person submitted the following in the form field)
$_POST['user']="whatever;select true";
How can I prevent against sql injection?
there are a few ways:
use mysqli
use stored procedures and limit permissions for the account being used
use regular expressions
mysqli is a newer extension for accessing mysql in php. It is designed to be more secure than the previous mysql extension. The main point we are interested in for this post is the prepare and bind_param methods. As a good example is already available on the php site we will not show it here.
first we want to limit the permissions an account has to only being allowed to execute stored procedures. If the mysql stored procedure is done safely similar to how the mysqli extension handles it then we do not need to worry about sql injection.
regular expressions can be used to filter out items that we want to guard against. A common approach is to guard against the ';' as it is used to separate mysql commands. But event this does not protect against everything. The regular expression method is generally not favored as much as it is more difficult and error prone.
This post is brief but I intended to get add more to it later.
Wednesday, February 27, 2008
Dynamically Load Assemblies in C# framework 3.5
Here are two simple examples of how to dynamically load assemblies in framework 3.5 using c#
This first file will be our assembly that we wish to load
This first file will be our assembly that we wish to load
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace plugin
{
public class plugin
{
private string _message;
public plugin()
{
_message = "I am just a plugin";
Console.WriteLine(_message);
}
}
public class pluginAdvanced{
public pluginAdvanced(string message, int times)
{
string[] array = new string[times];
for (int i = 0; i < times; i++)
{
Console.WriteLine(message);
}
}
}
}
Then the exe that loads the file
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Reflection; //<--------very important line
namespace ConsoleApplication1
{
class Program
{
static void Main(string[] args)
{
// this first example just instantiates a class with no input parameters
Assembly dynamic = System.Reflection.Assembly.LoadFrom("./ClassLibrary1.dll"); // specify path to dll
object holder = Activator.CreateInstance(dynamic.GetType("plugin.plugin"));
// this second method instantiates a class that takes parameters
dynamic = System.Reflection.Assembly.LoadFrom("./ClassLibrary1.dll");
object[] passin = new object[2] { "I need to be heard", 2 };
holder = Activator.CreateInstance(dynamic.GetType("plugin.pluginAdvanced"),passin);
}
}
}
// good luck : )
Saturday, February 23, 2008
Free Icons
Thursday, January 10, 2008
Static Code Analysis
There are many ways to test software. I was looking at one of the features of Microsoft Visual Studio and found that they have one that uses Microsoft's Intermediate Language(why? because it is not language specific) and Callgraphs(graphs of function calls in a program) to check for defects in the following areas:
- Library design
- Globalization
- Naming conventions
- Performance
- Interoperability and portability
- Security
- Usage
Saturday, January 5, 2008
Useful way to calculate week of the month
I was looking at the date function in php to see if there was a method for calculating which week of the month a given date was. Example March 1st 2008 would be the first Saturday of March. Unfortunately there is no function that returns this information. However, I did find a reference in the discussion that followed the date function. Someone asked the exact same question. The following code is almost identical to what they posted.
$date = getDate(mktime(0,0,0,$month,$day,$year));
$days = $date['mday']-1;
$day = intval($days/7)+1;
$date = getDate(mktime(0,0,0,$month,$day,$year));
$days = $date['mday']-1;
$day = intval($days/7)+1;
Subscribe to:
Posts (Atom)