Wednesday, May 23
Mozilla Blogspot Issue
I am having this weird issue with Mozilla not able to display the html spurted out by CopySourceAsHtml utility and it happens only with the first post with html created by CopysourceAsHtml.
IE displays the posts correctly. Will have to look into this.
Compact Framework : Table Exist Method
In PDA based database applications one has to sometimes pull database/tables from the host machine/server onto the PDA (such as specific insurance agent's collection data). The procedure used is Remote Data Access (RDA). Compact framework has a stripped down version of the framework and some functionality available in the full framework isn't present on it.
I had a condition where I needed to I needed to check if a certain table existed on the pda database and if not then pull it from the server. I needed a table exist method and wanted to avoid the try catch code block which I have seen in use to derive that a table doesn't exist if you get a exception on something like this
'select (count(*) from premiums;'
I knew there would be a cleaner way to know if a table exist in a database or not.
Here is the method :
We query the meta data and get a clean answer, no try/catch needed derive the answer.
I had a condition where I needed to I needed to check if a certain table existed on the pda database and if not then pull it from the server. I needed a table exist method and wanted to avoid the try catch code block which I have seen in use to derive that a table doesn't exist if you get a exception on something like this
'select (count(*) from premiums;'
I knew there would be a cleaner way to know if a table exist in a database or not.
Here is the method :
We query the meta data and get a clean answer, no try/catch needed derive the answer.
430 ///
431 /// Queries the information schema to find whether a table exists or not
432 ///
433 ///
434 ///
435 private bool TableExists(string table)
436 {437 bool retAnswer = false;
438 try
439 {440 int exist = (int)ConnectionManager.DBInfoConnection.ExecuteScalar(
441 "SELECT count(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME='" + table + "'");
442 if (exist == 1)
443 retAnswer = true;
444 }445 catch (Exception ex)
446 {447 GenericLogger.Error("Could not query database for list of tables", ex);
448 }449 return retAnswer;
450 }Please ignore the non use of SqlParameters. I had to add this as a maintainence method in an
2-3 years old app and when you have to decide between your urge to make drastic(essential)
changes to a system and the number of hours that have been alotted
to this task, I think pragmatism wins.
Sunday, May 20
Visual Studio Must have tools & blog roll
If you are in ASP.NET development you are sure to stumble upon Scott Hanselman, the author of Professional ASP.NET 2.0. Recently I have started reading his blog reliously. Here is his list of tools and VS 2005 addins that are a must have and not to be missed.
Scott Hanselman's list of power tools
He has a important take on blogging. He rightfully contends that you will have returning audience only if your blog content is well formatted/indented and easy on the eyes.
I have started using the CopySourceAsHtml VS2005 plugin to do code blog posts. As you can see, I need to clean up old code posts on this blog and use the tool above to have the posts easy on the eyes.
I also like Jeff Atwood's writing, he says make it a habit to blog atleast once a week and make a commitement, since interpersonal and communication skills are so important and needs to honed with time. He writes on human factors in software development.
You can't miss Joel Spolsky author of the blog Joel on Software. His books are hilarious and fun to read.
I listen to Craig Shoemaker as often as I can. His show/blog is essential for every asp.net developer. He has the knack to explain beautifully the why/how/where approach for a solution.
Most podcasts/screencasts assume you know about things, while he explains things from the ground up.
One cannot miss the blog of the ASP.Net guru Scott Guthrie for ASP.Net tricks, tips, hacks, patches and advice.
I like to read blog by Jean Paul Boodhoo for knowledge about Test Driven Development and pattern based development.
I also sometimes refer to Scott Mitchel's blog. Scott, is a ASP.NET guru and consultant. He has an excellent series on "Working with Data in ASP.NET 2.0".
I will be editing this list this week, it is no way near completion.
Scott Hanselman's list of power tools
He has a important take on blogging. He rightfully contends that you will have returning audience only if your blog content is well formatted/indented and easy on the eyes.
I have started using the CopySourceAsHtml VS2005 plugin to do code blog posts. As you can see, I need to clean up old code posts on this blog and use the tool above to have the posts easy on the eyes.
I also like Jeff Atwood's writing, he says make it a habit to blog atleast once a week and make a commitement, since interpersonal and communication skills are so important and needs to honed with time. He writes on human factors in software development.
You can't miss Joel Spolsky author of the blog Joel on Software. His books are hilarious and fun to read.
I listen to Craig Shoemaker as often as I can. His show/blog is essential for every asp.net developer. He has the knack to explain beautifully the why/how/where approach for a solution.
Most podcasts/screencasts assume you know about things, while he explains things from the ground up.
One cannot miss the blog of the ASP.Net guru Scott Guthrie for ASP.Net tricks, tips, hacks, patches and advice.
I like to read blog by Jean Paul Boodhoo for knowledge about Test Driven Development and pattern based development.
I also sometimes refer to Scott Mitchel's blog. Scott, is a ASP.NET guru and consultant. He has an excellent series on "Working with Data in ASP.NET 2.0".
I will be editing this list this week, it is no way near completion.
Thursday, May 17
Sanitization against Sql injection attacks.
Here is what I use to sanitize my text input before inserting into DB. Most of the code is from a msdn article on how to avoid sql injection attacks.
29 ///
30 /// make search text input sql safe.
31 ///
32 ///
33 ///
34 private static string SafeSqlLikeClauseLiteral(string inputSQL)
35 { 36 // Make the following replacements:
37 // ' becomes ''
38 // [ becomes [[]
39 // % becomes [%]
40 // _ becomes [_]
41 42 string s = inputSQL;
43 s = inputSQL.Replace("'", "''");
44 s = s.Replace("[", "[[]");
45 s = s.Replace("%", "[%]");
46 s = s.Replace("_", "[_]");
47 return s;
48 }
49 ///
50 /// make text input sql safe
51 ///
52 ///
53 ///
54 private static string SafeSqlLiteral(string inputSQL)
55 { 56 return inputSQL.Replace("'", "''");
57 }
58 ///
59 /// convert '' to ' when returning to the user, Remember, only to be used
60 /// when returning strings to user.
61 ///
62 ///
63 ///
64 private static string Desanitize(string output)
65 { 66 return output.Replace("''", "'");
67 } 
Subscribe to Posts [Atom]