Archive for the ‘asp.net’ Category

Attachments in Programming

December 12, 2006

I am wanting some advice on getting started on an application that has to take attachments. Basically, I have an application that creates/pulls data from MS SQL Server. With this data, the user can add attachments that are associated with it. I am wondering what is the best (I know that’s subjective, but opinions are what I am asking for) route to take for accomplishing this task. Here are my thoughts:

1) In the database, have a column with links separated by a semicolon.

Pro – Small storage on the database
Con – If the file is moved/modified, the database had to be updated at the same time. Also, processing time for going through the list of attachments.

2) In the database, just have a column that actually points to the attachment itself, letting SQL Server load the attachment internally (not sure if that’s possible, but I know that Wiki’s do it). Basically, it would be like inserting the attachment into the database, and letting SQL Server do it’s thing.

Pro – Easy to code (hopefully)
Con – Not sure about the security… could load a malicious file…etc..

Any thoughts would be great! Thanks all!

Posted in asp.net | 3 Comments »

Defensive Programming JScript

December 5, 2006

Over the course of programming in javascript, one can easily lose the concept of defensive programming in that language. I mean come on… it’s likely that the javascript you put in your site is just for fancy popup boxes or capturing keys, etc, and this is not really a crucial factor to consider for your site to properly run.

So in essence, most of us simply put code like so…

function Test()
{
if( document.getElementbyId('mycheckbox').Checked )
//do something
}

We all know that javascript does not have an assert of any kind, but would you necessarily use this same kind of logic in your code behind? I assume not. You would probably want to check to see if this object exists first. Granted, you do not want to always do this because then your code becomes a “Coding Horror”, but nonetheless, it should probably be at least considered in your javascript code, especially if you’re attempting to write generic javascript functions.

Try this on for size:

function Test()
{
var checkbox = document.getElementById('mycheckbox');
if( checkbox != null )
// do something
else
// do something else
}

So next time you get a javascript error in your code, instead of “fixing” it, try a little defensive programming. It could make your life a lot easier, and besides, putting a little extra load on the client never hurts right? :)

Posted in asp.net | Leave a Comment »

VB.NET vs C#

December 1, 2006

Uh oh… not another one of these threads.

I have developed applications in both C# and VB.NET. If you’re an OO programmer, you’re obviously pointing your nose up to the disgrace of VB6, and righteously so, but don’t be so quick to judge on VB.NET.

If you are not already familiar with the .NET framework, it is a power house collection of classes that are beautifully designed. Now, coming from a shop that had VB6 as a primary language, I was a bit skeptical about VB.NET, but I have turned a new leaf. From what I can tell, you can apply all of the OO design you want in VB.NET just as well as C#.

MS has done a bang-up job with VB.NET (and the .NET framework itself for that matter). What used to be lacking was the XML comments, but with ASP.NET 2.0 and VS 2005 that once empty void has been filled with the three single quotes and intellisense. So, next time you decide on which language to use in the .NET framework, my answer to you is the one easiest for you. Honestly, C# is probably less writing (the whole Dim blah as Type can be rather annoying), but the semantics are exactly the same. Enjoy!

Posted in asp.net | Leave a Comment »

DES Encryption VB.NET

December 1, 2006

For those who want to use a simple encryption scheme that compiles and does not eat up your processor, I have provided a snippet. Enjoy. It is single pass DES encryption using the .NET framework.


Imports System.Security.Cryptography
Imports System.IO
Imports System.Text

'''
''' Encrypts the given input using single pass DES encryption.
'''
''' Input string to be encrypted.
''' Encrypted string.
'''
Public Function Encrypt(ByVal input As String) As String
Dim encryptedString As String = Nothing
Dim desKey() As Byte = {&H1, &H23, &H45, &H67, &H89, &HAB, &HCD, &HEF}
Dim desIV() As Byte = {&H1, &H12, &H23, &H34, &H45, &H56, &H67, &H78}

' assign the byte array
Dim b_inputArray() As Byte = Encoding.UTF8.GetBytes(input)

'more efficient to use DES encryption, but the keys are easier to break since
'limited to only 64 bit encryption
Dim des As DESCryptoServiceProvider = New DESCryptoServiceProvider()
Dim cs As CryptoStream = Nothing

Dim ms As MemoryStream = New MemoryStream()

Try
' write out the string to the memorystream for further use and easy
' conversion to a string value
cs = New CryptoStream(ms, des.CreateEncryptor(desKey, desIV), CryptoStreamMode.Write)
cs.Write(b_inputArray, 0, b_inputArray.Length)
cs.FlushFinalBlock()

' build the string into a readable format excluding non-generic ascii values
encryptedString = Convert.ToBase64String(ms.ToArray())

Catch ex As Exception
'error handling here
Finally
' clear out the memory
desKey = Nothing
desIV = Nothing
b_inputArray = Nothing
des.Clear()
des = Nothing
cs.Clear()
cs = Nothing
ms.Close()
ms = Nothing
End Try

Return encryptedString

End Function

'''
''' Decrypts the given input using single pass DES decryption.
'''
''' Input string to be decrypted.
''' Decrypted string.
'''
Public Function Decrypt(ByVal input As String) As String
Dim decryptedString As String = Nothing
Dim desKey() As Byte = {&H1, &H23, &H45, &H67, &H89, &HAB, &HCD, &HEF}
Dim desIV() As Byte = {&H1, &H12, &H23, &H34, &H45, &H56, &H67, &H78}

' assign the byte array
Dim b_inputArray() As Byte = Convert.FromBase64String(input)

'more efficient to use DES encryption, but the keys are easier to break since
'limited to only 64 bit encryption
Dim des As DESCryptoServiceProvider = New DESCryptoServiceProvider()
Dim cs As CryptoStream = Nothing

Dim ms As MemoryStream = New MemoryStream()
Dim encoding As System.Text.Encoding = System.Text.Encoding.UTF8

Try
' write out the string to the memorystream for further use and easy
' conversion to a string value
cs = New CryptoStream(ms, des.CreateDecryptor(desKey, desIV), CryptoStreamMode.Write)
cs.Write(b_inputArray, 0, b_inputArray.Length)
cs.FlushFinalBlock()

' build the string into a readable format excluding non-generic ascii values
decryptedString = encoding.GetString(ms.ToArray())

Catch ex As Exception
'error handling here
Finally
' clear out the memory
desKey = Nothing
desIV = Nothing
b_inputArray = Nothing
des.Clear()
des = Nothing
cs.Clear()
cs = Nothing
ms.Close()
ms = Nothing
encoding = Nothing
End Try

Return decryptedString

End Function

Posted in asp.net | 1 Comment »

Referencing Server Controls in Javascript .NET 2.0

November 29, 2006

Ahhh.. the joys of getting client script and server script to communicate. I came across an issue with trying to javascript to validate some server controls (asp:textboxes, asp:checkboxes, etc) before submitting the form. Well, I assigned the ID and then in my javascript I said document.getElementById(‘ID’) and kept on getting a object reference not found error. After trying a few things out, I realized two key points:

  • Defensive programming is a must in javascript.
  • Server controls are assigned a unique ID as they are rendered by ASP.NET.

There is a ClientID and an ID for server controls. The ClientID (if you look at the client html) is what gets assigned an ID. So what you have to do is either pass the ClientID into javascript…. or use the handy dandy ClientScript.RegisterClientScriptBlock in the asp code to register the client script and pass the Control.ClientID into it. Pretty cool stuff. Enjoy!

Posted in asp.net | Leave a Comment »