Archives
-
CSS Computed Styles
I have not been blogging here because I've been doing a lot of web design research lately which does not involve ASP.NET. I'm really slacking off on improving my programming skills. I went on a fabulous vacation and never came back mentally. However I'm still making the effort to master web design so I will share some of my recent discoveries.
-
Vlogging Web Development
The web site I've been working on, Vloggerheads, will be opened to the public tomorrow. You can view the videos and blogs but you won't be able to comment or post videos unless you request membership and are approved. You might want to check out the video of the shrine that was built to me or the many videos thanking me for adding much needed features to the site. LOL
-
JavaScript XML Cheat Sheet
Recently I was working on some complicated JavaScript to nest unordered lists and list items to match an Atom feed's XML structure. I had to spend an entire day researching JavaScript's XML parsing capabilities because there is no place on the Internet where this information is gathered to my satisfaction. I created a JavaScript cheat sheet on XML for my notes. I thought I would share it with you in order to get some feedback for improving my notes. Let me know if you know of a JavaScript library that eases the pain of working with XML in JavaScript. jQuery is somewhat useful for this if you use its DOM selectors on an XML document instead of the web page document. var entryNode = $('entry',xmlDoc).eq(5);
-
Threaded Comment System
I'm currently working on threaded comment systems. Comment threads allow you to reply to a comment. This is a feature that the users are clamoring for on Vloggerheads because it is a popular feature on YouTube . Even the trolls are wondering when we are going to have this feature. One of the more amusing aspects of this project is the ongoing video commentary from the peanut gallery. It is like having Bill O'Reilly doing vicious news reports about the progress, or lack of progress, of your project.
-
How To Add A New Property To The AJAX Calendar Control
I've finally gotten around to using something from the AJAX Control Toolkit in an actual project. My client was dissatisfied with the <asp:calendar> control so I offered to AJAX enable the site and replace it with the fancier Calendar control from the ASP.NET AJAX Control Toolkit. Naturally the client found something he wanted to work a little different. This calendar control was for entering your birth date and he did not want the user to scroll back decades to find that date. He wanted the calendar to show up with the 1990-1999 decade already visible so the user could start from there. Fortunately I remembered that the ASP.NET AJAX Control Toolkit comes with all the source code so you can customize it to suite your needs.
-
Vloggerheads - The Social Networking Revolt
I'm finally working on a project with the potential to be a really high profile web site. I've offered my services as a volunteer programmer to the http://www.vloggerheads.com web site which is being built on the Ning social networking platform. This site is an attempt by prominent vloggers from YouTube and LiveVideo to take control of their community.
-
Trying Out The SQL Server 2005 Driver For PHP
I regularly browse the ASP.NET Weblogs for hot tips so when Hosam Kamel and Jose R. Guay Paz announced the release of the SQL Server 2005 Driver for PHP I decided to give it a try.
-
Lagging Behind The ASP.NET World
Since we have not moved to Visual Studio 2008 at work, I have been unable to keep up with the progress in ASP.NET technology. I can't get into Silverlight 2.0 or ASP.NET MVC without Visual Studio 2008.
-
ASP.NET Does Not Exist For Web Designers
I've been exploring the world of the web designer and noticed that ASP.NET does not exist in that world. I've been reading web design blogs and browsing through articles on http://www.designfloat.com/, a sort of DIGG site for the design community, and I don't encounter any mention of ASP.NET at all.
-
Automate MSSASI As A Shell Command
I have created an ASP.NET page to automate the Microsoft Source Code Analyzer for SQL Injection command line tool. It would be tedious to craft a command for every page in a large Classic ASP web site. I was unable to scan my entire site until I developed this ASP.NET page.
-
Custom Web Service Test Page Design
You can customize the design of a web service's test page with a single line of code in the web.config file. But like most things in ASP.NET it is not that easy if you actually try it!
-
File Download Progress Bar
Yesterday I added a progress bar to my ASP.NET page for downloading YouTube videos. There was no visual indication that the download was taking place because the page just appeared to be taking a long time to load. I would have to open the download file location to verify that something was being downloaded.
-
SQL Injection Security Experiences
Last evening I tried out two of the tools that Joe Stagner wrote about in his blog post Tools to block and eradicate SQL injection. Since I manage a classic ASP web application that was completely lacking in security and potentially vulnerable to these attacks, I thought I'd share my experiences.
-
Downloading Files With ASP.NET
Currently I'm using ASP.NET in an unconventional manner to write scripts that download files. Asynchronous tasks and the WebClient object's DownloadFile method are proving to be a very convenient combination of features which makes it easy to automate the process of downloading a lot of files.
-
Creating Captcha Images Using The GD Library
I have found a random PHP script for creating captcha images using the GD Library and I've converted it to C# as promised in my previous blog post. I learned something new on this project. The first color in a new image will be the background color but only if the image is not using TrueColor.
-
Dynamic Heading Generator
There is a PHP script on A List Apart for dynamically generating images for paragraph headings using fonts. I have successfully translated this script into C#.
-
Asynchronous Video Downloader
I've been exploring asynchronous operations in ASP.NET 2.0 and while I don't have anything original to contribute you might find how I used this technique interesting. Even when the code is well documented it can be useful to know how it might be applicable to a specific problem.
-
List Installed Fonts
Here is some simple code for creating a list of all your installed fonts in order to create a visual reference. It may be of more interest to a web designer. I suggest you print the web page so you can easily find an appropriate font. Some applications have font drop down menus that display font names using that font but I would rather have a handy print out.
-
SQL Injection Threat On The Rise
I've been following the rise of SQL Injection attacks because I'm busy protecting a vulnerable web application. I'm very critical of the lack of attention this is getting in the developer community. In my opinion, if web developers were really communicating and collaborating with each other there would be a lot of chatter about this problem. I'm sure there are many programmers being kept busy dealing with the aftermath of these attacks but they are probably all implementing their own quirky solutions in isolation without the benefit of community feedback. And it is the lack of community which created the problem. There is no peer pressure to think about security or exchange of ideas on how best to protect a site against SQL Injection attacks (a topic that can generate a lot of debate). And without any discussion about the SQL Injection attack many developers are going to remain ignorant about it. There is however some ridicule about a lame attempt to protect against SQL Injection to be found on The Daily WTF. It is worthwhile to read through the comments.
-
What Are You Working On?
I've been very busy so instead of blogging about one specific thing I have a lot of minor stuff to report.
-
ASP.NET Cryptography Insecurities
I've found a serious shortcoming in one of the security methods I've been using. I've inherited two projects in which social security numbers were stored in a database in an unencrypted format. For the web application I don't think the SQL Server 2005 built-in encryption methods are an option because the web hosting company is still using SQL Server 2000. Instead, I used the .NET Framework's built-in cryptography classes found in the System.Security.Cryptography namespace. I used the Rijndael (aka Advanced Encryption Standard (AES)) cipher in a custom assembly which I uploaded to the web server's bin directory without the source code. This encryption method relies on a 128 bit key and an initialization vector (IV) which are basically just byte arrays of 16 numbers.
-
Access Provider With LoginAdapter Conflict
Today I discovered that you cannot use the LoginAdapter from the CSS Friendly Adapters with the Sample Access Providers. I am using an Access database for my Membership Provider because I only needed a login form for my administration directory and did not want to go to the trouble of adding the Security, Membership, and Role Management schema to my SQL Server database.
-
Massive SQL Injection Attack - Did You Hit The Snooze Alarm On The Wake Up Call?
I've seen very little blogger chatter about the massive SQL injection attack that is making the news even though it is us web developers who are being blamed for it. Even Jeff Atwood has neglected to blog about it and he loves to rant about shoddy coding practices in the industry.
-
LiveVideo Acquires Pageflakes
TechCrunch has reported that Live Universe has acquired Pageflakes and plans to integrate it into LiveVideo. In fact you can already get some sense of how the integration will look by visiting the beta site at http://livevideo.pageflakes.com/
-
Iterate Through The Form Collection In ASP.NET 2.0
Yesterday I had to use an iterator to loop through all the data values in a form request. This is well documented for classic ASP and can even be found in the old Active Server Pages SDK help file but it was difficult to find the same method to use for ASP.NET 2.0.
-
Generating YouTube Tag Clouds Using ASP.NET
I've finally used ASP.NET 2.0 on my web site. Today I uploaded an ASPX page that generates a tag cloud based on all the tags from a YouTube user's videos. I got this idea from Tweet Clouds, a web site that generates tag clouds based on Twitter posts. I searched the Internet and did not find any similar service for YouTube videos.
-
Silverlight SDK Versions And Aggravations
Today I spent the morning trying to figure out some of the reasons for my aggravation with Silverlight development. The first thing I discovered was that I had the RC (Release Candidate) version of the Silverlight 1.0 SDK instead of the RTW (Release To Web) version. This can certainly lead to many aggravating errors and problems.
-
Disgusted With Silverlight
Today I worked on a Twitter client in Silverlight. I got pretty far on this project but had some problems creating hyperlinks in the text. I tried the Hyperlink tag in the XAML Pad and it worked there but it would not work in my Silverlight project. I did some research on the Internet and found a web page with a hyperlink example. Incredibly, this example would have you handle all the mouse events and even the text decoration to make a TextBlock act like a hyperlink. This web page also directs you to "See the documentation for TextDecorations property of the TextBlock object in the Silverlight SDK".
-
Twits On Yahoo! Maps - My First Mashup
Today I've created my first bona fide mashup using the Yahoo! Maps API and the Twitter API to map my friends' location. Although I've been playing around with many Web 2.0 APIs, this is the first time I've combined any of them in true mashup fashion.
-
Online Video Production
Over the long weekend I made some excellent progress in my online video production work. I managed to significantly improve the quality of my YouTube videos and I explored Microsoft Expression Encoder and Silverlight Streaming.
-
Shipping Rules Are My Bread & Butter
Today I've just realized that the vast majority of my work has been customizing shipping rules. You'll never be out of work if you specialize in shipping rules. Businesses can never seem to accept the default shipping options and software cannot be designed with a fully configurable shipping rule system. All ecommerce shopping carts try to make the shipping options configurable but they simply can't accommodate all the special needs for pricing and shipping a wide variety of products.
-
The Significance of Social Computing
I'm back from a fantastic vacation, the first YouCruise, a Carnival cruise organized by YouTube vloggers. I will blog about the cruise extensively elsewhere but I do think it is appropriate to write about the social computing aspects here.
-
Send Email Attachment Using A Memory Stream
I've been struggling to solve a file lock problem with some files I send as email attachments. I finally solved the problem by creating my documents in memory and sending the email attachment from a memory stream. This eliminated the need to write a file to disk and delete it later. I didn't find any sample code that did exactly what I wanted so I'll share the code I finally came up with.
-
Secrets of the Rockstar Programmers
Today I got wind of a new book that makes me laugh, "Secrets of the Rockstar Programmers: Riding the IT Crest" by Ed Burns. This book has not been published yet but based on the clues I would guess it focuses on Java programmers. I thought "rock star programmers" only used Ruby On Rails.
-
Noteworthy Details
Today I learned several things that were "noteworthy" so I might as well share my knowledge. Whenever I learn something new in the course of my work I add it to my massive collection of notes.
-
Blog Backups
I have managed to restore my WordPress blog by taking advantage of search engine caches. This is a good opportunity to review the lessons learned during an unexpected hosting company snafu.
-
Membership, Profile & Role Management Frustration
I've been migrating a classic ASP web application to ASP.NET 2.0. I'm converting the existing user management system to the ASP.NET 2.0 profile, roles, and membership API because it is the new standard. However, I have been frustrated by the lack of a back end user management system. Microsoft provided the Web Site Administration Tool which can be invoked in Visual Studio during development but you can't use that as part of your web application management back end. There really should have been a pre-built user management tool to include in your project.
-
My blog is toast
Last night I discovered that my cheap hosting company had accidentally downgraded my hosting package. I suddenly found lots of advertising on my web site. The CGI and FrontPage extensions support were turned off and the MySQL database was gone. This effectively deleted my WordPress blog which has not been backed up since October. They had better restore the MySQL database so I can get my blog back!
-
Yahoo! Pipes - Rewire The Web
Recently I've discovered a fantastic free service provided by Yahoo! which makes it possible to convert any XML data feed into a JSON data feed. http://pipes.yahoo.com/pipes/ It is easy to create a pipe that provides a JSON data feed with a callback function for web services that don't actually implement that functionality in their API.
-
I Pounce On The Pownce API
The microblogging site http://www.pownce.com/ has opened to the general public so I decided to give their API a try. But the main point of this blog post is to dispute the assertion that JSON is "easy for humans to read and write". It is not easy to read! JSON is a mess of curly braces, brackets, and quoted strings that is even more difficult to read than XML. I had considerable trouble working with the JSON data that Pownce provides because it seems to be nonstandard and requires the use of array indices which aren't usually needed. At first I tried to determine the data's object model by loading the XML version into XML Spy and finding the XPaths for a value. This was only slightly useful. Then I found a JSON Viewer on CodePlex which proved to be extremely helpful.
-
ASP.NET 2.0 Design Templates Are Available
After I wrote my last blog post I did a search for ASP.NET design sites and found an old set of design templates on MSDN. http://msdn.microsoft.com/en-us/asp.net/aa336602.aspx This appears to be a special section of MSDN that Microsoft created for designers who will be working with ASP.NET 2.0. I also found an old blog post from July 2005 which seems to be about this Dev Center for designers: http://blogs.msdn.com/bgold/archive/2005/07/15/439299.aspx Unfortunately I get the impression that this project didn't attract much interest or continue beyond its initial effort. For instance, there is a dead link for Building ASP.NET 2.0 Web Sites Using Web Standards. However, there are several design templates for you to download and examine. This resource seems to be all but forgotten. It was not mentioned in the Professional ASP.NET 2.0 Design: CSS, Themes, and Master Pages book I read or linked to on the official Starter Kit web page so I thought I'd draw attention to it here.
-
ASP.NET Web Design - Beyond CSS
I haven't really searched for ASP.NET web design ideas and styles but I certainly have not come across anything through my casual reading of online articles. You can find plenty of material on the technical aspects of themes, ASP.NET 2.0 CSS Friendly Control Adapters, master pages, and skins but nobody applies any actual design to their examples. I've been researching many web design sites but their focus is entirely on CSS. Web designers don't seem to concern themselves with anything except the CSS while developers totally avoid applying the eye candy. This leaves being visually creative with ASP.NET an uncharted territory.
-
Amazon Wish List In JSON
Today I explored some alternative JavaScript coding methods to make it easier to dynamically create DOM elements. I used jQuery and the jQuery Plugin, FlyDOM, to work with the Amazon web service API. I bought the book Amazon.com Mashups by Francis Shanahan from the Computer Books Direct club which is closing and selling books cheap. I have not read the book yet but there is a chapter on converting Amazon data directly into JSON using XSLT (hmm, interesting) and it actually covers several other APIs and the technology behind mashups. There was some mention of Amazon wish lists which attracted my attention because I use wish lists to save books that I come across which I may want to buy some day. In other words, this is personal data that I am actually interested in.
-
JavaScript Libraries
I've been working a lot with JavaScript lately so I decided to check out all the JavaScript libraries that are available. Many of these libraries have useful utility methods and modules for JSON and AJAX. There are six libraries that I intend to explore; the Microsoft AJAX Client Library (I need to see what was added in 3.5), the Prototype JavaScript Framework, the Dojo Toolkit, MochiKit, and the Yahoo! User Interface Library (YUI), and jQuery.
-
Document Your CSS As A Poster
I've been using StumbleUpon to find interesting web sites about web development and yesterday I found a site that will generate a poster of your CSS. It creates an image that resembles a class diagram. I think it is a great way to document your style sheets. One of my style sheets produced such a massive and confusing diagram that I think I'll show it to my client so I'll look like a genius.
-
Visual Studio Woes
I was working on converting an ASP.NET 1.1 web site to ASP.NET 2.0 today but I will probably regret it because I have been having problems with Visual Studio 2005 and Microsoft Visual Web Developer 2008 Express Edition. Ever since I have installed Microsoft Visual Web Developer 2008 Express Edition I've been finding the msiexec.exe (Windows Installer) process running and bogging down my PC. This occurs every now and then when I'm using either Visual Studio 2005 or the Microsoft Visual Web Developer 2008 Express Edition. Below is a screenshot of the culprit in Process Explorer where you can see it hogging the CPU.
-
Developing Web Widgets
Last night I finally finished the improvements to my xml2json generic handler which were required to develop a Stickam widget. Since I am sending the URL of the feed as a query string value to the generic handler it was necessary to deal with ampersands in the feed's URL without screwing up the query string. So I added a line to replace the | character with the & character. If I have a feed with an ampersand in the URL I'll just send it with the | character instead. Trace listeners don't seem to work in generic handlers so I added code to write the feed URL and the JSON string to a log file for debugging purposes. The Stickam players in the XML were causing invalid JSON syntax because they were not getting null values. I am not interested in that information so I used RegexBuddy to come up with the regular expression to replace them with empty strings. I came across the infamous "invalid label name" error so I added parentheses around my JSON string. The last thing I did was add XML comments for the method that actually converts the XML to JSON because this code should be replace when a more reliable algorithm becomes available:
-
JSON Syntax Checker Tool
Yesterday I found a useful tool for checking the syntax of JavaScript Object Notation strings: http://www.raboof.com/Projects/JsonChecker/ I needed that because I'm trying to create a widget for Stickam that will work in my compiled help file. I'm using my xml2json generic handler to convert XML to JSON and apparently it generated some invalid JSON. This tool helped me to narrow down the location of the syntax error.