Friday, December 16, 2011

JavaScript Introduction

Web site development is not simply about 'designing', neither does it comprise of learning one language and excelling in it. Instead for good designs and better websites you need to get hands-on on several skills/tools/languates. For e.g. if you are working on ASP.Net, you'll need to know your way in and out of ASP.Net, then you'll need to know be proficient at a programming language like C# or VB.Net to do all the code-behind stuff.
In addition to that you'll need to have a good knowledge of Javascript and CSS. What are they? How are they used? What can be accomplished through them? etc.

(Of course there are a lot of other things involved in web site development, such as security, but let's keep that for another discussion.)

What is it? (What can be accomplished through it? and other similar questions)
First up Javascript and Java have nothing to do with each other, although the similarity in names is misleading.
To put simply, Javascript is used to add interactivity to web sites/pages. Using Javascript
  •     one can add HTML dynamically to the page, so that a piece of HTML is only included in the page when certain condition is true. For e.g. greeting message can be displayed based on the time of the day the page is viewed. (Good Morning, Good Afternoon etc.)
   
  •     to validate input before sending it to the server. As each request to server is time and resource consuming, it is considered smart to validate input before sending it to server.
   
How is it used?
Let's start working on JavaScript now.

The first step is to understand the ways through which JavaScript can be added to a web page.
There are two simple ways to do it:
  1. Include JavaScript in the page itself.
  2. Write JavaScript in a separate file and then include the file in the page (this method is beneficial whenever the same JavaScript needs to be used on multiple pages).

The script tag:

For implementing both the methods mentioned above, the script tag is used.
Usage: (Method # 1)
<script language = "JavaScript">
//JavaScript code
</script>

Usage: (Method # 2)

<script language = "JavaScript" scr = "filepath" />

The src (source) attribute expects a file path. The name of the file containing JavaScript MUST have the extension ".js".


References:
Book: Java Script and Jscript by Jaworski


Thursday, July 14, 2011

Folder options in Windows 7

In a lot of things, Windows 7 is different from Windows XP.

Just the other day I needed to display the extension of all files. This could be done easily in XP with folders options. But in Windows 7, where do I find the "Folder Options".
For folder options on Windows 7, follow the below steps.
  1.  Start (the windows icon at the bottom left corner) -> Control Panel
  2. If you can't find "Folder Options" anywhere, locate the "View by:" title at the top right corner. It must be set to Category for you to not see Folder options. Change it to either "Large Icons" or "Small Icons".
  3. You'll now be able to see "Folder Options". You can play with it all you want.

Sunday, April 17, 2011

Informative links on ASP.Net Page Cycle, View State and Session Tracking

ASP.Net View State Contains information on ASP.Net Page Cycle as well

Cross Site Request Forgery Attack

Cross site request forgery attacks constitute of tricking a user to unknowingly send a request, of, say, transferring funds to the attacker's account.

Formal Definition:

" is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts"
~Wikipedia

AKA (Also Known As):

One-click attack
Session riding

Abbreviated as:

CSRF or XSRY (pronounced as sea-surf) 
Difference from XSS(Cross-Site Scripting):

Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.
To understand how it works, we first need to understand the concept and working of cookies and session.


Cookies:

If a user has cookies enabled on his/her web browser, every time the user makes a request to a web server, (that is, accesses a web site) the web server stores information in a piece of text called cookie.

This cookie is hereafter used for identifying this user uniquely.


Session:

Session is another way to identify users uniquely. If you have worked on ASP.Net applications you will know that values that need to be stored for a particular user are added in Session. Each session is uniquely identified by an ID called Session ID.

When a user makes a request to an application that implies session and if the user has cookies enabled the Session ID generated would be stored in the cookie. And for every subsequent request this Session ID would be sent to the server. The server would use this Session ID to identify the user. This way the user would not need to authenticate himself/herself for each request.

Once the user's session has been assigned an ID, it is returned to the server for every request. However, if the time elapse between two requests is more than the timeout value, the session is said to be expired and the user will have to identify himself again, (for e.g. login again) if the user wishes to continue using the web site.
 
How CSRF Works?
Consider the following scenario:
1. You are logged into your internet banking account.
2. Simultaneously you are also checking out a forum.
3. Let's say you click on an innocent looking link on the forum.
4. Though this link "looks" innocent, it actually isn't. In fact, it sends a funds transfer request of say, Rs. 1000 destined for his own account.
5. How is this possible?.. 

It is possible if the internet banking website you are visiting does not have a multi step funds transfer process, or even if it does, the last step, which is the final step where funds are actually transferred to the destination account does not check if the previous steps have been performed, and simply transfer funds without verifying the user sending the request. Here, the site blindly trusts the Session ID sent by the client browser (through cookie) to authenticate the user.

How does the hacker know the web page of the final step.
Simple.. The hacker may also have an internet banking account and has, therefore, noticed the link of the funds transfer page and also that the amount and destination account number are made a part of the link. For e.g, the link may look something like:

www.internetbanking.com/funds/amount=1000&account=123567890

(Normally, web sites that provide features which involve money transactions or that provide any type of crucial information should never ever make even minor fields like amount a part of the URL.)

So, here's a small introduction to CSRF.

Helpful Links:

Saturday, April 16, 2011

Data Transfer Objects

While writing softwares there can be a need of any/all of the following:
  • Transferring data across applications/boundaries/network
  • Sending a long list of parameters to a function
  • Returning multiple objects


Problems:
  • When you communicate over a network, multiple calls may be involved in order to accomplish a single task. 
  • Sending a long list of parameters may incur unnecessary errors, as the developer might make a mistake in giving input parameters.
  • Although returning multiple objects is possible through the "out" parameter, a long list of "out" parameters is cumbersome.


When faced with such a dilemma it is wise to use a design pattern called a "Data Transfer Object".


MSDN describes DTO as:


A DTO is a simple container for a set of aggregated data that needs to be transferred across a process or network boundary. It should contain no business logic and limit its behavior to activities such as internal consistency checking and basic validation. Be careful not to make the DTO depend on any new classes as a result of implementing these methods.




From the above definition we gather that a DTO:
  • may be a simple class with properties exposed.
  • may contain only basic validation code.
  • should not contain any business logic.


MSDN also gives two possible ways of writing DTOs:

  1. Writing Custom Classes: Let's say you have an application that requires login. For login applications normally have a user object with properties like User Name, Password, Creation Date, Permissions etc. This information is normally validated through database. But there is also a possibility that data is required from different sources.
    Whatever the case, the user object remains the same. Remember that Data Transfer Objects do not contain any business logic, therefore, it does not make any difference from where the data is obtained. You simply need to create a class with properties for User Name, Password, Creation Date, Permissions etc.

  2. Using Collections:
    Let's say you need to invoke a Web Method which would require sending a long list of parameters. In this case you can change the signature of the web method so that it expects one Array List (or any other collection) instead of a list of parameters.

    Here you'll simply have to create an object of Collections (System.Collections in .Net) and fill in the required values in the collection.

    The disadvantage with this approach is that each parameter/field would loose it's actual data type. You'll have to add all the required fields after casting them into a particular data type, say Object or string. And this would require casting them back to their original data types later on, which may incur errors.

Referenced Links:
http://msdn.microsoft.com/en-us/library/ms978717.aspx

Saturday, April 2, 2011

Calibre Ebook Management

In order to read any book on iPod/iPhone, the book needs to be in a format called ePub. Calibre is a software used to convert ebook into different formats.





  1. Download Calibre
  2. Install Calibre on your pc. 
  3. Add your ebooks to Calibre (in any format PDF, .lit etc)
  4. Convert them to ePub Format
  5.  Simply transfer the books from Calibre to your device.
Not all ebooks come with a cover page. To change that, edit the metadata of your book and either let Calibre search for the cover page, provide your own or enter the ISBN code and give Calibre another chance to search the cover page.
(I usually search the book on Amazon.com and enter the ISBN code given there.)

Applications with a Touch

We are all aware of the common iPod touch/iPhone applications like Fring, Nimbuzz etc. But how many of us are aware of the other more interesting applications to save the day?
Below is a list of a few applications which can help you pass an exam, polish your vocabulary or some just plain-ol fun apps.

AccelaStudy:

Planning to give SAT/GRE exams or simply looking for improving your vocabulary?
Accela Study might just be what you need.

Features:

  • The free version offers 100 useful words with the option to learn the words using the “study” or “flashcard” option.
  • The flashcard option gives the word and its meaning only. While the study option allows you to learn the word’s synonyms, hence giving you a chance to further enhance your vocabulary.
  • The study option also gives an example sentence so that the usage becomes clear to the learner.
  • Both the options come with the feature of hearing the pronunciation which is a great plus if it’s not just an exam that you are targeting.
  • You can also create your own study sets of selected words.
  • Moreover, you can test yourself with the “Quiz” feature.
  • If you like the free version you can proceed to buying more enhanced versions of vocabulary builder by AccelaStudy.



Dictionary:
Need a dictionary on your device to assist when you need to find the meaning of a difficult word. Why not install the application of our favorite online dictionary?
The best thing about it is that you don’t need an internet connection for searching up words and their meanings. But you do need to be connected when you wish to use “Word of the Day” or hear the pronunciation of a word.
I usually read ebooks on my iPod touch and to find the meaning of any unknown word I consult this application. When I get done with reading I switch to the “Recent” tab to revise the words.

iBooks:
A lot of ebook reading applications are available where you can find a few free books as well.
iBooks is one such application and has been designed by Apple. But you have to buy books from iBookStore or transfer it in some way to your iPod/iPhone.
With a catchy interface of a book shelf and the stored books nicely placed face-up on the shelf. But the effect that really grabs attention is the slick page-turning effect which gives you afeel that you are actually reading a book and turning physical pages. To add more to this feeling, the application provides the readers with the feature to book mark a page. (More than one bookmarks can be added.)
Moreover, just like you will highlight or write small notes on a book, the same can be accomplished in iBooks with a few taps here and there.
Plus there are a few more features which are not a part of our traditional non-ebooks and these are changing fonts and switching background between Sepia and normal. Another interesting feature you wish you can have with hardbound books is the ability to search words/phrases in the book.
So, fix the brightness in accordance with the time of the day, change the background and font style in accordance with your mood and you are all set for a journey to the world of ebooks wonderland.


Enough about all the “parhakoo” type applications, let’s turn to some fun apps.
Reader’s Digest Jokes and Funny True Stories:
We’ve all enjoyed Reader’s Digest “Laughter is the best medicine” and “All in a Day’s work” columns. Then why not have them installed on your device to lift up your spirits and lighten your mood in dull moments.
The application claims to have a collection of 1000 funny true stories and jokes (I never bothered to count and confirm their claim to fame) skillfully organized into 13 categories.
55,000 Amazing Quotes:
Yet another application to inspire or make you smile is the 55,000 Amazing Quotes.
The application opens up with the search feature where you can search by author, category or keyword. If you are in the mood to simply read a few quotes without anything particular in mind, tap the “Random” button. You have the option to select from six different backgrounds and mark your favorite quotes.
You can also add your own favorite quotes to the 55K collection.
Enjoy these applications and use your iPod touch or iPhone to the max.

Photo Credits:

Friday, March 25, 2011

Blogger Gadgets


Wonder how other blogs seem to be so cooler than yours?
Well I do the same, but sometimes the cool stuff you find on different blogs is what you have available on your blogging service (like Blogger, WordPress etc.) it's just that you either fail to notice them or are not searching/experimenting enough.

For e.g. notice the "Visitor Count" on my blog. No rocket science behind it. It's simple a gadget provided by Blogger itself, it's just that I have put in the heading "Visitor Count" and if you search for a gadget with the same name, you won't even get close to what you are looking for. This is because "Visitor Count" is NOT the name of the actual gadget, the real name is "Blog's Stats".

With my point proven; that for a nice, cool looking blog, all you need to do is search a bit; let me go through the process of adding gadgets. This is for newbie bloggers:

  1. Sign in to your blog.
  2. Click on "Design". Located on the top right corner of the menu.
    Design
  3. When in Design page, make sure you have the "Page Elements" tab selected.

    Design - Page Elements
  4. Find "Add a Gadget" and click it.
    Add a Gadget
  5. A new window would open. Here you can simply search for some gadget, or browse the different categories provided.
  6. When you've found a gadget that meets your liking, simply click on the "+" button, put in the settings if required and then click on "Save". 
    Add a Gadget Window
  7. And Voila! you have a new gadget  added to your blog.
  8. Now back in the designs tab, drag the gadget to whatever location you want.
  9. And don't forget to click on "Save"

Mutex could not be created

While working on a .NET 2.0 ASP.Net website, I tried to run the website and this is the error I got 

"Mutex could not be created"
Seemed like a difficult error, which would take days to resolve, and even when you finally find a solution, you still won't know what actually caused it.
But a little googling got me the solution, however, I still don't know what caused the error to occur.

Copy pasting the solution from this site so that you don't have to go through the whole page. Just do EXACTLY as it says and you'll be out..
- If you have visual studio 2005 open, close it
- Go to the ASP.NET temporary folder for v2.0 of the framework
    <Windows dir>\Microsoft.Net\Framework\v2.0<extra numbers>\Temporary ASPNET pages
- Remove the folder for your application (or all of them)
- Reset IIS (on a command line window, >iisreset) [not always needed, but I had to use it sometimes]
- First Browse your page from IE (http://localhost/your app)
- Then reopen Visual studio

Sunday, January 16, 2011

Microsoft Word Shortcuts

While you are typing in vigorously on Microsoft Word, extending your hand towards the keyboard to change font or justification can seem to be such a hassle, right?

Introduce yourself to keyboard short cuts so the next time you use word, you can get done with your work in a shorter span of time.




Bold

Ctrl + b

Underline

Ctrl + U

Italics

Ctrl + I

Left Justify

Ctrl + L

Center Aligned

Ctrl + E

Right Jusify

Ctrl + R

Justify

Ctrl + J

Saturday, January 15, 2011

Googling Google

Google has brought about a change in almost everything we do online. From searching to emailing, from chatting to photo sharing and what not. It won’t be imprecise to state that google has become a phenomena in itself. I as a software engineer can’t imagine coding without google search by my side. We no longer even so much as glance at any of the other search engies, infact searching and googling have become synonyms; we no longer say we’ll search up on smoething rather we say let me google it.
But what we don’t know is that there is more to “googling” then simply putting in our search terms and hitting the “enter” key. There are a lot of ways you can make your searching experience more comfortable, several teeny weeny things to understand before you gear yourself up for your next search or research.
An online guide, by the name of Google Guide, provides comprehensive tutorials to help you enhance your search results. Here’s what Nancy Blachman, the mastermind behind google guide has to say;
“Google Guide is an online interactive tutorial and reference for experienced users, novices, and everyone in between.”

Below is a list of a few ways to optimize your search and obtain the best results in a short span of time. Adding particular terms to your search query or crafting it in a particular format; you can find what you are looking for easily and quickly.

Google Time:
Every time we had to make an international call we had to add in or take out a few hours from our Pakistan Standard Time so that we don’t end up waking people at ungodly hours. Thanks to google, there is no more a need to exercise our mathematics skills as just typing in:
Time <city/country name>
will give you the exact time in that city/country.

Unit Conversion:
I wish I had this back in my school days, or maybe I did and never knew.
Google can just as easily convert between different units as your next chemistry professor, or maybe even better!
Example:




10 Kilometers in meter
Would give you 10000 meters before you get time to scratch your head (that is, if you have a speedy internet connection).
By putting in these terms you actually activate goggle calculator. But here’s the problem, you might not be able to do that with every search term. For example, if you want to know your height in centimeters, just putting in 5’6’’ won’t be the right choice of words, you’ll need to enter
5 foot 6 inches in centimeters
to get what you want, so better try out different combinations if the first one doesn’t give you the required output.

Currency convertor:
Google is also a big help if you are in the money conversion business.
5 Canadian dollars to PKR
Or
5 USD to PKR
would give you the Pakistani rupees equivalent for 5 Canadian and US dollars respectively.

Let Google define:
Sometimes we just need a quick definition of a word to jog up our memories instead of going through long articles on a topic and still not getting anywhere.
In such a case, just precede your search term with “define:”. This will bring up the definitions from different sources on internet.


The “I’m Feeling Lucky” syndrome:
Ever noticed the “I’m feeling lucky” button besides the “Google Search” button on the home page? Ever tried it out?

The “I’m Feeling Lucky” button takes you directly to the first page returned by your search (without showing the entire result).


Exact Query:
If you want the result set to be such that the pages contain your search query in the exact same order, then try putting your search term within quotation marks. But better be sure of the exact order otherwise you’ll get only a few hits.
This feature may be helpful while searching for a verse.
Stop Words and the “+” Operator:
Stop words are the words which frequently occur in our speech. For e.g. a, be, at etc. Google ignores all such words.
But what if such a word if ignored makes a drastic impact on your search results?
To stop google from omitting any word precede the word with the “+” sign.
“+” operator can also be used to force google to match exact term rather than it’s variant.
For e.g. favorite book would match both the words favourite and favorite. However,
+favorite book
would only bring results containing the word favorite and NOT favourite.
The “-“ operator:
To exclude particular words from the search, precede the word with the “-“ operator.
The ~ (tilde) operator:
To make google search for a term AND it’s synonyms put in a ~ just before the word. For e.g.  for
~lunch Karachi
google would search for lunch, dinner, eating etc.

Note:
For operators +, -, ~ do not put in space between the operator and the word.
There’s a lot more you can do with google. I would recommend trying out the ones mentioned here first, getting accustomed to using them to obtain the best results, and then try to learn more about how to get even better results. Take it slowly so that you learn everything and can use your knowledge to the best.
Happy Googling!
References: