December 2003 - Posts
Ok, Robert released a simple, free plugin for vstudio which wraps sn.exe and so gives a simple GUI to a command line tool. Why did he do this? Because he got a whole whack of emails from people who not only didn't know what to do, but they didn't even understand the terminology.
And for this generosity, he gets derided by the usual suspects. 'It's so easy to follow these X Steps! Only idiots would want this plugin!'
Now, I don't know about anybody else here... but I must say that I was a tad surprised that when I went to sign my first .net assembly there was no way to make the .snk file from vstudio. Sure, after a bit of poking around, I found the reference to sn.exe in the docs, and it's not exactly difficult to do it once you know what you are supposed to do. I, for one, don't really enjoy memorizing file system paths to specific exes, that exe's various arguments, and what to do with the output. Geez, this is Windows and Visual Studio, not Linux and Emacs.
Somebody, please tell me that the gotdotnet blogs will return a 301 pointing to each blogger's new home. See... I'm fairly certain that newsgator has this feature where if it gets a 301, it's resubscribes me to the blog at the new url. Otherwise, I'm left either hunting thru each blog to see which ones need to be moved, or just letting it requery gotdotnet.com and never getting anything back. If one of the reasons they shut down the gotdotnet blogs was because of bandwidth and mantainence... one would hope they would help us automatticly redirect the traffic to the new home.
Robert has been thinking that ORM frameworks must be a rite of passage, considering how many there are.... but it seems to me that
IRC Clients are a much more popular
pet project.
One of my very few winforms projects is an irc library named Nebo. I actually started it way back in the v1.0 beta, and got it to an acceptable level quite a while ago, but once that version got out, I didn't work on it for the longest time. Well, after a fairly big update, I've decided/realized that I really don't have the time to update it as much I'd like to... so I've created a workspace for Nebo. The library is already at a quite stable level, but it's missing implementations of the more obscure messages. So if you are interested in IRC dev, want to make your own client for fun or profit, or are just looking for something to work on, head on over.
A guy recently sent me an email asking about the best plan for dealing with people uploading files where the file already exists. I'm thinking somebody sent him to my site to look for the answer, but I guess that comes with the territory when you solve all the other problems. :) But I digress...
My answer was something along the lines of... “save it under a different name, write some text asking them if they want to overwrite or save as a different name, and provide a couple buttons and a textbox for the UI.”
That's pretty much the standard line everywhere. I'm not pretending to have come up with some miraculous solution... but I think it might be great to package this up as a control, incorporating the file upload control. It could be one of those “multi-view” controls that shows a different UI depending on whether a file is ready to be uploaded, or something needs to be done.
I think I could even pull off a multi-file upload scheme that could go along with this...
What with people chatting about Avalon's NineGridBrush, and then today a request for the effect on a webapplication I manage, I've been thinking about how one could make this with a simple web control... I've come to the conclusion that, with v1 of asp.net, while it's technically possible to get runtime execution working via jumping thru a few hoops, the designtime experience that you want, just isn't really possible.
However, with Whidbey, this control would definitely be doable. For runtime, it's all about the DynamicImage control. Take the single image that the developer specifies, and dynamicly chop it up into 9 bitesize pieces. At design time, it's about combining great new control designer features like editable, clickable regions and GDI drawing.
My mind races when I think about cool stuff like this.
“How do I make a property on my control be changable from javascript?“
I've seen this question asked, in various forms, quite a few times, and now that an irc buddy got stumped by it, I decided to blog my perspective on the best way to handle it.
So here is a big fat commented but untested code block:
using System;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
/// <summary>
/// This control has a public serverside property <see cref="MyProperty"/>
/// which is accessible on the client side via a hidden input element
/// </summary>
public class TestControl : WebControl, INamingContainer {
/// <summary>
/// This is the public property that I wish to expose to the clientside as well.
/// </summary>
/// <remarks>
/// Most public server control properties will use ViewState as their backing store.
/// ViewState, however, is not accessible view clientscript.
/// So instead, we'll use a hidden input child control to hold the value.
/// </remarks>
public String MyProperty {
get {
this.EnsureChildControls(); // This call makes sure that MyPropertyHolder is initialized
return MyPropertyHolder.Value;
}
set {
this.EnsureChildControls(); // This call makes sure that MyPropertyHolder is initialized
this.MyPropertyHolder.Value = Value;
}
}
/// <summary>
/// This is the hidden input control used to hold the value for MyProperty between postbacks.
/// </summary>
private HtmlInputHidden MyPropertyHolder;
/// <summary>
/// This method is called by EnsureChildControls when ChildControlsCreated is false.
/// You can think of it as the "initializer" for your composite control.
/// </summary>
protected override void CreateChildControls() {
this.Controls.Clear();
// This is where we actually instantiate the hidden input and add it to the composite control.
// If we needed to set some default value, we'd do it here.
MyPropertyHolder = new HtmlInputHidden();
MyPropertyHolder.ID = "MyProperty";
this.Controls.Add(MyPropertyHolder);
// Obviously, this control doesn't do anything interesting without other content besides the hidden input.
// This is where we would add other controls as children in order for our control to do what we want it to.
}
#region Composite Control Pattern
// This is a common pattern for implementing a composite control.
// These two methods, combined with the INamingContainer interface
// create a composite control
/// <summary>
/// This override makes sure that if we or somebody else tries to access our child controls,
/// that they will have been created in time.
/// </summary>
public override ControlCollection Controls {
get {
this.EnsureChildControls();
return base.Controls;
}
}
/// <summary>
/// I also override render here to make absolutely sure that at any point during runtime or
/// design time that the control is told to render itself, that it is ready to do so.
/// </summary>
protected override void Render( System.Web.UI.HtmlTextWriter writer ) {
this.EnsureChildControls();
base.Render(writer);
}
#endregion
}Any Questions? :)
Step 1) read this
Step 2) goto your aspnet_client folder, open any version of WebUIValidation.js, and search for “function ValidatorHookupControl(control, val) {“ ( linked for your pleasure )
Step 3) Notice that I have no qualms about not protecting the guilty.
I'm fairly certain the original "abuse" script that Eric is talking about comes from the asp.net validation script library. At least, that's the first time I saw something of that nature. Having to solve a similar problem myself while building one of my very first server controls, I figured that since (A) I had essentially zero jscript knowledge at the time, and (B) “If the asp.net team does it that way, then it's good”, so I copied the technique for ConfirmedButtons.
I've since found a way of multicasting events that I like much better.
Scoble ( or is it not really him? (: ) commented on my previous post with:
“I've never had this problem. Why? Because I have a blog. If anyone ever posted claiming to be me, it'd be easy for me to point that out on my blog. Also, one would just have to look at the IP addresses and see that they are coming from different places. Most of us don't take the time to switch to different places just to post a comment.“
Scoble, If somebody wanted to make a concerted effort to impersonate you on comment systems, You would not have the time to "not me!" all of them, and probably not even the time be able to find them all.
As for the "check the IP" idea...
- A) I don't have your IP memorized, nor an easy to find out the "right" one.
- B) My IP will certainly change if I'm blogging and commenting outside, downtown, over various open wireless networks, on my TabletPC. Isn't that the future? :)
My goal is for the reader of the comment ( or “the bank making the transaction” in the more popular case of ID Theft ) to have the ability to verify the provider of credentials at any time. A name, web address, or Client IP Address HTTP header, are not sufficient for this task.
.Text blog commenting has a problem. Identity Theft.
For the past couple days, there's been this ongoing thing where Frans Bouma has been calling Microsoft evil for having some hidden, dark agenda behind eliciting feedback thru their blogs, and calling any developers that do give feedback, naive for thinking that they could possible make a difference to the borg product.
Whatever... That's not the point of this post. That's just the backstory.
The point is that one of the reasons that Frans gave for disabling the controversial posts is that annoying people who were sufficiently angry about his insinuations, were using his name in comments, pretending to be him, and generally being jerks.
For at least a decade, lots of really smart people have been claiming that Identity Theft is going to be the Next Big Problem, and I've always agreed with it. These days you can see the general populace becoming more aware of it, mostly thru ad campaigns coming from banks and credit card companies. The most obvious of which are the recent hilarious tv commercials where you have some victim of identity theft talking to the camera in the voice of the person who stole their money and went on a crime shopping spree.
But to get back to .Text...
The commenting system on blogs doesn't require you to register in order to enter a comment, which I think is a good thing. Some people may argue against it, and they do have some valid points, but overall, I think anonymous commenting has an effect of increasing community inolvement. However, the commenting system also doesn't allow you to login either. There is no way for anybody to verify or check to see if the “Andy Smith” who just commented on their blog is actually me, or maybe some other Andy ( there's a lot of us Andy Smith's in the world... last time I checked, there were 4 just in my town ), or maybe just some jerk pretending to be me for comedic effect.
At any rate... what's the answer? Passport? public key signing of comments? I don't know. “I am who I say I am” is a tough problem.
More Posts
Next page »