|
Where I worked a few years ago, we did code reviews even when rushed because we found that they reduced the amount of development time, even when rushed... no especially when rushed.
Windows 8 is the resurrected version of Microsoft Bob. The only thing missing is the Fisher-Price logo.
- Harvey
|
|
|
|
|
I added a feature to one of my apps at the last revision which needed a new column in the DB.
I thought the latest version was slower to start that it used to be, but dismissed it as my imagination - with a note to investigate moving the DB load into a background task when I was doing major mods.
Until tonight...
I just added another feature that needs another column and found that when I load the DB info, I was saving the DB value into the Property of the class, not the backing field. And yes, the property does Update the record back to the DB, in case you were wondering...
So when I load my data, I not only read every record, but I immediately write it back as well...
Adding an "_" character made a huge difference!
This message is manufactured from fully recyclable noughts and ones. To recycle this message, please separate into two tidy piles, and take them to your nearest local recycling centre.
Please note that in some areas noughts are always replaced with zeros by law, and many facilities cannot recycle zeroes - in this case, please bury them in your back garden and water frequently.
|
|
|
|
|
Properties that write back to the database are hell. I've some here and i really hate them.
I'm brazilian and english (well, human languages in general) aren't my best skill, so, sorry by my english. (if you want we can speak in C# or VB.Net =p)
"Given the chance I'd rather work smart than work hard." - PHS241
"'Sophisticated platform' typically means 'I have no idea how it works.'"
|
|
|
|
|
They do make sense in some cases, because they prevent data loss if you forget to call the "Update" method after a user makes a change to the form.
But they are a PITA sometimes, yes...
This message is manufactured from fully recyclable noughts and ones. To recycle this message, please separate into two tidy piles, and take them to your nearest local recycling centre.
Please note that in some areas noughts are always replaced with zeros by law, and many facilities cannot recycle zeroes - in this case, please bury them in your back garden and water frequently.
|
|
|
|
|
OriginalGriff wrote: because they prevent data loss if you forget to call the "Update" method after a user makes a change to the form
That also prevents Undo and Cancel functionality, and that's the sort of thing that should be picked up on tests.
For me, properties should at most contain simple value validation, like accepted ranges and non-null enforcement, leaving other kinds of validation and persistency to methods.
I've a technical level on mechanics, so the way i think is like a worker operating a lathe, when you set a property, you're positioning the metal part, when you call a method, you're actually turning the lathe on and working the metal.
I'm brazilian and english (well, human languages in general) aren't my best skill, so, sorry by my english. (if you want we can speak in C# or VB.Net =p)
"Given the chance I'd rather work smart than work hard." - PHS241
"'Sophisticated platform' typically means 'I have no idea how it works.'"
|
|
|
|
|
Yeah that comes from somewhere quite deep in hell. When I want you to synchronise with an external data provider/sink, I'll tell you with a method call!
I don't like entity mapping tools that are too clever for their own good.
|
|
|
|
|
So has anyone run into this before? Was just installing the school version of Mavis Beacon 21 and found two large security holes in it. The first is it requires I give students full Read/Write access to its network folder, which contains its settings file. Now this settings file controls some key behaviors, such as the ability to use backspace on tests and quizzes, guide hands, and their WPM goal. With Read/Write access students can easily edit this file. However if I only give them Read access, the program throws an exception. The second security nightmare is a hardcoded admin password. A hex dump of the software yields the statement:
if pw = "gnipyt"
then DoTeacherLogin();
else BadTeacherLogin();
This is a bit of a problem in an environment with high school students who actively try to discover admin passwords for the various services. While I could change this in the hex dump, the school administrator is against the idea. A simple google search yields the password in the search results. It looks like the teachers will just have to keep a close eye on students via the monitoring software for now.
|
|
|
|
|
Quote: A simple google search yields the password in the search results. I wonder which sites have posted the password?
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
Besides this one you mean?
Windows 8 is the resurrected version of Microsoft Bob. The only thing missing is the Fisher-Price logo.
- Harvey
|
|
|
|
|
Back in high school they installed a security package called "fortress". It locked a computer down pretty tight, didn't allow access to the desktop and only let us run a certain web browser and 3 office products (word, excel, powerpoint).
It took me about a week to figure out that I could get shell access through Word (Word's About dialog used to allow to bring up a task manager that would let me run any command). Took another week to figure out the admin password (wasn't hard coded, but the teacher responsible for setting it up was a Pascal programmer, so his password was, of all things, "pascal").
Kids are inventive, if the manufacturer can't fix these problems then I would bring them up to school officials and tell them that a new solution needs to be found.
|
|
|
|
|
i still get access to the shell on my university labs by running oracle's "start database" utility, for some reason, that thing keeps the console open after it closes
I'm brazilian and english (well, human languages in general) aren't my best skill, so, sorry by my english. (if you want we can speak in C# or VB.Net =p)
"Given the chance I'd rather work smart than work hard." - PHS241
"'Sophisticated platform' typically means 'I have no idea how it works.'"
|
|
|
|
|
For a product like that, these kind of security holes are completely unforgivable. That is a big product. And they should know better.
I agree with Ron. Alert the manufacturer, and if they don't respond quickly, or do respond with something like 'That is a by-design limitation of the school version', get something else!
Keep Clam And Proofread
--
√(-1) 23 ∑ π...
And it was delicious.
|
|
|
|
|
So I called their technical support, and after finally getting the "Support Specialist" to understand that I was not calling with an Error Code but rather a problem in the functionality of the program, I was told that they might add changeable passwords to their wishlist for the next version of the software. What I would like to know is how they made it 21 versions already without someone thinking about this. Since the Administration has already paid for the software they are set upon using it, requiring that staff keep a close eye on students. Well I tried.
|
|
|
|
|
I would request a refund. The software, by any reasonable definition, is not fit for the purpose it's intended. Check out your local consumer rights definition - or better yet, consult a laywer, get a letter drafted stating you position and requesting a refund.
|
|
|
|
|
As to the password part, a program I wrote for an employer many years ago presented the user with a welcome screen, at the bottom it had a "Press RETURN to continue..." line, if you typed SUPER before pressing RETURN, it turned on some "advanced features".
|
|
|
|
|
That's because Mavis doesn't know anything about security, or "best practices". They just know, well, typing.
|
|
|
|
|
Wowww... terrible software. They clearly don't CR their work, or their company is run by kids. Regarding that setting file though, I believe there are 3rd party file lock tools, but its probably not your biggest concern at the moment.
|
|
|
|
|
Does it require R/W access to that file for students? if not, you can always set individual file permissions.
I'm brazilian and english (well, human languages in general) aren't my best skill, so, sorry by my english. (if you want we can speak in C# or VB.Net =p)
"Given the chance I'd rather work smart than work hard." - PHS241
"'Sophisticated platform' typically means 'I have no idea how it works.'"
|
|
|
|
|
1215drew wrote: if pw = "gnipyt"
I always find with these sorts of issues that it is best to gnipyt in the bud...
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
int i = 0;
int m = 1;
while ( i < m){
Print i
Print m
i = i + 1;
m = i;
}
nananaanananan code man!
|
|
|
|
|
This code can be simplified with
m = i++;
No memory stick has been harmed during establishment of this signature.
|
|
|
|
|
how about we change "i" to a "C" huh
|
|
|
|
|
Unless my remaining braincell is taking the day off, shouldn't that be
m = ++i; ?
Cheers,
Peter
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
Should it?
No memory stick has been harmed during establishment of this signature.
|
|
|
|
|
Yes, it should. And this little change makes the diffrence between a loop that runs once and a loop that runs forever.
The good thing about pessimism is, that you are always either right or pleasently surprised.
|
|
|
|