|
Regarding the safety of str=replace("ame's account","'","''") , I think it is relatively safe. Whatever way you want to swing it, there is no way that a user can insert a ' that will not be escaped.
my blog
|
|
|
|
|
Just escaping the ' was not the point. The technique was billed as a method to prevent SQL injection attacks, and it's not...
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Sorry to split hairs Dave, but...your advice is good, but your facts are wrong.
If you escape every string value in every SQL string that you construct, (and also take care to sanitize all numeric values), then you are in fact safe from SQL injection.
The problem with the escaping approach is that it is difficult to apply consistently. For example, most programmers will neglect to escape values that they obtain from cookies, or the session, or the database. That is a mistake, because users can often affect that data too.
my blog
|
|
|
|
|
I'll accept that.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Hi there. I've got a question on how to program a system that can open a PDF document by opening chapters of a document in the same content document. I'm planning to do something like a PDF viewer which allows only viewing the document based on pages using the Table of COntents. However i'm unsure on how to apply them in .NET. Thx for the help...
|
|
|
|
|
Hi, I just have the project that open PDF file in adobe acrobat reader from our application vb6. It might not answer your question but just give you an idea.
1. In VB6, create a form with one button name Command1.
2. Put the following code on the general declaration section. (It call to the windows API)
Private Declare Function ShellExecuteA Lib "shell32" (ByVal hWnd As Long, _<br />
ByVal Op As String, ByVal file As String, ByVal params As String, _<br />
ByVal directory As String, ByVal ShowCmd As Long) As Long
3. Double click Button1 and write the following code.
Call ShellExecuteA(0, vbNullString, "C:\PDF_File.pdf", vbNullString, _<br />
vbNullString, vbShowNormal)
Note:
* There is no component or reference were added to this project.
* I got an idea from expert-exchange website. But I have changed some option in the code to match my file path.
Roath Kanel
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
I have a form layed out in Visual Studio .NET Professional, and I have 30 buttons layed out, I have sound files on the hard drive, and I would like to associate those sounds with those buttons.
So when the Sounds.exe is run, and I press the first button then the sound is automatically played.
Is there a way to link the sound to the button?
And also when I build the .exe file is the sound file added to the .exe file?
I am all new to this, and have created some code from a webpage that talked about embedding sounds, so I used the code as you see below :
Class SoundButton
Inherits Button
'API call for playing sounds in memory
Private Declare Function PlaySound Lib "winmm.dll" (ByVal data() As Byte, _
ByVal hMod As IntPtr, ByVal hwFlags As Integer) As Integer
Private Const SND_ASYNC As Integer = &H1 'Play asynchronously
Private Const SND_MEMORY As Integer = &H4 'Play wav in memory
'The .wav will be stored in this byte array
Private Shared ClickSound As Byte()
Shared Sub New()
'Get running assembly name
Dim NameSpc As String = _
Reflection.Assembly.GetExecutingAssembly().GetName().Name.ToString()
'Look for the button click sound in the resource stream.
'This example has a resource called hello1.wav
Dim WavStrm As IO.Stream = _
Reflection.Assembly.GetExecutingAssembly().GetManifestResourceStream( _
NameSpc + "." + "hello1.wav")
'ReDim the byte array to be the size of the embedded .wav
ReDim ClickSound(CType(WavStrm.Length, Integer))
'Load the .wav from the stream into the byte array
WavStrm.Read(ClickSound, 0, Int(CType(WavStrm.Length, Integer)))
End Sub
'Override the OnClick event to play the sound
Protected Overrides Sub OnClick(ByVal ea As EventArgs)
Call PlayWav(ClickSound)
MyBase.OnClick(ea)
End Sub
'Play embedded .wav resource
Public Sub PlayWav(ByVal WavResource As Byte())
PlaySound(WavResource, IntPtr.Zero, SND_ASYNC Or SND_MEMORY)
End Sub
End Class
The hello1.wav file is the file I wanted to play when i ran the app.
If you want to see my source code you can get it here :
h**p://home.pacific.net.au/~jf3000/sounds.zip
Id appreciate any help at all on this, and just let me know how to get the first button going so I know where to take it from there.
You will have to tell me in the most earliest of beginners terms, cos im still trying to understand something ive only just started.
Someone mentioned in a forum to play a sound use this : PlaySound() but that lost me.
samitha
|
|
|
|
|
If your going to have 30 sounds, don't embedded them as resources, it'll just make compiling your app that much longer, especially if they're large sound files. Just leave them as files. The code is really easy when you don't have all the junk of resources to look through. If your just starting out -> KEEP IT SIMPLE!
Private Declare Ansi Function PlaySound Lib "winmm.dll" Alias "sndPlaySoundA" _
(ByVal lpszSoundName As String, ByVal uFlags As Long) As Long
Private Enum PlaySoundFlags
Sync = &H0
Async = &H1
[Loop] = &H8
NoStop = &H10
NoDefault = &H2
End Enum
Private Sub btnPlaySoundSync_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnPlaySoundSync.Click
Me.Cursor = Cursors.WaitCursor
PlaySound("C:\Program Files\ahead\Nero\Beeth5th.wav", PlaySoundFlags.Sync)
Me.Cursor = Cursors.Default
End Sub
Private Sub btnPlaySoundAsync_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnPlaySoundAsync.Click
Me.Cursor = Cursors.WaitCursor
PlaySound("C:\Program Files\ahead\Nero\Beeth5th.wav", PlaySoundFlags.Async)
Me.Cursor = Cursors.Default
End Sub
This code assumes you have two buttons on your form, named btnPlaySoundSync and btnPlaySoundAsync .
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
I have a yes/no question in my program. How do I code the messagebox so that after a user clicks yes, something happens, if the user clicks no, something else happens?
|
|
|
|
|
Hi.
When you're opening the MessageBox it returns an DialogResult Value, so you just have to use a simple if.
If (MessageBox.Show(...)) = DialogResult.Yes Then
'...
End If
|
|
|
|
|
|
Hello Everybody
Please tell me how to create dynamic toolbar in VB6.0
Please help me
|
|
|
|
|
Your going to have to be alot more specific about what you want. What do you mean by "dynamic"? Do you want to create a toolbar in your own application or are you adding a toolbar to something like IE, like the Yahoo or Google search bar?
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Hi,
Anyone knows how to hide the navigation bar when viewing report in the browser and printing the same thru the browser.
I've tried these options but doesn't work..
crp.ParameterFieldInfo = paramFields
crp.DisplayGroupTree = False
crp.EnableDrillDown = False
crp.HasPageNavigationButtons = False
crp.DisplayToolbar = False
crp.SeparatePages = True
Thanks in anticipation
|
|
|
|
|
Hello EveryBody,
TusharP, here. I designed new ActiveX control. Now I want to assign Align property to this control, so that whenever user drag this control on his/her form, control should be place on left side of Form
PLease help me in this regard
Thnking You
TusharP
|
|
|
|
|
Hi,
I have some data that looks like this:
July Aug Sep Oct Nov Dec
Birmingham 51,278 51,243 45,745 56,785 63,007 91,204
Milton K's 53,030 33,551 151,564 95,891 92,615 94,174
Slough 130,976 165,927 125,353 249,622 71,739 79,665
Channel l80,621 102,442 95,788 100,371 120,712 71,104
and I want to have a graph with a line for each of the 4 locations, and the months placed along the horizontal 'X' axis, and the value placed along the 'Y' axis. If I create the chart in Excel, I get the option to change a radio button from 'Series in Columns' to 'Series in Rows' to show the graph correctly. However, in Crystal Reports (the dot net bundled version) I don't get this option, and the result is that I get 6 lines (one for each month) with one 'X' axis labels specified as the four locations.
This has to be created in crystal reports, but I've tried every option I can find, but can't get the desired output.
Can anyone help please?
Many thanks,
Martin
|
|
|
|
|
To All,
I have a table; have HardwarePrice (Money - datatype). - SQL Server.
I'm doing in ASP.NET, linking to a database; a button where I use to add new item.
Below is error which I have encounted.
------------------------------------------------------------------------------
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.ArgumentException: System.FormatException: Input string was not in a correct format. at System.Number.ParseDecimal(String s, NumberStyles style, NumberFormatInfo info) at System.Decimal.Parse(String s, NumberStyles style, IFormatProvider provider) at System.Convert.ToDecimal(String value, IFormatProvider provider) at System.String.System.IConvertible.ToDecimal(IFormatProvider provider) at System.Convert.ToDecimal(Object value) at System.Data.Common.DecimalStorage.Set(Int32 record, Object value) at System.Data.DataColumn.set_Item(Int32 record, Object value)Couldn't store <> in HardwarePrice Column. Expected type is Decimal.
Source Error:
Line 194: ' add a new blank row to the end of the data
Line 195: Dim rowValues As Object() = {"", "", ""}
Line 196: ds.Tables(0).Rows.Add(rowValues)
Line 197:
Line 198: ' figure out the EditItemIndex, last record on last page
-----------------------------------------------------------------------------
What can I do to stop this error?
Thank you.
|
|
|
|
|
Easy. Your trying to convert empty Strings cast as Objects to numbers like Integer, Decimal, whatever your using. This will not result is zeros. You'r better off setting each value individually with the correct default data, like 0.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Can anyone tell me if it's possible to enbale visual styles in VS IDE addins. I tried EnableVisualStyles before my form loads and a manifest file to no avail. I am assuming that since the addin in running in the VS IDE application space, then this is not possible, but if it's possible, how so.
Thanks for any replies in advance.
Thanks...Greg
|
|
|
|
|
As far as I can tell, VisualStyles won't work inside the IDE.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Visual Studio 2002 and Visual Studio 2003 are not .Net applications and therefore do no support visual styles.
Visual Studio 2005 (Whidbey) appears to be a .Net application with full visual style support, at least in the beta vesion I've seen.
|
|
|
|
|
Is it possible to use VB.NET to download a file form dragging a hyperlink into a textbox? The problem I am having is finding a way to get the underlying URL to the file location. E.g. if I have to click on a link that says "Click here" to download a file, I want to be able to drag it into a textbox in my application and then have it download that file.
Any advice, tips, sample code or pointers to a good resource will be GREATLY appreciated.
Thanks
Vyyk
|
|
|
|
|
There are samples of this all over. Especially on MSDN, like this[^] example.
Here's a condensed version. This accepts any text object, including URL links dragged from IE, dropped on a Textbox on your form.
Private Sub TextBox1_DragDrop(ByVal sender As Object, ByVal e As System.Windows.Forms.DragEventArgs) Handles TextBox1.DragDrop
Try
If e.Data.GetDataPresent(DataFormats.Text, True) Then
e.Effect = DragDropEffects.Link
TextBox1.Text = e.Data.GetData(DataFormats.Text, True)
Else
e.Effect = DragDropEffects.None
End If
Catch ex As Exception
e.Effect = DragDropEffects.None
Debug.WriteLine(ex.ToString)
End Try
End Sub
Private Sub TextBox1_DragEnter(ByVal sender As Object, ByVal e As System.Windows.Forms.DragEventArgs) Handles TextBox1.DragEnter
Try
If e.Data.GetDataPresent(DataFormats.Text, True) Then
e.Effect = DragDropEffects.Link
Else
e.Effect = DragDropEffects.None
End If
Catch ex As Exception
Debug.WriteLine(ex.ToString)
End Try
End Sub
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
My everlasting thanks - of all the samples out there, this was the best and most concise...thanks again I REALLY appreciate this.
Best regards
Vyyk
|
|
|
|
|
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|