I really hate to bloat my firefox with extensions, here is my list of extensions that accumulated overtime.
All-in-One Sidebar
Adblock Plus
Adblock Filterset.G Updater
Screen grab!
DownThemAll
FireFTP
FlashGot
Javascript debugger
Netcraft Anti-phishing toolbar
and of course Google toolbar
Tuesday, December 05, 2006
Sunday, December 03, 2006
How much time should it take to watch a tamil movie?
< 60 secs !
Yes that's all it took today for movie Rendu, what do they think when they make tamil movies, this will only stop if audience have a FF option in theater's. Whatever, here is a link to a site which holds few HQ movies, one of different ways to catch hold of divx in net.
BTW, If you have collection of divx movies, checkout Phillips DVP3040, i got one, this Thanksgiving day for $30 and it plays allmost all my formats i have, one thing to note though it doesn't have DTS decoder, but i think it is better that way and get a good HTS receiver.
Update 12/17 :- Looking for tamilgrounds coupon, one of my colleague shared the info about this v.good paysite YAMS, where you can download DVD rips of tamil / hindi / telugu movies @ $11/month, you will look no further.
Yes that's all it took today for movie Rendu, what do they think when they make tamil movies, this will only stop if audience have a FF option in theater's. Whatever, here is a link to a site which holds few HQ movies, one of different ways to catch hold of divx in net.
BTW, If you have collection of divx movies, checkout Phillips DVP3040, i got one, this Thanksgiving day for $30 and it plays allmost all my formats i have, one thing to note though it doesn't have DTS decoder, but i think it is better that way and get a good HTS receiver.
Update 12/17 :- Looking for tamilgrounds coupon, one of my colleague shared the info about this v.good paysite YAMS, where you can download DVD rips of tamil / hindi / telugu movies @ $11/month, you will look no further.
Wednesday, November 22, 2006
Shopping for Holidays: Why not checkout google ?
Shopping for this holiday season, do check if you can get something by using the google checkout. Technically it's like old wine in old bottle with new cork. I'm sure this is not going to wipe out Amazon, i go to Amazon 'coz of low price and high quality shipping service, many-a-times free.
Hype or Not, you get $10 to $20 Orders with Google Checkout now, in many participating merchants. If you buy something closely above the set limit, that's some discount, on top of your other discounts and coupons, why waste that, i did that few days ago.
Ok now the scary part, if you had clicked that "Remember me" checkbox when you login for convenience of using any other google feature, say gmail, i see many do that; your payment information is thrown open to anyone using that computer, 'coz you just clicked on that innocent looking checkbox. WTH! With that always signed-on feature, it simply takes me to screen where i just need to click one button to buy, what was google thinking ??? I expected them to authenticate me again before getting into this final order page.
Anyone who has never made a mistake has never tried anything new. – Albert Einstein
Happy Thanks giving.
Hype or Not, you get $10 to $20 Orders with Google Checkout now, in many participating merchants. If you buy something closely above the set limit, that's some discount, on top of your other discounts and coupons, why waste that, i did that few days ago.
Ok now the scary part, if you had clicked that "Remember me" checkbox when you login for convenience of using any other google feature, say gmail, i see many do that; your payment information is thrown open to anyone using that computer, 'coz you just clicked on that innocent looking checkbox. WTH! With that always signed-on feature, it simply takes me to screen where i just need to click one button to buy, what was google thinking ??? I expected them to authenticate me again before getting into this final order page.
Anyone who has never made a mistake has never tried anything new. – Albert Einstein
Happy Thanks giving.
Monday, November 20, 2006
ASP.NET 2.0 Caching - New features
Here is a article that gives you fly-by of new caching features added in asp.net 2.0
Saturday, November 18, 2006
J.P. Vaswani
Like to hear some உபதேசம், here is one which has all J.P. Vaswani's speeches. I got to know about him from my wife, and i should say anyone may like his speeches, no matter whether they try to practice them or not. Ok lets take it like this, how often we get a chance to listen to some wise words / thoughts from an elderly person amidst this fast paced life-style and isolated nuclear family system. The talk is certainly won't be one of those boring seminars; with all those short funny stories sprinkled all along the speech, anyone should enjoy the talks.
Wednesday, November 08, 2006
Am I Secure - Really ?
One of the colleague was talking to me on security of home computer he has, this becomes a more important topic with all those spy wares, trojans , bots and rootkits out there. Hmm, going back to the discussion with him, i found I'm bit more secure than his setup, but I'd be foolish to think i kept all doors locked, this brings up question, Am I Secure - Really ???
Here is my setup in what i have,
Firewall. No questions, everyone needs it, not that dumb WinXP firewall (looks like finally MSFT ships Vista with decent firewall features). I finally threw out the popular but most resource hogging security suite to a simple firewall, which provides blocking any incoming connection and outgoing connection (all except configured apps) . Firewall also includes Network and Host based Intrusion prevention system.
Anti-Virus/Anti-Spyware. In future should be a standard OS feature, still this is more of a after-the-fact solution with signature based detection. Check out a interesting rootkit demo at TechNet Webcast.
Anti-Phishing. This I'm dead serious about, if anti virus takes me down, i may have to
spend some hours cleaning up or re-installing, But i don't want to lose out my bank acct information and i know I'm really screwed by that time. On top of Firefox 2.0 and google toolbar anti-phishing features, i run Netcraft to make sure the bank site I'm accessing is not hosted from Russia or Taiwan. I use a PG open source app to store my sensitive and ultra complex online credentials, just to throw another layer on top.
based
Network Security. Home wireless network uses WPA encryption and locked by MAC address. If you like to learn some tips on this, here is a link.
Few years back learnt how easy to write a keylogger, which later transformed to trojan with payload from a file share, though strictly for fun and knowledge, that still keeps me little bit cynical and hence backup-ed data last week. :-)
Here is my setup in what i have,
Firewall. No questions, everyone needs it, not that dumb WinXP firewall (looks like finally MSFT ships Vista with decent firewall features). I finally threw out the popular but most resource hogging security suite to a simple firewall, which provides blocking any incoming connection and outgoing connection (all except configured apps) . Firewall also includes Network and Host based Intrusion prevention system.
Anti-Virus/Anti-Spyware. In future should be a standard OS feature, still this is more of a after-the-fact solution with signature based detection. Check out a interesting rootkit demo at TechNet Webcast.
Anti-Phishing. This I'm dead serious about, if anti virus takes me down, i may have to
spend some hours cleaning up or re-installing, But i don't want to lose out my bank acct information and i know I'm really screwed by that time. On top of Firefox 2.0 and google toolbar anti-phishing features, i run Netcraft to make sure the bank site I'm accessing is not hosted from Russia or Taiwan. I use a PG open source app to store my sensitive and ultra complex online credentials, just to throw another layer on top.
based
Network Security. Home wireless network uses WPA encryption and locked by MAC address. If you like to learn some tips on this, here is a link.
Few years back learnt how easy to write a keylogger, which later transformed to trojan with payload from a file share, though strictly for fun and knowledge, that still keeps me little bit cynical and hence backup-ed data last week. :-)
Monday, November 06, 2006
Inayithil Tamizh
"தமிழின் மேன்மை அதன் தொன்மையில் இல்லை - தொடர்ச்சியில் உள்ளது"
- long pending blog placeholder on THE oldest living language.
read books
to blog
to search 1 2 3
listen online radio's,
download tamil songs in mp3, more, more, more, more, ....
daily calendar
காற்றிநிலே வரும் கீதம்... <download>
- long pending blog placeholder on THE oldest living language.
read books
to blog
to search 1 2 3
listen online radio's,
download tamil songs in mp3, more, more, more, more, ....
daily calendar
காற்றிநிலே வரும் கீதம்... <download>
Tuesday, October 31, 2006
ASP.NET Caching - Trick or Treat ?
It's a corporate internet web site which pulls content from database, idea is dynamic content but of course this doesn't change often. I was called to help with designing(!) some page so i used opportunity to learn about web performance, let me blog on what i found some other time.
As usual next thing is to cache page output, but there is a glitch (it is!), the web application also includes content mgmt logic as part of it and hence pages will be called with different querystring param for page previews.
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If IsPostBack = False Then
If Request.QueryString("noCache") Is Nothing Then
lblTime1.Text = "page cached on " & DateTime.Now.ToString()
Response.Cache.SetExpires(DateTime.Now.AddMinutes(60)) 'The duration will be dynamic
Response.Cache.SetCacheability(HttpCacheability.Server)
Else
lblTime1.Text = "page NOT cached " & DateTime.Now.ToString()
End If
End If
End Sub
If page loads with no querystring (normal user), it will be cached for whatever duration of time it needs to. If page loads from content mgmt logic (which will now include querystring noCache) it won't be cached. When i tested with following querystring, looked like it is working as expected
http://localhost/cacheTest/tst.aspx --page was cached for 60 minutes
http://localhost/cacheTest/tst.aspx?noCache=1¶m1=abc --page is NOT cached
Struck with a question what will happen in following case
http://localhost/cacheTest/tst.aspx?param1=abc
Expectation is, it will be cached for 60 mins, since it didn't have noCache query string param. May be it will maintain a cached version for this combination of querstrings. But actually what turned out is different, it was spitting out message "page cached on" as it should, but subsequent page loads fetched me current time instead of first cached time, no idea how this is happening. Need to find out a way to see if this is caching multiple versions every time i load this page.
Happy Halloween.
As usual next thing is to cache page output, but there is a glitch (it is!), the web application also includes content mgmt logic as part of it and hence pages will be called with different querystring param for page previews.
<%@OutputCache Duration="60" VaryByParam="*" %> Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If IsPostBack = False Then
If Request.QueryString("noCache") Is Nothing Then
lblTime1.Text = "page cached on " & DateTime.Now.ToString()
Response.Cache.SetExpires(DateTime.Now.AddMinutes(60)) 'The duration will be dynamic
Response.Cache.SetCacheability(HttpCacheability.Server)
Else
lblTime1.Text = "page NOT cached " & DateTime.Now.ToString()
End If
End If
End Sub
If page loads with no querystring (normal user), it will be cached for whatever duration of time it needs to. If page loads from content mgmt logic (which will now include querystring noCache) it won't be cached. When i tested with following querystring, looked like it is working as expected
http://localhost/cacheTest/tst.aspx --page was cached for 60 minutes
http://localhost/cacheTest/tst.aspx?noCache=1¶m1=abc --page is NOT cached
Struck with a question what will happen in following case
http://localhost/cacheTest/tst.aspx?param1=abc
Expectation is, it will be cached for 60 mins, since it didn't have noCache query string param. May be it will maintain a cached version for this combination of querstrings. But actually what turned out is different, it was spitting out message "page cached on
Happy Halloween.
Saturday, October 21, 2006
$0 PDA
I was listening to Soma's (MSFT) interview in Merina today, he quoted "... thing that is common to any human is *Time* ... everyone has only 24 hrs a day ...", if you think about it a bit, we can appreciate importance of time management, so here is my blog on poor man's personal organizer, IMHO pen on paper is simple and best.
With so many hifi PDA devices in the market, here is one which costs you nothing. You don't have to carry a charger, it won't annoy you with reminder chimes and best of all you don't have to write a fat check to get one. Before you decide to click the link, sit back and question yourself why you need a PDA, if you think of just a personal organizer, check these out PocketMod & D.I.Y Planner.
With so many hifi PDA devices in the market, here is one which costs you nothing. You don't have to carry a charger, it won't annoy you with reminder chimes and best of all you don't have to write a fat check to get one. Before you decide to click the link, sit back and question yourself why you need a PDA, if you think of just a personal organizer, check these out PocketMod & D.I.Y Planner.
Saturday, October 14, 2006
Ajax WTH!
For last couple of weeks i got quite a lot queries from team on Ajax. Its more of a standard response from me "use it, if it makes sense!".
IMHO one has to weigh the Ajax features against the coding complexity. Enter enterprise apps scenario, you got lot of additional things to consider, most importantly code maintainability and alternate technology options. Comparing enterprise apps against google map, google spreadsheet, flickr is like comparing apples and oranges. I'd seriously consider SmartClient if we really needed a windows feel in web.
Bottom line, page postback is not always evil !
IMHO one has to weigh the Ajax features against the coding complexity. Enter enterprise apps scenario, you got lot of additional things to consider, most importantly code maintainability and alternate technology options. Comparing enterprise apps against google map, google spreadsheet, flickr is like comparing apples and oranges. I'd seriously consider SmartClient if we really needed a windows feel in web.
Bottom line, page postback is not always evil !
Sunday, October 08, 2006
search for code
I had a chance to try google/codesearch and i did get what i was searching for in first few tries, though it's a long way to go.
Update 12/17 : Even better one.
Update 12/17 : Even better one.
Friday, October 06, 2006
System.Transactions TransactionScope issue
I was having problem using this new model Transaction handling in .net 2.0, better than going to Enterprise services for just transaction handling, way it prmotes itself from Lightweight to full DTC XACT transparently helps a lot. Yeah i did bump into some posts pointing an bug that is currently open in this model, but that's not my issue today.
When i run the test app in Win XP SP2 connecting to 2 different SQL 2K server on Win 2K3, i got the following error "Network access for Distributed Transaction Manager (MSDTC) has been disabled." After some googling, enabled inbound/outbound transaction in DTC security settings and ended up with different error message, this happends when connection is opened
"The transaction has already been implicitly or explicitly committed or aborted", this one was tough, after lot of hit-n-miss i turned off firewall and it started working. Ahhhh.... WTH
When i run the test app in Win XP SP2 connecting to 2 different SQL 2K server on Win 2K3, i got the following error "Network access for Distributed Transaction Manager (MSDTC) has been disabled." After some googling, enabled inbound/outbound transaction in DTC security settings and ended up with different error message, this happends when connection is opened
"The transaction has already been implicitly or explicitly committed or aborted", this one was tough, after lot of hit-n-miss i turned off firewall and it started working. Ahhhh.... WTH
Wednesday, October 04, 2006
hunt for bigfoot in code jungle
Moved a web app to be used by all N.A. employees of the client, for unknown reason app was throwing error for 2 employees out of whole population, unfortunately 2 guys are top brace, so we had to figure out the problem asap and i wrote DbTrace component to trace SAP function module calls for specified users and it all seems to be ok and i was out of the scene. Looks like support team was searching for the bug for more than a month and they keep coming back and questioning web app. Today it was found that 2 employee's user defaults are using non US notation and hence SAP was rejecting a valid numeric value 'coz it was expecting in different format, gahhh......
Monday, October 02, 2006
Rounded corners
Have you experienced editing the round corner image 'coz client decided to change the color of the rounded corner area, i happen to go thro one recently, considering my limited image editing knowledge somehow managed it.
Today happen to see this curvyCorners, js framework that provides this using few lines of javascript. As usual googling further found Atlas, ahem ASP.net Ajax sample. To make consistent coding practice and simpler server -side programming model, I'd prefer the later.
If think that is interesting, following should raise eye-brows, till now I'm also one of those millions who thought invisible table AKA table border="0" is only way to organize webpage layout, sit back and take a tour of CSS based design and why invisi table is bad. No idea if this is going to hit mainstream or not, but worth a try.
Today happen to see this curvyCorners, js framework that provides this using few lines of javascript. As usual googling further found Atlas, ahem ASP.net Ajax sample. To make consistent coding practice and simpler server -side programming model, I'd prefer the later.
If think that is interesting, following should raise eye-brows, till now I'm also one of those millions who thought invisible table AKA table border="0" is only way to organize webpage layout, sit back and take a tour of CSS based design and why invisi table is bad. No idea if this is going to hit mainstream or not, but worth a try.
Saturday, September 30, 2006
app offline page
Thought of using app_offline feature and display the system down page for an webapp update happening today, if you haven't heard about this, here is a fly-by, if asp.net 2.0 engine sees this file in app root dir, it shuts app domain and serves this file to clients, brings back the app domain after this file is deleted.
Unfortunately clients needed to test the app during the down time and hence i need to allow list of users and server down message for rest, i started coding this logic in Application_AuthenticateRequest , ahhh what am i thinking coding this in app and i need to move the app again to remove this logic.
Finally wrote this in a HttpModule and wired it in the request pipeline, once testing is done its as simple as deleting off that 1 line in web.config. For more details on HttpModule, here is one i wrote for some other reason.
Unfortunately clients needed to test the app during the down time and hence i need to allow list of users and server down message for rest, i started coding this logic in Application_AuthenticateRequest , ahhh what am i thinking coding this in app and i need to move the app again to remove this logic.
Finally wrote this in a HttpModule and wired it in the request pipeline, once testing is done its as simple as deleting off that 1 line in web.config. For more details on HttpModule, here is one i wrote for some other reason.
Thursday, September 28, 2006
Ajax Ondemand Tooltip
Client wanted to show a tooltip containing details for key column on mouseover. After talking to him 2 mins, it is clear that they really don't need this for every key showed in the screen, rather interested only a select few. Typical case for on-demand tooltip, i should be lucky today, i happen to cross the overlib tooltip js and ASP.net Ajax WS call to get the details and display a overlib tooltip on dblclick of text and it can be either closed manually or it'll autoclose in 5 secs.
Probably something likethis or intelliTxt might show up in the control toolkit. Here is the sample code.
Tuesday, September 26, 2006
web.config configuration node xmlnamespace issue
I had developed and using a data access component which readds the db configuration from app.config. Today i was told it is not working and it indeed was not able to select the db config details node. After few mins of hit-n-miss, the issue is due to xmlnamespace attrib in configuration node. Once i remove the xmlns , i was able to select the specified node
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<dataConfig ...
XmlNode enterpriseLibraryDataNode = appConfigDoc.SelectSingleNode(@"/configuration/dataConfig");
Not sure from where the dev team got this namespace from, googling a bit tells me its a VS 2005 beta release bug. Whatever the case, i hate to find a simple attribute crashing straight forward xml dom select node code.
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<dataConfig ...
XmlNode enterpriseLibraryDataNode = appConfigDoc.SelectSingleNode(@"/configuration/dataConfig");
Not sure from where the dev team got this namespace from, googling a bit tells me its a VS 2005 beta release bug. Whatever the case, i hate to find a simple attribute crashing straight forward xml dom select node code.
Saturday, September 16, 2006
downloading streaming media ...
I get this request many times, how to download streaming media, like download song from raaga.com or download movie from tamilgrounds.com. I'm not going to give lot of details , to put it simply *anything* playable from internet should be downloadable, all we need to find underlying media url and save the file.
Many a times finding the playing media url is going to be bit tricky, we should be able to get it using any packet sniffer, I use very much tailored app for this URL Snooper and use Flashget as download manager, but any packet sniffer should do.
Signing off with link to tamil drama's (credits Gg)
Many a times finding the playing media url is going to be bit tricky, we should be able to get it using any packet sniffer, I use very much tailored app for this URL Snooper and use Flashget as download manager, but any packet sniffer should do.
Signing off with link to tamil drama's (credits Gg)
Friday, September 15, 2006
Tuesday, September 12, 2006
Ready Set Grow case study from Microsoft
I was searching for some MSFT article for the F5 IIS session bump issue and sporadically searched for schwan and landed in the RSG case study. Not sure this is only version MSFT has.
Right bar lists, Microsoft BizTalk Server 2006 & Microsoft Visual Studio 2005 in products and technologies. Hmm how come VS2005 & Biz2006 was used, when we started project in Jan '04
:-)
Right bar lists, Microsoft BizTalk Server 2006 & Microsoft Visual Studio 2005 in products and technologies. Hmm how come VS2005 & Biz2006 was used, when we started project in Jan '04
:-)
Thursday, September 07, 2006
ASP.net session bump/hijack issue - F5 & IIS cluster
I haven't seen this issue personally, but it is confirmed from multiple sources this happens. In short: user rarely bumps into another user's session, in verbose: user logs into web app and uses it for a while and all of a sudden gets data that is not in his session.
Current prod infrastructure is IIS cluster behind F5. Session affinity is set to 20 mins and IIS session time-out is set 20 mins. Session location is in-proc.
I have seen request getting postedback to different webserver and hence viewstate validation fail with exception CryptographicException: Bad Data. Authentication of viewstate failed. ...
i don't know how F5 works but i guess F5 lost identifier of the user and hence thinks it as new user and routes request to different web server. This is a normal issue and we can either turnoff viewstate encryption or explicitly specify viewstate encryption key in all servers in cluster.
But i have to totally rule out F5 from the session bump/hijack issue, 'coz F5 has no idea what asp.net session is, that is something internal to aspnet_wp.exe (IIS5) or w3wp.exe (IIS6).
Under the hood, aspnet maintains the session id using ASP.NET_SessionId cookie and IIS can guarantee its uniqueness across its requests. Here is an MSFT KB about reusing session id for apps in same DNS domain and this article explains behind the scene how asp.net serves request.
I'm guessing this could be the cause,
userA hits webserver1 in cluster in the initial request and F5 should take us to the same server for subsequent requests.
If F5 sends the userA's request to webserver2 in middle of the session, and by happenstance (theoretically this may be possible) userA's ASP.NET_SessionId is already assigned by webserver2 to some other user (say userB), then aspnet engine will think userA as userB and assign userB's sessionstate to this request.
Pls leave a note if you think this may be possible or how you think this could be happening.
I expect IIS team to provide option to make the sessionid unique in a cluster environment. For now what we planned is to generate a unique sessionid and store it in cookie as well as session, check if they match for every request, if not kill the session, this is going to kill both user's session, but i don't know if there is any way out.
I didn't want to include tis logic in existing app 'coz 1 i'll have to include this logic in every app i write and 2 i'm too lazy. I wrote following HTTPModule and hooked it to web app, ideally something like this should be configured in machine.config so that we don't need to do this every web.config, netiher i don't have authority nor i want to pursue this.
Right now code is written to send a mail when something like this happens (just dropping a line to see if something takes this bait) and it will redirect to itself, so page is written poperly to handle empty session which i expect to be a norm.
using System;
using System.Web;
using System.Web.SessionState;
namespace KCC
{
public class SessionCheck : IHttpModule
{
public SessionCheck() {}
public void Dispose() {}
public void Init(HttpApplication httpApp)
{
httpApp.PreRequestHandlerExecute += new EventHandler(this.PreRequestHandlerExecute);
if (httpApp.Modules["Session"] != null)
{
SessionStateModule session = (SessionStateModule) httpApp.Modules["Session"];
session.Start += new EventHandler(this.OnSessionStart);
}
}
public void OnSessionStart(object sender, EventArgs e)
{
HttpCookie sessionChk = new HttpCookie("KCC.SessionCheck");
sessionChk["iSAS.SessionID"] = Guid.NewGuid().ToString();
sessionChk["iSAS.MacName"] = System.Environment.MachineName;
sessionChk["iSAS.SesStrtTmstmp"] = System.DateTime.Now.ToString();
HttpContext.Current.Response.AppendCookie(sessionChk);
HttpContext.Current.Session["iSAS.SessionID"] = sessionChk["iSAS.SessionID"];
}
private void PreRequestHandlerExecute(object sender, EventArgs e)
{
HttpApplication httpApp = (HttpApplication) sender;
HttpSessionState session = httpApp.Context.Session;
if (session != null) //skip pages which don't use session
{
if(session["iSAS.SessionID"] != null) //skip if session value is empty
{
if (!httpApp.Context.Session.IsNewSession) //skip if new session
{
string szCookieHeader = System.Web.HttpContext.Current.Request.Headers["Cookie"];
if ((null != szCookieHeader) && (szCookieHeader.IndexOf("ASP.NET_SessionId") >= 0)) //skip if new session 2
{
if (httpApp.Request.Cookies["KCC.SessionCheck"] != null) //skip ifCookie not found
{
if (httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.SessionID"] != null) //skip if cookie data not found
{
if (session["iSAS.SessionID"].ToString().Trim() != httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.SessionID"].ToString().Trim())
{
System.Text.StringBuilder info = new System.Text.StringBuilder();
if (httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.SesStrtTmstmp"] != null)
info.Append("Session start time: " + httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.SesStrtTmstmp"].ToString());
info.Append("<br/>");
if (httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.MacName"] != null)
info.Append("Session start web server name: " + httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.MacName"].ToString());
info.Append("<br/>");
info.Append("Current time " + System.DateTime.Now.ToString());
info.Append("<br/>");
info.Append("Current web server " + System.Environment.MachineName);
info.Append("<br/>");
info.Append("Logged on NTID" + httpApp.Context.Request.ServerVariables.Get("LOGON_USER").ToString());
info.Append("<br/>");
if (session["NTID"] != null) info.Append("Current NTID in session" + session["NTID"].ToString());
info.Append("<br/>");
info.Append("URL " + httpApp.Request.Url.ToString());
info.Append("<br/>");
System.Web.Mail.MailMessage msg = new System.Web.Mail.MailMessage();
msg.To = "me@mail.com";
msg.Subject = "-- SESSION HIJACK ISSUE --";
msg.From = "me@mail.com";
msg.Body = info.ToString();
msg.BodyFormat = System.Web.Mail.MailFormat.Html;
try
{
System.Web.Mail.SmtpMail.SmtpServer = "mailhost.com";
System.Web.Mail.SmtpMail.Send(msg);
}
catch //do nothing
{}
httpApp.Context.Response.Cookies["KCC.SessionCheck"].Expires = DateTime.Now.AddYears(-1);
session.Abandon();
httpApp.Context.Response.Write(httpApp.Context.Request.Url.AbsoluteUri.ToString());
httpApp.Context.Response.Redirect(httpApp.Context.Request.Url.AbsoluteUri.ToString(),true);
httpApp.CompleteRequest();
}
}
}
}
}
}
}
}
}
}
For further reading, Foiling Session Hijacking Attempts and HTTP application executes events sequence.
Current prod infrastructure is IIS cluster behind F5. Session affinity is set to 20 mins and IIS session time-out is set 20 mins. Session location is in-proc.
I have seen request getting postedback to different webserver and hence viewstate validation fail with exception CryptographicException: Bad Data. Authentication of viewstate failed. ...
i don't know how F5 works but i guess F5 lost identifier of the user and hence thinks it as new user and routes request to different web server. This is a normal issue and we can either turnoff viewstate encryption or explicitly specify viewstate encryption key in all servers in cluster.
But i have to totally rule out F5 from the session bump/hijack issue, 'coz F5 has no idea what asp.net session is, that is something internal to aspnet_wp.exe (IIS5) or w3wp.exe (IIS6).
Under the hood, aspnet maintains the session id using ASP.NET_SessionId cookie and IIS can guarantee its uniqueness across its requests. Here is an MSFT KB about reusing session id for apps in same DNS domain and this article explains behind the scene how asp.net serves request.
I'm guessing this could be the cause,
userA hits webserver1 in cluster in the initial request and F5 should take us to the same server for subsequent requests.
If F5 sends the userA's request to webserver2 in middle of the session, and by happenstance (theoretically this may be possible) userA's ASP.NET_SessionId is already assigned by webserver2 to some other user (say userB), then aspnet engine will think userA as userB and assign userB's sessionstate to this request.
Pls leave a note if you think this may be possible or how you think this could be happening.
I expect IIS team to provide option to make the sessionid unique in a cluster environment. For now what we planned is to generate a unique sessionid and store it in cookie as well as session, check if they match for every request, if not kill the session, this is going to kill both user's session, but i don't know if there is any way out.
I didn't want to include tis logic in existing app 'coz 1 i'll have to include this logic in every app i write and 2 i'm too lazy. I wrote following HTTPModule and hooked it to web app, ideally something like this should be configured in machine.config so that we don't need to do this every web.config, netiher i don't have authority nor i want to pursue this.
Right now code is written to send a mail when something like this happens (just dropping a line to see if something takes this bait) and it will redirect to itself, so page is written poperly to handle empty session which i expect to be a norm.
using System;
using System.Web;
using System.Web.SessionState;
namespace KCC
{
public class SessionCheck : IHttpModule
{
public SessionCheck() {}
public void Dispose() {}
public void Init(HttpApplication httpApp)
{
httpApp.PreRequestHandlerExecute += new EventHandler(this.PreRequestHandlerExecute);
if (httpApp.Modules["Session"] != null)
{
SessionStateModule session = (SessionStateModule) httpApp.Modules["Session"];
session.Start += new EventHandler(this.OnSessionStart);
}
}
public void OnSessionStart(object sender, EventArgs e)
{
HttpCookie sessionChk = new HttpCookie("KCC.SessionCheck");
sessionChk["iSAS.SessionID"] = Guid.NewGuid().ToString();
sessionChk["iSAS.MacName"] = System.Environment.MachineName;
sessionChk["iSAS.SesStrtTmstmp"] = System.DateTime.Now.ToString();
HttpContext.Current.Response.AppendCookie(sessionChk);
HttpContext.Current.Session["iSAS.SessionID"] = sessionChk["iSAS.SessionID"];
}
private void PreRequestHandlerExecute(object sender, EventArgs e)
{
HttpApplication httpApp = (HttpApplication) sender;
HttpSessionState session = httpApp.Context.Session;
if (session != null) //skip pages which don't use session
{
if(session["iSAS.SessionID"] != null) //skip if session value is empty
{
if (!httpApp.Context.Session.IsNewSession) //skip if new session
{
string szCookieHeader = System.Web.HttpContext.Current.Request.Headers["Cookie"];
if ((null != szCookieHeader) && (szCookieHeader.IndexOf("ASP.NET_SessionId") >= 0)) //skip if new session 2
{
if (httpApp.Request.Cookies["KCC.SessionCheck"] != null) //skip ifCookie not found
{
if (httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.SessionID"] != null) //skip if cookie data not found
{
if (session["iSAS.SessionID"].ToString().Trim() != httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.SessionID"].ToString().Trim())
{
System.Text.StringBuilder info = new System.Text.StringBuilder();
if (httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.SesStrtTmstmp"] != null)
info.Append("Session start time: " + httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.SesStrtTmstmp"].ToString());
info.Append("<br/>");
if (httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.MacName"] != null)
info.Append("Session start web server name: " + httpApp.Request.Cookies["KCC.SessionCheck"]["iSAS.MacName"].ToString());
info.Append("<br/>");
info.Append("Current time " + System.DateTime.Now.ToString());
info.Append("<br/>");
info.Append("Current web server " + System.Environment.MachineName);
info.Append("<br/>");
info.Append("Logged on NTID" + httpApp.Context.Request.ServerVariables.Get("LOGON_USER").ToString());
info.Append("<br/>");
if (session["NTID"] != null) info.Append("Current NTID in session" + session["NTID"].ToString());
info.Append("<br/>");
info.Append("URL " + httpApp.Request.Url.ToString());
info.Append("<br/>");
System.Web.Mail.MailMessage msg = new System.Web.Mail.MailMessage();
msg.To = "me@mail.com";
msg.Subject = "-- SESSION HIJACK ISSUE --";
msg.From = "me@mail.com";
msg.Body = info.ToString();
msg.BodyFormat = System.Web.Mail.MailFormat.Html;
try
{
System.Web.Mail.SmtpMail.SmtpServer = "mailhost.com";
System.Web.Mail.SmtpMail.Send(msg);
}
catch //do nothing
{}
httpApp.Context.Response.Cookies["KCC.SessionCheck"].Expires = DateTime.Now.AddYears(-1);
session.Abandon();
httpApp.Context.Response.Write(httpApp.Context.Request.Url.AbsoluteUri.ToString());
httpApp.Context.Response.Redirect(httpApp.Context.Request.Url.AbsoluteUri.ToString(),true);
httpApp.CompleteRequest();
}
}
}
}
}
}
}
}
}
}
For further reading, Foiling Session Hijacking Attempts and HTTP application executes events sequence.
Chennai satellite town
Irrespective of what Ramadoss/JJ/KK thinks about the chennai satellite town, this is going to come up. Reason cited for objection "destroying fertile lands", CRAP! what if NY residents opposed to so called encroachment of urban buildings some 100 yrs back; ok tamil heroine's will have to look for different city to dance around, nothing much.
Current facilities is super sufficent for chennai city (if we can roll back 10 yrs). What leaders don't have is a vision (Dr. APJ strsses this in almost all his speeches), even the most hated Hitler had a vision to make Germany a modern nation, if not they will not have Autobahn now. Hmm, why should J needs to worry if she has to identify something everyday to spit out "arrikai".
Nothing is going to improve if TN politics is going to roll around J & K.
Vande Mataram!
:-s
Current facilities is super sufficent for chennai city (if we can roll back 10 yrs). What leaders don't have is a vision (Dr. APJ strsses this in almost all his speeches), even the most hated Hitler had a vision to make Germany a modern nation, if not they will not have Autobahn now. Hmm, why should J needs to worry if she has to identify something everyday to spit out "arrikai".
Nothing is going to improve if TN politics is going to roll around J & K.
Vande Mataram!
:-s
Wednesday, September 06, 2006
asp:CustomValidator changing ErrorMessage displayed
requirement: custom validate the amount value; is required only if ddlContributionType value is 2 or 3.
code:
<!-- aspx -- >
<asp:dropdownlist id="ddlContributionType" runat="server">
<asp:textbox id="txtAmount" runat="server">
<asp:customvalidator id="CustomValidateAmount" runat="server" controltovalidate="txtAmount" errormessage="Invalid" clientvalidationfunction="CustomValidateAmount_ClientValidate" onservervalidate="CustomValidateAmount_ServerValidate" />
function CustomValidateAmount_ClientValidate(oSource,oArguments)
{
var ddlContributionType;
if (oSource.getAttribute("ContributionType") != null)
{
ddlContributionType = document.getElementById(oSource.getAttribute("ContributionType"));
}
if (ddlContributionType != null)
{
if ( (ddlContributionType.value != "2") && (ddlContributionType.value != "3") )
{
oArguments.IsValid = true;
return;
}
}
else
{
oArguments.IsValid = true;
return;
}
var amount = oArguments.Value;
oArguments.IsValid = false;
if ( isNaN(amount) == true)
{
oSource.innerHTML = "Invalid amount";
return;
}
var re = new RegExp("^\\d+(\\.\\d{1,2})?$");
m = amount.match(re);
if (m == null)
{
oSource.innerHTML = "Invalid amount format";
return;
}
if ( amount < innerhtml = "Minimum donation of $1 required"> 9999.99 )
{
oSource.innerHTML = "Maximum donation is $9999.99";
return;
}
oArguments.IsValid = true;
}
' .aspx.vb Page_Load
CustomValidateAmount.Attributes("ContributionType") = ddlContributionType.ClientID.ToString()
I explicity not included the check if required for condition 2 or 3, as i re-use an existing validator (RequiredFieldValidatorWithAEnablingCondition) that i developed long back, will mail the code if requested
<KCC:RequiredFieldValidatorWithAEnablingCondition runat="server" ID="RequiredFieldValidatorWithAEnablingConditionAmount" ControlToValidate="txtAmount"
ControlToCompare="ddlContributionType" TriggerValue="2;3" ErrorMessage="Required." />
code:
<!-- aspx -- >
<asp:dropdownlist id="ddlContributionType" runat="server">
<asp:textbox id="txtAmount" runat="server">
<asp:customvalidator id="CustomValidateAmount" runat="server" controltovalidate="txtAmount" errormessage="Invalid" clientvalidationfunction="CustomValidateAmount_ClientValidate" onservervalidate="CustomValidateAmount_ServerValidate" />
function CustomValidateAmount_ClientValidate(oSource,oArguments)
{
var ddlContributionType;
if (oSource.getAttribute("ContributionType") != null)
{
ddlContributionType = document.getElementById(oSource.getAttribute("ContributionType"));
}
if (ddlContributionType != null)
{
if ( (ddlContributionType.value != "2") && (ddlContributionType.value != "3") )
{
oArguments.IsValid = true;
return;
}
}
else
{
oArguments.IsValid = true;
return;
}
var amount = oArguments.Value;
oArguments.IsValid = false;
if ( isNaN(amount) == true)
{
oSource.innerHTML = "Invalid amount";
return;
}
var re = new RegExp("^\\d+(\\.\\d{1,2})?$");
m = amount.match(re);
if (m == null)
{
oSource.innerHTML = "Invalid amount format";
return;
}
if ( amount < innerhtml = "Minimum donation of $1 required"> 9999.99 )
{
oSource.innerHTML = "Maximum donation is $9999.99";
return;
}
oArguments.IsValid = true;
}
' .aspx.vb Page_Load
CustomValidateAmount.Attributes("ContributionType") = ddlContributionType.ClientID.ToString()
I explicity not included the check if required for condition 2 or 3, as i re-use an existing validator (RequiredFieldValidatorWithAEnablingCondition) that i developed long back, will mail the code if requested
<KCC:RequiredFieldValidatorWithAEnablingCondition runat="server" ID="RequiredFieldValidatorWithAEnablingConditionAmount" ControlToValidate="txtAmount"
ControlToCompare="ddlContributionType" TriggerValue="2;3" ErrorMessage="Required." />
Monday, September 04, 2006
Is life hitch hiking ?
Today saw Discovery documentry on panspermia, wonder what finally turned out in "kerala red rain". School taught the evolution theory, temple preached "intelligent design", after all who cares about these, idea is to stuff the answer paper and get results in mark sheet.
I think i really didn't take any side here, where do U stand ?
I think i really didn't take any side here, where do U stand ?
Saturday, September 02, 2006
LDAP authentication in website
Got a requet from a client to provide LDAP authentication in exisiting ASP website, in plain terms authenticate users using thier domain id and password. Initial thought of intergrated win auth was ruled out 'coz of Kiosk based computers used. Should make sure we SSL the page.
'ASP code
Const ADS_SECURE_AUTHENTICATION = &H1
On Error Resume Next
Err.Clear
Set dso = GetObject("LDAP:")
Set domain = dso.OpenDSObject("LDAP://server.com", strUserName, strUserPassword, ADS_SECURE_AUTHENTICATION)
If Err.number <> 0 then
Response.Write("Invalid login. Err.number=" & Err.number)
Else
Response.Write("Valid login. Err.number=" & Err.number)
End If
Set dso = Nothing
Set domain = Nothing
Also same functionality in ASP.net 1.0 http://support.microsoft.com/?id=326340.
'ASP code
Const ADS_SECURE_AUTHENTICATION = &H1
On Error Resume Next
Err.Clear
Set dso = GetObject("LDAP:")
Set domain = dso.OpenDSObject("LDAP://server.com", strUserName, strUserPassword, ADS_SECURE_AUTHENTICATION)
If Err.number <> 0 then
Response.Write("Invalid login. Err.number=" & Err.number)
Else
Response.Write("Valid login. Err.number=" & Err.number)
End If
Set dso = Nothing
Set domain = Nothing
Also same functionality in ASP.net 1.0 http://support.microsoft.com/?id=326340.
dinamalar epaper
Its becoming almost an habit to read dinamalar in original paper format. Today i thought of scrapping the content for offline viewing, it was rediculously simple, here goes the code.
using System;
using System.Drawing;
using System.Text;
using System.Net;
using System.IO;
namespace GetDinamalar
{
class Class1
{
[STAThread]
static void Main(string[] args)
{
DoWork();
}
static void DoWork()
{
// /Web/PagePrint/YYYY/MM/DD/DD_MM_YYYY_001.pdf
try
{
int pgCtr=1;
Console.WriteLine("Booting up ....");
string folderpath = Path.Combine(Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location.ToString()),DateTime.Now.ToString("MM.dd.yyyy") );
Directory.CreateDirectory(folderpath) ;
WebProxy proxy = null;
Microsoft.Win32.RegistryKey reg1 = Microsoft.Win32.Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Internet Settings", true);
if (reg1.GetValue("ProxyEnable", "1").ToString() == "1")
{
proxy = new WebProxy("http://" + reg1.GetValue("ProxyServer", "proxy.isas.com:80").ToString(),true,null,CredentialCache.DefaultCredentials);
}
reg1.Close();
while(true)
{
Console.WriteLine("Sending request to web for page " + pgCtr.ToString());
string address = "http://epaper.dinamalar.com/Web/PagePrint/" + DateTime.Now.ToString("yyyy/MM/dd/dd_MM_yyyy_") + pgCtr.ToString().PadLeft(3,'0') + ".pdf";
WebRequest httpRequest = WebRequest.Create(address);
if(proxy != null) httpRequest.Proxy = proxy;
Stream ReceiveStream = null;
try
{
ReceiveStream = httpRequest.GetResponse().GetResponseStream();
}
catch
{
return;
}
string filePath = Path.Combine(folderpath ,DateTime.Now.ToString("yyyy_MM_dd_") + pgCtr.ToString().PadLeft(3,'0') + ".pdf");
FileStream fs = new FileStream(filePath, FileMode.Create,FileAccess.Write);
BinaryWriter binWrt = new BinaryWriter(fs);
binWrt.BaseStream.Seek(0, SeekOrigin.End);
int data=0;
byte [] buffer = new byte [1024];
while ((data=ReceiveStream.Read(buffer,0,1024))>0)
{
binWrt.Write(buffer,0,data);
}
binWrt.Flush() ;
binWrt.Close() ;
pgCtr++;
}
}
catch (Exception exception)
{
Console.WriteLine("Error:" + exception.ToString());
Console.Read();
}
finally
{
Console.WriteLine("Exiting process ...");
}
}
}
}
using System;
using System.Drawing;
using System.Text;
using System.Net;
using System.IO;
namespace GetDinamalar
{
class Class1
{
[STAThread]
static void Main(string[] args)
{
DoWork();
}
static void DoWork()
{
// /Web/PagePrint/YYYY/MM/DD/DD_MM_YYYY_001.pdf
try
{
int pgCtr=1;
Console.WriteLine("Booting up ....");
string folderpath = Path.Combine(Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location.ToString()),DateTime.Now.ToString("MM.dd.yyyy") );
Directory.CreateDirectory(folderpath) ;
WebProxy proxy = null;
Microsoft.Win32.RegistryKey reg1 = Microsoft.Win32.Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Internet Settings", true);
if (reg1.GetValue("ProxyEnable", "1").ToString() == "1")
{
proxy = new WebProxy("http://" + reg1.GetValue("ProxyServer", "proxy.isas.com:80").ToString(),true,null,CredentialCache.DefaultCredentials);
}
reg1.Close();
while(true)
{
Console.WriteLine("Sending request to web for page " + pgCtr.ToString());
string address = "http://epaper.dinamalar.com/Web/PagePrint/" + DateTime.Now.ToString("yyyy/MM/dd/dd_MM_yyyy_") + pgCtr.ToString().PadLeft(3,'0') + ".pdf";
WebRequest httpRequest = WebRequest.Create(address);
if(proxy != null) httpRequest.Proxy = proxy;
Stream ReceiveStream = null;
try
{
ReceiveStream = httpRequest.GetResponse().GetResponseStream();
}
catch
{
return;
}
string filePath = Path.Combine(folderpath ,DateTime.Now.ToString("yyyy_MM_dd_") + pgCtr.ToString().PadLeft(3,'0') + ".pdf");
FileStream fs = new FileStream(filePath, FileMode.Create,FileAccess.Write);
BinaryWriter binWrt = new BinaryWriter(fs);
binWrt.BaseStream.Seek(0, SeekOrigin.End);
int data=0;
byte [] buffer = new byte [1024];
while ((data=ReceiveStream.Read(buffer,0,1024))>0)
{
binWrt.Write(buffer,0,data);
}
binWrt.Flush() ;
binWrt.Close() ;
pgCtr++;
}
}
catch (Exception exception)
{
Console.WriteLine("Error:" + exception.ToString());
Console.Read();
}
finally
{
Console.WriteLine("Exiting process ...");
}
}
}
}
Back from Hibernation :-)
It is almost 3 months i blogged, got myself tied up for happier personal reasons. To re-start with c# (.net 1.x) code to scrap daily dilbert comic and set it as desktop wallpaper.
Due to frequent demand for this, download the application here. Copy GetDilbert.exe to a folder and create a shortcut in windows startup.
using System;
using System.Drawing;
using System.Text;
using System.Net;
using System.IO;
using System.Text.RegularExpressions;
using System.Runtime.InteropServices;
namespace GetDilbert
{
class Class1
{
private const int SPI_SETDESKWALLPAPER = 0X14;
private const int SPIF_UPDATEINIFILE = 0X1;
private const int SPIF_SENDWININICHANGE = 0X2;
[DllImport("USER32.DLL", EntryPoint = "SystemParametersInfo", SetLastError = true)]
private static extern int SystemParametersInfo(int uAction, int uParam, string lpvParam, int fuWinIni);
[STAThread]
static void Main(string[] args)
{
DoWork();
}
static void DoWork()
{
try
{
Console.WriteLine("Booting up ....");
string address = "http://www.dilbert.com/comics/dilbert/archive/";
WebProxy proxy = null;
WebRequest httpRequest = WebRequest.Create(address);
Microsoft.Win32.RegistryKey reg1 = Microsoft.Win32.Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Internet Settings", true);
if (reg1.GetValue("ProxyEnable", "1").ToString() == "1")
{
proxy = new WebProxy("http://" + reg1.GetValue("ProxyServer", "proxy.isas.com:80").ToString(),true,null,CredentialCache.DefaultCredentials);
}
reg1.Close();
string streamText = null;
Console.WriteLine("Sending request to web ...");
if(proxy != null) httpRequest.Proxy = proxy;
using (StreamReader rdr = new StreamReader(httpRequest.GetResponse().GetResponseStream(), System.Text.Encoding.ASCII))
{
streamText = rdr.ReadToEnd();
}
Console.WriteLine("Scrapping web response ...");
Match match = Regex.Match(streamText,@"/comics/dilbert/archive/images/(\w+).(gifjpg)",RegexOptions.IgnoreCase);
if (match != Match.Empty)
{
string imageLocation = Path.Combine(Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location.ToString()),"Dilbert_" + DateTime.Now.ToString("MM.dd.yyyy") + ".bmp");
Console.WriteLine("Downloading todays comic ...");
httpRequest = WebRequest.Create("http://www.dilbert.com" + match.Value);
if(proxy != null) httpRequest.Proxy = proxy;
using (Bitmap bmp = new Bitmap(httpRequest.GetResponse().GetResponseStream()))
{
bmp.Save(imageLocation, System.Drawing.Imaging.ImageFormat.Bmp);
}
Console.WriteLine("Setting as desktop wallpaper...");
Microsoft.Win32.RegistryKey reg = Microsoft.Win32.Registry.CurrentUser.OpenSubKey("Control Panel\\Desktop", true);
reg.SetValue("TileWallpaper", "0");
reg.SetValue("WallpaperStyle", "0");
reg.Close();
SystemParametersInfo(SPI_SETDESKWALLPAPER, 0, imageLocation, SPIF_UPDATEINIFILE SPIF_SENDWININICHANGE);
Console.WriteLine("Shutting down app.");
}
}
catch (Exception exception)
{
Console.WriteLine("Error:" + exception.ToString());
Console.Read();
}
}
}
}
Due to frequent demand for this, download the application here. Copy GetDilbert.exe to a folder and create a shortcut in windows startup.
using System;
using System.Drawing;
using System.Text;
using System.Net;
using System.IO;
using System.Text.RegularExpressions;
using System.Runtime.InteropServices;
namespace GetDilbert
{
class Class1
{
private const int SPI_SETDESKWALLPAPER = 0X14;
private const int SPIF_UPDATEINIFILE = 0X1;
private const int SPIF_SENDWININICHANGE = 0X2;
[DllImport("USER32.DLL", EntryPoint = "SystemParametersInfo", SetLastError = true)]
private static extern int SystemParametersInfo(int uAction, int uParam, string lpvParam, int fuWinIni);
[STAThread]
static void Main(string[] args)
{
DoWork();
}
static void DoWork()
{
try
{
Console.WriteLine("Booting up ....");
string address = "http://www.dilbert.com/comics/dilbert/archive/";
WebProxy proxy = null;
WebRequest httpRequest = WebRequest.Create(address);
Microsoft.Win32.RegistryKey reg1 = Microsoft.Win32.Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Internet Settings", true);
if (reg1.GetValue("ProxyEnable", "1").ToString() == "1")
{
proxy = new WebProxy("http://" + reg1.GetValue("ProxyServer", "proxy.isas.com:80").ToString(),true,null,CredentialCache.DefaultCredentials);
}
reg1.Close();
string streamText = null;
Console.WriteLine("Sending request to web ...");
if(proxy != null) httpRequest.Proxy = proxy;
using (StreamReader rdr = new StreamReader(httpRequest.GetResponse().GetResponseStream(), System.Text.Encoding.ASCII))
{
streamText = rdr.ReadToEnd();
}
Console.WriteLine("Scrapping web response ...");
Match match = Regex.Match(streamText,@"/comics/dilbert/archive/images/(\w+).(gifjpg)",RegexOptions.IgnoreCase);
if (match != Match.Empty)
{
string imageLocation = Path.Combine(Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location.ToString()),"Dilbert_" + DateTime.Now.ToString("MM.dd.yyyy") + ".bmp");
Console.WriteLine("Downloading todays comic ...");
httpRequest = WebRequest.Create("http://www.dilbert.com" + match.Value);
if(proxy != null) httpRequest.Proxy = proxy;
using (Bitmap bmp = new Bitmap(httpRequest.GetResponse().GetResponseStream()))
{
bmp.Save(imageLocation, System.Drawing.Imaging.ImageFormat.Bmp);
}
Console.WriteLine("Setting as desktop wallpaper...");
Microsoft.Win32.RegistryKey reg = Microsoft.Win32.Registry.CurrentUser.OpenSubKey("Control Panel\\Desktop", true);
reg.SetValue("TileWallpaper", "0");
reg.SetValue("WallpaperStyle", "0");
reg.Close();
SystemParametersInfo(SPI_SETDESKWALLPAPER, 0, imageLocation, SPIF_UPDATEINIFILE SPIF_SENDWININICHANGE);
Console.WriteLine("Shutting down app.");
}
}
catch (Exception exception)
{
Console.WriteLine("Error:" + exception.ToString());
Console.Read();
}
}
}
}
Monday, May 01, 2006
Microsoft.Web.AJAX
In past i was intrigued by new mail notification feature in Outlook Web Access {tracking back OWA history} and kept wondering on technology behind that.
Enter Google Maps, everything changed after people coined term AJAX . Happen to learn concept of remote scripting in last project which used JSRS technique to get data for dropdowns and help text from server for controls. And i decided to look out for alternatives/options for this new wave (hype?) of web programming model. Ajax.NET Professional seems to be easier to use. But support to asp.net controls are limited, and when googling around that ended up in ASP.Net 2.0 Client Callback feature & Atlas April CTP, Expect Atlas to shadow the limited callback feature of asp.net 2.0
Here is a 18 mins video demo on Developing ASP.NET 2.0 Applications using "Atlas" by Scott G. Its kind-of Houdini show, when you see him write a Todolist web page and AJAX enabling the page, all under 18 mins and without writing a SINGLE line of javascript! I can understand why java community hates MS. Have time? See Atlas in action
From an architect point of view, Ajax usage may probably violate tiered approach and presentation tier code may end up spaghetti, isn't the idea of asp.net code behind model is to avoid this. Atlas overcomes this by providing a declarative programming model for Ajax and enabling use of asp.net server controls
I gotta give credits to MS for developing something like Atlas, even though its an alternative to Smart Client architecture that MS wants to use for rich web apps. But, I'd expect to use this in limited and for appropriate cases and i don't want follow Ajax bandwagon of creating single-page interface application in web, IMHO web apps are not supposed to work that way, rather leverage on Ajax features in cases where it demands like Google Suggest. To end with an interesting fact i happen to learn how Google prevents against excessive queries, mainLoop sets itself up to be called repeatedly using the javascript setTimeout function, instead of keydown events, handling fast typers on slow connections and also timeout interval between calls seems to be dynamic, adjusted according to how quickly the server responds.
Tuesday, April 25, 2006
iPod encounters
I never thought of buying an iPod, and had been very much satisfied with Nomad Muvo 512, which i still believe gives good bang for buck. Until company gave all an iPod Video 30G. It was a more than a surprise when it got shipped in less than 48 hours from Shangai, CN to Knoxville, TN; hmm FedEx! Anyway here I’m trying to abuse this piece of electronic.
Anyone will fall for the slick user interface and cool click wheel, but when you start using it from a WinX OS, you are hit with a quite a bit of annoyances. iTunes interface for iPod is one crazy software, it doesn’t tell you if a selected/drag-n-dropped media file is not supported or anything, it just acts dumb. I can understand if Apple decided not to support many WinX media formats in iTunes, but I expect them to provide atleast an encoder in it to support those? I'v got ephPod downloaded; breathing fire over iTunes shoulder, waiting to make that kill.
Media are internally stored with cryptic file names, once I get them in, I don’t know how to backup them with original file names. A useless info I gained while googling for converters, AAC (internal media format) doesn’t (surprisingly) stand for Apple Audio Codec.
MediaCoder did most of the work converting all my audio collections in myriad formats to AAC (pointe de note: Only Nero AAC Encoder was able to convert my rm’s and gave better conversion quality over iTunesEncoder). Sadly I was not able to convert mpeg/dvd-rips using MediaCoder video conversion, even converting strictly to Apple iPOD supported video formats (tried both MPEG-4 & H.264 video in 768 Kbps); not able to get any support in web for this software, should be satified to have a free converter for most used feature of iPOD. Finally ended up using Xilisoft iPOD video converter, there is lot on the market.
And finally a note on v.rarely talked about feature, eBooks, check out yourself thousands of free ebooks for iPOD @ http://manybooks.net.
Keeping issues aside, iPod gets whatz supposed to: look&feel, good battery (audio only, video drains out battery v.v.quickly, drains 75% in 10-15 mins video playback), simple and easy interface and more than anything raising eyebrows in next seat ;-)
Bye and Happy iPoding.
Anyone will fall for the slick user interface and cool click wheel, but when you start using it from a WinX OS, you are hit with a quite a bit of annoyances. iTunes interface for iPod is one crazy software, it doesn’t tell you if a selected/drag-n-dropped media file is not supported or anything, it just acts dumb. I can understand if Apple decided not to support many WinX media formats in iTunes, but I expect them to provide atleast an encoder in it to support those? I'v got ephPod downloaded; breathing fire over iTunes shoulder, waiting to make that kill.
Media are internally stored with cryptic file names, once I get them in, I don’t know how to backup them with original file names. A useless info I gained while googling for converters, AAC (internal media format) doesn’t (surprisingly) stand for Apple Audio Codec.
MediaCoder did most of the work converting all my audio collections in myriad formats to AAC (pointe de note: Only Nero AAC Encoder was able to convert my rm’s and gave better conversion quality over iTunesEncoder). Sadly I was not able to convert mpeg/dvd-rips using MediaCoder video conversion, even converting strictly to Apple iPOD supported video formats (tried both MPEG-4 & H.264 video in 768 Kbps); not able to get any support in web for this software, should be satified to have a free converter for most used feature of iPOD. Finally ended up using Xilisoft iPOD video converter, there is lot on the market.
And finally a note on v.rarely talked about feature, eBooks, check out yourself thousands of free ebooks for iPOD @ http://manybooks.net.
Keeping issues aside, iPod gets whatz supposed to: look&feel, good battery (audio only, video drains out battery v.v.quickly, drains 75% in 10-15 mins video playback), simple and easy interface and more than anything raising eyebrows in next seat ;-)
Bye and Happy iPoding.
Thursday, April 06, 2006
Reverse Engineering Taboo
Many (esp in IT world) think this a taboo, well here i'm trying to break. I don’t understand why such negativity associated with this; if this is not so in other industries. Take an automobile manufacturing industry, isn't a common practice to buy competitor product and disassemble it to examine and understand for the purpose of enhancing their vehicles/components. If you can consider that legal (of course if it doesn’t violate any patent/copy-right), then it should be okay to disassemble software for the purpose of understanding and enhancing existing system.
For people who confuse this with Security Hack, question yourself why you have that secured data/logic in the binaries which can be reversed in a matter of seconds (Lutz Roeder's .NET Reflector), esp with the these high-order languages. No, not even NGEN isn't protected from reversing, hmmm, are you still in Fool's Paradise!
Wake-up Buddy. The silent guy in that last desk could be a black hat! Hahahaha.
Wednesday, March 29, 2006
IM - Thin client
I had not used Yahoo Messenger for a long time, and when i decided to change that and statr reaching ppl, my network group policy didn't allow me to run that in my office machine. I was wondering if there was a thin client yahoo client out there that i can use. And did found few e-Messenger & Meebo.
4/10 update: Today i was thinking what can be done if corporate proxy blocks this site, i renamed yPager.exe to iPager.exe and hmm it seems to work by-passing windows GPO !
4/10 update: Today i was thinking what can be done if corporate proxy blocks this site, i renamed yPager.exe to iPager.exe and hmm it seems to work by-passing windows GPO !
Tuesday, March 28, 2006
Remembering Marshall, MN --continued--
R4 Install day
Release 3 Install day
Diwali '04 @ YMCA
Snow @ Independance park
Goosberry Falls, Duluth
A Rest area @ South Dakota
Upper Sioux Agrncy SP, Granite Falls
Release 3 Install day
Diwali '04 @ YMCA
Snow @ Independance park
Goosberry Falls, Duluth
A Rest area @ South Dakota
Upper Sioux Agrncy SP, Granite Falls
Remembering Marshall, MN --continued--
Palisade Head, Duluth
Valley Fair
Sunset @ Lake Sarah
Garvin Park
Split Rock Creek Lighthouse, Duluth
Glacial Lake ?
Home @ Winter
Ice scrapping !!!
Home just before Winter
Last flight from FSD to ORD
Leaving Marshall, MN (Last day to FSD)
Valley Fair
Sunset @ Lake Sarah
Garvin Park
Split Rock Creek Lighthouse, Duluth
Glacial Lake ?
Home @ Winter
Ice scrapping !!!
Home just before Winter
Last flight from FSD to ORD
Leaving Marshall, MN (Last day to FSD)
Remembering Marshall, MN
-- My first American soil --
-- Photo credits Gg --
Wind Mills before Pipestone
Two Harbors, Duluth
Glacial Lake SP
Rainy eve @ Camden SP
Sunset @ Independeance park
Mt. Rushmore
Sioux Falls
Frozen Lake Shetek
Sunset @ Camden SP
July 4th Independance park
Rainy Eve @ Lake Bendon
-- Photo credits Gg --
Wind Mills before Pipestone
Two Harbors, Duluth
Glacial Lake SP
Rainy eve @ Camden SP
Sunset @ Independeance park
Mt. Rushmore
Sioux Falls
Frozen Lake Shetek
Sunset @ Camden SP
July 4th Independance park
Rainy Eve @ Lake Bendon
Wednesday, March 15, 2006
C# and VB.NET
After developing .NET apps using C# for a long time, i'm now into VB.NET. I recollect old days where i was forced into C# from VB and my initial aversion over VB coming from C++. All along my .NET years i presumed VB.NET is C# w/o a ;.
Being developer for quite some time, i think language preference (especially .NET langs, JAVA) is mere personal adoration, i didn't had privilege to choose .NET over J2EE. Reason why Microsoft prefers to code in C# may be due to the fact, they have lot of C++ developers and hence transistion to C# should have been easy. And my first annoyance with VB.NET, feature go to matching ending brace with keyboard shortcut Ctrl + [ is not working or may be i don't know that. Speaking of VS.NET shortcuts, you may want to look at O'Reilly's Mastering Visual Studio .NET Shortcut Key Guide
My googling on Syntactical differences and comparison between VB.NET and C#.
Microsoft white paper on Differences Between Visual Basic .NET and Visual C# .NET
MSDN Language Equivalents comparing different .NET languages
Frank McCown's, C# and VB.NET Comparison quick reference guide
Steven Swafford's, C# and VB.NET Comparison Cheat Sheet a derivative of Frank’s comparison, option to download the material in PDF or Word doc.
There is hell a lot of code translators out there and I doubt full fledged use, but a good tool for developer who moves from one (.NET) language to another,
Alex Lowe's http://authors.aspalliance.com/aldotnet/examples/translate.aspx
Kamal Patel's http://www.kamalpatel.net/ConvertCSharp2VB.aspx
Carlos Aguilar Mares's Translation (VB.NET to C# and vice versa)
http://carlosag.net/Tools/CodeTranslator/Default.aspx
& a commercial tool http://www.remotesoft.com/octopus/try.html
Being developer for quite some time, i think language preference (especially .NET langs, JAVA) is mere personal adoration, i didn't had privilege to choose .NET over J2EE. Reason why Microsoft prefers to code in C# may be due to the fact, they have lot of C++ developers and hence transistion to C# should have been easy. And my first annoyance with VB.NET, feature go to matching ending brace with keyboard shortcut Ctrl + [ is not working or may be i don't know that. Speaking of VS.NET shortcuts, you may want to look at O'Reilly's Mastering Visual Studio .NET Shortcut Key Guide
My googling on Syntactical differences and comparison between VB.NET and C#.
Microsoft white paper on Differences Between Visual Basic .NET and Visual C# .NET
MSDN Language Equivalents comparing different .NET languages
Frank McCown's, C# and VB.NET Comparison quick reference guide
Steven Swafford's, C# and VB.NET Comparison Cheat Sheet a derivative of Frank’s comparison, option to download the material in PDF or Word doc.
There is hell a lot of code translators out there and I doubt full fledged use, but a good tool for developer who moves from one (.NET) language to another,
Alex Lowe's http://authors.aspalliance.com/aldotnet/examples/translate.aspx
Kamal Patel's http://www.kamalpatel.net/ConvertCSharp2VB.aspx
Carlos Aguilar Mares's Translation (VB.NET to C# and vice versa)
http://carlosag.net/Tools/CodeTranslator/Default.aspx
& a commercial tool http://www.remotesoft.com/octopus/try.html
Wednesday, March 01, 2006
Moving on
I am moving on, from the RSG program to my next assignment in a paper tissue manufacturing company. Hope life takes me on a road to more better place, and quote in signature of sign-off email dedicated to Mr KD.
The wise man learns more from the fool than the fool learns from the wise man. - Marcus Aurelius
Sunday, January 15, 2006
RSG! The End.
Ahhhh....................
Alas RSG! Sees the final install (Slow-Roll) and looking back this 2.5 year long program all i can think of is HUGE from all aspects (complexity, code size, team size, ...) Anyone who worked on this will have a lot of things to take with.
Still few things are left like Prod. support and end state switch to all SQL. Talking of that i am more than happy to write that 2 lines of code to return SQL in switch component (XXXX0173, just in case i forget this abused component name)
Some facts on the program, i happen to gather after a while
Alas RSG! Sees the final install (Slow-Roll) and looking back this 2.5 year long program all i can think of is HUGE from all aspects (complexity, code size, team size, ...) Anyone who worked on this will have a lot of things to take with.
Still few things are left like Prod. support and end state switch to all SQL. Talking of that i am more than happy to write that 2 lines of code to return SQL in switch component (XXXX0173, just in case i forget this abused component name)
Some facts on the program, i happen to gather after a while
- 5 Major releases
- 3500 Programs
- 1.8 Tb of disk space
- 350K batch jobs per month
- 490 - Peak team size
- 3837 Person Months
- 900 GB of data from DB2 to SQL Server (913 tables)
- 7 million lines of legacy code replaced with 1.5 million lines of code
- 70% reduction in code base
Subscribe to:
Posts (Atom)
