:::: MENU ::::

Creating a file to Download dynamically in an https / SSL connection

Hi there, 

Here is a tip when you are programming something that you want your file’s path to be hidden. It’s specially when its under a secure connection or https or SSL connection.

  1. Remember the mime type ea. image/jpg
  2. Remember the file name ea. image.jpg
  3. Remember not to put expiration and no-cache on your header
  4. Remember to open it on another tab or window as much as possible
  5. When you are debugging you can remove the headers so the file won’t be downloaded

Hope this tips can help you specially #3 because your download will fail on lower version of IE.

Thanks,



A potentially dangerous Request.Form value was detected from the client

Have you ever experience the following error in ASP .NET?

A potentially dangerous Request.Form value was detected from the client 

Then you are one like me. Then you should now that one of the values of your elements (<inputs> or <button> or <textarea>) has html elements on it. Example is bellow:

<input type=’text’ name=’content’ value='<script language=”javascript”>alert(“Hello World!”);</script>’/>

Then you should also know that this error is persisting because the values given above might be an XSS attack. If you are sure that you want to accept this type of values on your dabatase you may explicitly remove this validation by adding this tag to your page’s masterpage or 1st line of tag.

validateRequest=”false”

If you are on ASP .NET MVC you can add this to your model, assuming that your model has the content variable.

[AllowHtml]
public string content = String.Empty;

Thanks hope it help you allot. Also if you are not familiar with XSS attacks, I will try to make an article for that so you can create your own script that is hack-able, be able to prevent it, and know what are it’s crons.

God Bless!


jStorage:An alternative for Cookies

Have you ever wondered if there is an alternative for Cookies? 

You should, because there are limitation and downsides in using Cookies on your website that massively use this feature.

  1. Cookies has limited size on most browsers
  2. Cookies is transfer to server every page load
  3. If you overload the size of the Cookies it will also eat up the space of session and might remove it

Introducing jStorage, a jQuery way of saving your data to the local client and I quote

jStorage is a cross-browser key-value store database to store data locally in the browser – jStorage supports all major browsers, both in desktop (yes – even Internet Explorer 6) and in mobile.

Yes it even support IE 6!

So how to use it in an easy way?

  1. Include the following references to your project
    1. <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
      <script src="https://raw.github.com/andris9/jStorage/master/jstorage.js"></script>
  2. Use $.jStorage.set(key, value) to save a value 
  3. Use $.jStorage.get(key, “default value”) to get a value

And thats it you are now using jStorage. 

Reference : http://www.jstorage.info/





WCF in Different Domain or Server

Hi There,

Its bean a while since I have updated my blog so I will be posting one of the things that I have experience on my work. That is WCF in Different Domain or Server. One of the main error that you may experience is the same as bellow:

Server Error in ‘/’ Application.


The request for security token could not be satisfied because authentication failed.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed.

Source Error:

Line 87:         
Line 88:         public bool IsExisting(string domain, string username) {
Line 89: return base.Channel.IsExisting(domain, username); Line 90:         }
Line 91:         


Source File: D:\Projects\MobileWeb\MobileWeb\Service References\SykesAD\Reference.cs Line: 89

Stack Trace:

[FaultException: The request for security token could not be satisfied because authentication failed.]
   System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) +8904771
   System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState) +203

[SecurityNegotiationException: The caller was not authenticated by the service.]
   System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) +4729651
   System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) +1725

 

This message or exeception happens in production (published files has been uploaded to IIS) and not when you are currently developing it on your Visual Studio. So what is the solution? Here is the simple solution that made me a little crazy upon gazing unto it.

//Let say here is your Instantiation of your WCF
ClassADClient ad = new ClassADClient();
//Then the solution is to add a credential that the system will use on using the said WCF
//Such as like this
ad.ClientCredentials.Windows.ClientCredential = new NetworkCredential(“domain\\username”, “password”);

That’s it thats the solution and you can now use the said service without the said error.

Hope I help you! 

 

Thanks,
Thomie Jose San Agustin, MCP 


Don’t Ever use Inline Database in MSSQL SP and Query

Hi there!

I have been modifying a source code from my work and it has been a little difficult to test the system in multiple instances of database. This is due the previous developers of the said source code used Inline Query Codes and Connection Strings. In addition to that this Inline Queries and even their Stored Procedure use Inline Database, an example is [Database1].[dbo].[tbl_tableName] which should not be in practice if it is using the same database on the whole coding system.

This kind of practice limits the system to use different database name. For an instance you have a web server that serves both Development and Production Environment. You have a project that needs to have Dev and Prod on the said server. If this practice is used you are limited to one Environment at a time nevertheless you modify each script to change that inline database name. So its better to use [dbo].[tbl_tableName]  than [Database1].[dbo].[tbl_tableName] 

Thanks,

Thomie


Sticky Note Short Cuts

Sticky Note Short Cuts

Type of formatting Keyboard shortcut

Bold text

Ctrl+B

Italic text

Ctrl+I

Underlined text

Ctrl+U

Strikethrough

Ctrl+T

Bulleted list

Ctrl+Shift+L

(Press this keyboard shortcut again to switch to a numbered list.)

Increased text size

Ctrl+Shift+>

Decreased text size

Ctrl+Shift+<


Use Admin Account

1 Click on the Start Menu and Type cmd.
2 Run as Administrator mo yung cmd
3 type mo net user administrator /active:yes
4 logoff ka tapos makikita mo yung master admin account
5 login ka gamit yun
6 edit mo yung host file mo
7 ayan save mo at ok na dapat yan







Delete all MS SQL Stored Procedure

Here is a code that you can user to delete all ms sql stored procedure

DECLARE @procedureName varchar(500)
DECLARE cur CURSOR
      FOR SELECT [name] FROM sys.objects WHERE type = 'p'
      OPEN cur

      FETCH NEXT FROM cur INTO @procedureName
      WHILE @@fetch_status = 0
      BEGIN
            EXEC('DROP PROCEDURE ' + @procedureName)
            FETCH NEXT FROM cur INTO @procedureName
      END
      CLOSE cur
      DEALLOCATE cur

MS SQL Generate Script with Data

Here is a step on how you can make MS SQL Generate Script with Data.

  1. Open your Sql Server Management Studio.
  2. Select your database and right click on it follow just like what is in the image below. Refer to image 1
  3. Click Next until you when thru to the image below and click Advance. Refer to image 2
  4. Scroll down and until this row and update the value just like what is below. Refer to image 3
  5. Click Ok and next until you have generated the said script. Refer to image 4
  6. Now you have a create script that includes the schema at it’s data.

My SII now to ICS

Hi I have successfully upgraded My SII now to ICS yesterday. You can also do it now. Just update your KEIS to version 2.0 and plug your device. Just remember to full charge your phone before doing this update.

 

Thanks,
Thomie


IIS Missing ASP .Net 4.0 Pool

Have you’ve been missing some pool in your IIS for your ASP .Net?

The this article entitle IIS Missing ASP .Net 4.0 Pool will help you.

Chances are, you need to install .NET 4 (Which will also take care of a new AppPool for you)

  1. Open your command prompt (Windows + R) and type cmd and press ENTER
    You may need to start this as an administrator if you have UAC enabled.
    To do so, locate the exe (usually you can start typing with Start Menu open), right click and select “Run as Administrator”
  2. Type cd C:\Windows\Microsoft.NET\Framework\v4.0.30319\ and press ENTER.
  3. Type aspnet_regiis.exe -ir and press ENTER again.
    • at this point you will see it begin working on installing .NET’s framework in to IIS for you
  4. Close the DOS prompt, re-open your start menu and right click Computer and select Manage
  5. Expand the left-hand side (Services and Applications) and select Internet Information Services
    • You’ll now have a new applet within the content window exclusively for IIS.
  6. Expand out your computer and locate the Application Pools node, and select it. (You should now see ASP.NET v4.0 listed)
  7. Expand out your Sites node and locate the site you want to modify (select it)
  8. To the right you’ll notice Basic Settings… just below the Edit Site text. Click this, and a new window should appear
  9. Select the .NET 4 AppPool using the Select… button and click ok.
  10. Restart the site, and you should be good-to-go.

(You can repeat steps 7-on for every site you want to apply .NET 4 on as well)

That’s it!

Thanks,
Thomie