ต้องการขาย Toyota Wish 2.0 Q Limited ตัวท็อป ทะเบียนสวย 7776 มี Sun-Roof สีบรอนซ์เงิน สภาพสวย มีสัญญาขัดเคลือบสีกับ Car-Lack อยู่ ประกันชั้น 1 เพิ่งต่อไปเมื่อกลางเดือน 5 ล้อแม๊กซ์ 15 ของวิชตัวใหม่ ยางใหม่ (ปี 06) มีล้อแม๊กซ์ 17 เดิมให้ด้วยแต่ไม่มียาง เปลี่ยนล้อเพราะต้องการความนุ่มนวล วิ่งไปแล้ว 92,xxx km ระบบเชื้อเพลิง 2 ระบบมีแก๊ส LPG ที่ด้านท้ายช่องวางของ ทำ Console ปิดสวยงาม เบาะแถว 3 ใช้งานได้ปกติ ประหยัดมากๆ ไป-กลับเชียงใหม่มาล่าสุด 2,000 บาท พรมปูพื้นรถอย่างดี ติดม่านบังแดดอย่างดี เครื่องเสียงของ Sony ทั้งชุด เล่น DVD พร้อมทีวีแบบพับได้ สภาพดีมากๆ ต่อ AV ได้ด้วยครับ ติด Censor รอบคันพร้อมหน้าจอบอกระยะห่างด้านหน้า-หลังและซ้าย-ขวาได้ ติดหน้า 2 จุด หลัง 4 จุด ไฟหน้าซีนอน ไฟตัดหมอกสีเหลืองหลอดญี่ปุ่นอย่างดีชุดละ 2,800 บาท ไม่มีน้ำเข้า ไม่มีไหม้แน่นอน แถมลิ้นหน้าเพิ่มทรงสปอร์ทแต่ต้องเอาไปใส่เองนะครับ สามารถดูรูปเพิ่มเติมได้ด้านล่าง
Categories: .NET, Ajax, ASP.NET, Database, General
For more topics about .NET, please updates at http://www.IamSeree.com
I’ll keep all existing topics from here to those place too. Please keep in touch!
Also, please check out my friend’s blog about internet marketing & business news at www.VRBlogger.com
For soccer fans, don’t lose your chance to get a free soccer shirt by subscribe to free member at www.kickerFC.com
Categories: ASP.NET, General
Today I just found a reseller web hosting that support both Windows and Linux platform. Means you can host your web application that built from PHP or any our ASP.NET both on .NET 1.1, 2.0 even 3.0! The price also the point of what I’m surprisingly on. It does cost only £9.99 = $19.93 per month!
Its name eukhost.com.
What are key features?
- Windows platform
- PHP 4.4.4, 5.1.2 + MySQL 5.0.27
- ASP.NET 1.1, 2.0, 3.0!
- Microsoft SQL Server 2005
- Windows Plesk
- Zend optimizer
- Unlimited domains registration
- Unlimited sub-domains
- Online shopping cart
- Inbuilt payment gateway
- 24×7 Supports
See the functionality of this reseller web hosting program, you can say this is a great one that can attract your customer easily! After I found it, I get it already for a plan. ^_^
For anyone who want to get a reasonable & affordable price for ASP.NET reseller web hosting.
Just click here to grab one.
After my last few Transact-SQL training courses, one of my trainee had ask me on this scenario and I thinks it should be useful for most of people who are not concern much about SQL query performance which produce better processing time when compared to generic coding to query the result. You may not clear about what I’m writing now. Just see the following scenario.
Assume I have a table named [Book] which has the following structure.
- BookId as int – identity(1,1) – Primary key
- Title as varchar(100)
- Price as int
Then I assume that manager want a report just like this.
Title Price Price Range Advanced SQL 25 Expensive Intermediate C# 12 Cheap
You should see the column “Price Range” which do not reside in the table structure. Continue, I assume that if the price is expensive than 20 then I count as “Expensive” price range. If the price is less than 15 then I count as “Cheap”.
How should you do this report?
Most of my trainee do the following method.
1. Create an application then query for the columns [Title, Price].
2. They create a new column in report. In case of ASP.NET, they add a new template column into GridView.
3. In querying event for every record. (Such as Item data bound) They coding to check the condition whether the current record is expensive or cheap then output it.
Are there a better solution?
Certainly, If you focus on SQL query optimization. You should got a point to improve the performance of this process.
Let’s see the key.
Do you know about “CASE WHEN” statement in SQL?
Try to figure this query. Especially at the high-light.
SELECT Title, Price,
WHEN price > 20 THEN ‘Expensive’
WHEN price BETWEEN 15 AND 20 THEN ‘Medium’
As ‘Price Range’
With this method, you never do some additional tasks like “adding template column” and “coding for price range”. You just binding this query to the GridView. I call this method “Column morphing” as with this method, you can create new column without structured on the table’s schema and can set the value in the column with any logical that SQL statement support.
So, does it better than the first method?
Definitely sure. Both on performance and less task effort. You can do more about “Column morphing” with the integration of sub-query. Just like the following case.
SELECT Title, Price,
WHEN Price > (SELECT AVG(Price) FROM [Book]) THEN ‘More than average’
WHEN Price = (SELECT AVG(price) FROM [Book]) THEN ‘Equal to average’
ELSE ‘Less then average’
As ‘Price Range’
Even more flexible when integrate with correlated sub-query. See the following more advanced case.
SELECT Title, Price,
WHEN Price > b.avgPrice THEN ‘More than average’
WHEN Price = b.avgPrice FROM [Book]) THEN ‘Equal to average’
ELSE ‘Less then average’
FROM [Book], (SELECT AVG(price) AS ‘avgPrice’ FROM [Book]) b
The last query will produce the same result as the previous one. (see if the current record is expensive than the average price or not) Except what each method actually process is very different.
In the 1st method, the average price calculation will be processed in every record. Think that If you have 100 records then it will calculate 100 times. Pain or not?
But the 2nd method will do the different. As you seen in the correlated sub-query. (which I’ve high-lighted as brown) You see that I put the average price calculation after FROM clause. This will force SQL parser to calculate the average price once and kept in alias table ‘b‘. This will generate much better in case of you’ve so much number of record to process.
It’s good to do what you can in SQL query as they’ve been optimized by database engine-self. If possible, provide as stored procedure is the best way to do as it will provide the fastest performance since the execution plan of query will be cached in memory. Got fast!
Categories: .NET, ASP.NET
At the beginning, this question was very easy answer. At the present, this still very very easy to answer as many reporting tools, components, libraries were released for Microsoft .NET platform.
While it’s very easy to answer, but which one would be the most recommended for .NET developer? This question is hard to answer as in real world, you have many factors to made a decision for one product.
Let’s list the major players on the market…
While this is the most famous on reporting solution, I always try to avoid this when consulting with my customers. Their designer and functionality definitely is the best. But when I want to deploy it to web server. In some case, this is impossible! as they need you to run some executable files at the web server. So, you can’t do any method of reporting solution at server side except purchasing the most scalable edition. (Enterprise edition) Which the cost is too high if you’re not in a large company. So, I never install it in my Visual Studio box anymore. Waste my space!
This is a great bundled product with SQL Server 2005 as you don’t have to pay for it if you have SQL Server 2005 as your database server. This is a Windows services came with SQL Server 2005. So, if your organization already paid for SQL Server license. Just use it! It was designed to work in server side in nature. Learn about it deeply and you’ll get a great reporting tool in hand. Integration with ASP.NET is very easy as Visual Studio 2005 already provided the Report Viewer for developer. Just a few lines of code and you’ll get all done.
But in personally, I still avoid this as when I do consult with some organization. They use shared hosting somewhere not acquired personal web server at organization. So, they don’t have any permission to install any additional services in to web server. SQL Server 2005 reporting services is not suit for this case!
This product maybe the most popular 3rd party component for reporting solution. But it still not suit for shared hosting and it’s a combination of managed & unmanaged resources. You can see they required some interop library to work and I don’t like those unmanaged. Why do I get back to the past? Avoid…
This is a good product but it needed many runtime to execute on the web server. So, I avoid it. In Windows application platform, It has very cool report designer for end-user. This is what I’m very interesting on.
Honestly! I don’t make a choice for these big four report tools.
I have to say that, in my experiences on application implementation and consulting. Most of my customers who want the solution for reports are just needs only the simple-to-not too complex reports. So, most of cases. I avoid from Crystal Reports as It has too many functionality. Microsoft SQL Server Reporting Services is ok and enough.
Then I captured myself to summarize what I really want from reporting solution?
1. Clean and lean report designer that working in Visual Studio 2005.
2. Dynamic report processing with ease. (Sending parameters)
3. Can be rendered to Adobe PDF format as It’ll be used on web.
4. XCopy method of deployment which will work on any shared hosting.
5. Purely built by .NET framework, I don’t like unmanaged code to run & leak in the background.
No product can made me do a decision to buy even I already have a budget in my pocket! OMG! What the xxxxxxx!
So, what I’m using when customers needed for reporting solution?
At the past of my bad days. I use some PDF & XLS generation library to build reports. Not bad? ^_^
But as I’ve said, the bad days was passed. Now I’m very happy with reporting solution from Telerik‘s.
Why I’m happy with it?
1. A bit bias, as I’m very happy with their ASP.NET Ajax controls suite before. (I’m writing about it here) With quick response on support team. When Telerik released their reporting component. I just grab it for test immediately.
2. It had all functionality that I needed. (You can see at the list above)
3. The XCopy deployment is very very easy just grab a single DLL with your application both for web and windows platform.
Now, I’m very happy with it and never look back to those Crystal Reports, Microsoft SQL Server Reporting Services and any others. One problem that I found about Telerik’s Reporting is that it still stated as “New” component as it recently released just a few months.
The limitation that you got to stuck when you making a decision is that Telerik’s Reporting didn’t work with Business Intelligence reports. (Which Crystal Reports, ActiveReports and XtraReports did the same!) If you want to work with Business Intelligence reports for now, please go with Microsoft SQL Server Reporting Services for now or customize yourself. (As I’m developing the Ajax-based B.I. reports viewer)
Categories: .NET, ASP.NET
Now I’ll talking about a technique that script kiddies widely used to attack to the first wall of your application. If you’re a rookie for security topics on development then you may never heard about this before. In my .NET courses training experiences, most of my trainees never know about this issue before and they feel very surprises when I’ve hacked into their system in no time.
What is SQL injection?
Straightly, It’s something like you try to inject some unexpected characters into SQL querying process to gain the out-of-case result.
Let’s see it in more detail!
What should you do If you want to coding your application to authenticate user’s credential that kept in database?
So easy, right? I’m just querying the result from database with this simple SQL query and a few line of code.
Dim strSQL As String = “Select COUNT(*) From Members WHERE LoginName=’” & txtLoginName.Text & “‘ AND Password=’” & txtPassword.Text & “‘”
Dim cmd As New SqlCommand(strSQL, con)
It works perfectly! but how the it’ll handle if a hard core user input something unexpected into login name just like the following
xyz’ OR ’1′=’1
When it concatenate into SQL string. It’ll result in to…
Select COUNT(*) From Members
WHERE LoginName=’xyz’ OR ’1′=’1‘ AND Password=’1234‘
Yeah, you can see that OR ’1′=’1′ which always result in TRUE. So, the hard core user can authenticate to the application without knowing of any user’s login name or password.
How can I prevent SQL injection?
Yeah, it’s very easy to do. Just use the technique named as “Parameterized Query”.
OMG! What’s about it? I never heard about those “Parameterized Query”.
You get me in trouble again!
Not that serious, It’s very easy to implement this technique as .NET alraedy provide the framework for you. Just do the following two steps.
1. When you want to create the dynamic SQL query string just like this case. You should use parameter instead of concatenate the variables yourself.
Select COUNT(*) From Members WHERE LoginName=@LoginName AND Password=@Pwd
We call @LoginName and @Pwd as parameter.
2. Before executing the command. Please specify the value for each parameter first.
When the command was executed. All parameters will be transformed into the value that suitable for the data type of those database. The good things you get here is that. For string (varchar) data type, generally it should open and close with single quote ” ‘ “. (You can see this code of the first code block) But not for parameterized query, as it will do automatically internal. So, you don’t have to pay your attention to those data type symbol for each database. (Especially datetime data type) and another point, the generated SQL query will never been attacked by SQL injection anymore as it know now how to handle those type of technique.
This is all about that!
For more information about SQL injection, please visit here.
Categories: .NET, ASP.NET
Today I’ll give you a quick guide on how to create RSS Feed channel from your existing data. Before we go to the implementation, let’s see a brief overview of What is RSS, Feed or Atom?
RSS, Feed or Atom is a format name of the method for latest generation webmaster to feed their own updated contents into external web sites or any external applications. I focus to the word updated contents because this is a point of the method. (Now I’ll call it RSS and no more Feed or Atom) The content that provide RSS Feed channel almost often updated.
RSS content can be read by any RSS reader software such as Internet Explorer 7.0, Mozilla FireFox, Microsoft Outlook or any third party. Sometime it called “Feed reader” or “Aggregator” instead of “RSS reader”. Most of RSS reader can monitoring the RSS Feed channel and seeing if there are any changes occurred in the content when compared to previous time. This is very useful when some user don’t want to spend too much time to load any UI as it takes so much time than actual contents. If you still don’t get an idea and you have some RSS reader installed, you can try it online here. (Sorry, but the content of the feed is in Thai language. Just prove to get you idea)
For webmaster or developer like us, If you want to build your web site to stay tuned with Web 2.0 trend. You should build RSS Feed channel to your web application to let external applications consume your data and get more traffics.
In technically terms. RSS, Feed or Atom are all just an XML file that had their own format which RSS reader can be read. You can see the sample of XML structure here. (Just RSS 2.0)
So, how can we coding to build up RSS Feed channel from the existing data? It’s very easy, easier than you thinks!
Let’s examine the RSS 2.0 specification first.
<description>Latest knowhow from http://www.knowhowdd.com</description>
<pubDate>Tue, 10 Jun 2003 04:00:00 GMT</pubDate>
<title>Custom ASP.NET Membership Provider</title> <link>http://www.knowhowdd.com/ShowKnowhow.aspx?khId=11</link>
<description>How to create your own custom ASP.NET authentication membership provider</description>
<pubDate>Tue, 03 Jun 2003 09:39:21 GMT</pubDate>
<title>Custom ASP.NET Role Provider</title>
<description>How to create your own custom ASP.NET authentication role provider</description>
<pubDate>Fri, 30 May 2003 11:06:42 GMT</pubDate>
What I’ve hi-lighted in blue are header and footer sections which describe itself meaning. Next, what I’ve hi-lighted as red is body which contains your content items.
So, our development task is just to generate this XML stream from the existing data. It’s really easy to complete this task as .NET already provide a great XML class library. Let’s begin coding with VB.NET.
First of all, import some necessary namespaces.
Then go to the code block where you want to generate the RSS Feed and coding to build header section just like the following…
‘Write the beginning of RSS content
Response.ContentType = “text/xml”
Dim xtwFeed As New XmlTextWriter(Response.OutputStream, Encoding.UTF8)
xtwFeed.WriteElementString(“title”, “KnowHowDD.com – Latest Know-How on group : ” & g.Title)
xtwFeed.WriteElementString(“description”, “The latest know-how from KnowHowDD.com”)
xtwFeed.WriteElementString(“copyright”, “Copyright 2006 – 2007 KnowHowDD.com. All rights reserved.”)
The header section was completed now, then we’ll begin to build the body section of the RSS feed. Normally I’ll loop through the collection of data which I want to provide as RSS Feed channel.
‘Loop through all records to generate RSS body
For Each kh As KnowHowEntity In knowHows
‘Write body (Extract from database)
xtwFeed.WriteElementString(“link”, “http://www.knowhowdd.com/ShowKnowHow.aspx?knowHowId=” & kh.KnowHowId)
xtwFeed.WriteElementString(“pubDate”, kh.PubDate.ToString(“dd/MM/yyyy hh:mm:ss”))
Now, the body section was completely built. Let’s complete the footer section.
‘Write the ending of RSS content
Easy or not, now it’s completed and we all got RSS Feed channel in our Web 2.0 style application!