Google

Friday, July 10, 2009

Project Server 2007 Implementation

 

Finally, I got success in implementing Microsoft Project Server 2007 in my organization. And at first impression, it seems really cool tool for project management. And I hope this first impression stay last long. The deployment of the Project Server was little bit hectic. That might be due to not having enough experience implementing and installing that. Below are the features, which I really like into Project Server 2007.

  • Excellent Project Web Application.
  • Sync. with Microsoft Project Planner. (It’s really cool)
  • Sync. of tasks and time sheet with Microsoft Outlook. (It’s really helpful, tried in pilot run. Quite impressed).
  • Share Point - document management. And documents’ sync. with Microsoft Outlook.
  • Resource Center.
  • Sync. with Active Directory.

Isn’t it seems cool?? Find below articles for Project Server 2007 implementation guides.

“Deployment for Office Project Server 2007”— http://technet2.microsoft.com/Office/en-us/library/0c43062d-30e3-49b1-9705-ed447ad1d2561033.mspx

“Deployment for Windows SharePoint Services 3.0 technology”—http://technet2.microsoft.com/windowsserver/WSS/en/library/1f505e96-60e2-41ac-bf5d-9739105f047c1033.mspx

Posted by Nirav Patel at 12:32 PM 1 comments
Labels: ,

Tuesday, June 9, 2009

My New VS Color Theme… Isn’t it cool????

I got a new Visual Studio theme from here… It’s cool… Check it out new look of my Visual Studio…

NewTheme_blog

Posted by Nirav Patel at 4:48 PM 0 comments

Friday, June 5, 2009

Encryption of Stored Procedure!!!! Really???

My friend sent me this cool link… It describe the way to encrypt the Stored Procedure on SQL Server… Find the article of how to encrypt the Stored Procedure at….

http://www.sqlservercurry.com/2008/02/how-to-encrypt-stored-procedure-in-sql.html

Enjoy….

Posted by Nirav Patel at 6:10 PM 0 comments
Labels:

Tuesday, April 7, 2009

I Love you Dad…

On 16th of Feb 2009, I lost my father. It was a huge loss of my life. He was a great man and fighter. He fought great against cancer. But destiny was defined. Cancer did it’s job. It was very tough to see our dear one dying and you were standing there helplessly.

I was checking his pulse on his forearm, and I felt his last pulse. I held his arm for few more minutes with tears in my heart with hope that I will catch his pulse again. But the pulse never came again… Instantly I became small child by heart. I wanted to cry like child, but I couldn’t. If I got to cry, who will give emotional support to my mother, younger brother and my wife. I had to put huge rock on my heart and control my emotions for sake of my family.

Suddenly my whole life changed. If you know about Indian families, father is always a key person in family. He possess the chief of the family status for his entire life span, specially in joint families. Children are always in father’s influence. Father is like roof of the house. And I lost my roof. As an elder son of the family it was my responsibility to become new ruff of my family. It is a great responsibility. But I now I will do that, my father is always with me. Even if he is not physically present, I can feel his present inside my heart. I know he is always with me. He is looking after my every failure and success.

I Love you Dad… You are always my source of inspiration…

Posted by Nirav Patel at 3:52 PM 2 comments

Sunday, August 24, 2008

Back to Blogging

After almost 2 months I am back to blogging. These two months went hectic for me. Lots of things happened in these two months. This all things affect a lot to my surrounding environment.

My dad is having cancer since last 4 years. He is fighting very hard to defeat the cancer. But before few months cancer came in the winning position. We were starting losing the hope, but my dad didn't. He again starts fighting with the cancer with passion. During this chaos, I got good offer from the Cybage Software, which I couldn't denied. And it was the end of a golden era of my working with Avani Cimcon Technologies (ACTL). I worked almost 2 years with ACTL. It was really a golden period of my life. Working with ACTL was the best working experience for me. But one day you have to step forward, and I took that step. It's been a pleasure working with Cybage Softwares. I became part of cybagian community from cimconiens community.

One more thing happens which made me think a lot on my and my beloved's life. On 26th of July, 2008, Ahmedabad got serial blasts. It was around 21 blasts in just 70 minutes time. The whole city and infect whole country catch into terror. Around 56 people died and 200 people injured. The biggest blast happened into the Civil Hospital (The same hospital, where my dad's treatment is going on). Fortunately all of my beloved were safe. And I am thankful to God for this. But again and again, same thought came in my mind that, why this happens? Why a human can not understand each other? Why everybody wants to kill each other? Why we can not leave peacefully with each other? And I guess nobody in this world know these answers.

Anyway, after all we have to back to our routine life also. So, now I am back to my routine life and started writing again. So below is my "To Write" list. I am going to write on below topics in near future. The list is not in sorted order.

To Write:

  • Extension methods in .Net 3.5
  • Forms Authentication in SSRS
  • Visual Studio Extensibility
  • Project Management
    • Planning
    • Scheduling
    • PERT / CPM Techniques
    • Risk Management
    • Change Management
    • Work Reporting

Posted by Nirav Patel at 2:15 PM 0 comments

Tuesday, May 27, 2008

Prevent HTML Injection in ASP.Net

What is HTML Injection?

HTML Injection refers to injecting HTML code into a web servers response to alter the content to the end user. HTML injection is one of the technique for hacking and phishing. This is also known as Cross Site Scripting.

The developer must take care of these kind of security Vulnerability.

How To Prevent?

If you are a ASP.Net developer then you must know about the Validation Controls. We can prevent the HTML injection by using Custom Validation Control. It is pretty simple to write the custom logic to prevent HTML injection by using Custom Validation Control.

But I am not going to explain how to put the validation into Custom Validation control. But I am going to explain, that how we can apply the HTML validation across the application without writing redundancy code.

.Net provides facility to extend their control for our own use. We can use those extended controls into our application development.

To extend the control, we just need to inherit our class from the particular control. To create the Custom control of ASP.Net's Custom Validator control, we will need to inherit our class from the System.Web.UI.WebControls.CustomValidator class. Please find below code to create custom control of Custom Validator Control.

namespace CustomControls
{
    public class CustomValidator : System.Web.UI.WebControls.CustomValidator
    {
        private bool m_pastInit;
        private bool m_ValidateHtmlInjection = false;

        #region Public Properties
        [Themeable(false)]
        public bool ValidateHtmlInjection
        {
            get
            {
                return this.m_ValidateHtmlInjection;
            }
            set
            {
                this.m_ValidateHtmlInjection = value;
            }
        }
        #endregion

        public CustomValidator()
        {
            m_pastInit = false;
        }

        protected override void OnInit(EventArgs e)
        {
            base.OnInit(e);
            m_pastInit = true;
            this.SetFocusOnError = true;
            this.Display = ValidatorDisplay.Dynamic;
        }

        protected override void OnPreRender(EventArgs e)
        {
            base.OnPreRender(e);
            if (this.m_ValidateHtmlInjection)
            {
                this.ServerValidate += new ServerValidateEventHandler(this.HtmlInjectionServerValidator);
                this.Page.ClientScript.RegisterClientScriptBlock(this.GetType(), "HtmlInjectionClientValidator", BuildHtmlInjectionValidationClientSideFunction());
                this.ClientValidationFunction = "HtmlInjectionClientValidator";
            }
        }

        private string BuildHtmlInjectionValidationClientSideFunction()
        {
            const string NEW_LINE = "\n";
            const string TAB = "\t";
            System.Text.StringBuilder stringBuilder = new System.Text.StringBuilder();
            stringBuilder.Append(NEW_LINE + "<script language=\"javascript\" type=\"text/javascript\">" + NEW_LINE);
            stringBuilder.Append(TAB + "function HtmlInjectionClientValidator(source,arguments){" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + @"var re = /<[\w]+>/;" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "if(re.test(arguments.Value))" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "{" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + "arguments.IsValid = false;" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "}" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "else" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "{" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + "arguments.IsValid = true;" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "}" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "var reHTMLPattern = new Array('<input', '<select', '<img', '<option', '<textarea', '<span', '<div', '<label', '<h', '<br', '<hr', '<table', '<tr','<th', '<td', '<a', '<body', '<html', '<script', '<link', '<meta', '<iframe', '<p', '<b', '<srtong', '<i','<dd','<dt');" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "if (String(arguments.Value) != 'undefined')" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "{" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + "for(var pattern in reHTMLPattern)" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + "{" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + TAB + "if(arguments.Value.indexOf(reHTMLPattern[pattern])>=0)" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + TAB + "{" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + TAB + TAB + "arguments.IsValid = false;" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + TAB + TAB + "break;" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + TAB + "}" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + TAB + "}" + NEW_LINE);
            stringBuilder.Append(TAB + TAB + "}" + NEW_LINE);
            stringBuilder.Append(TAB + "}" + NEW_LINE);
            stringBuilder.Append("</script>" + NEW_LINE);
            return stringBuilder.ToString();
        }

        protected void HtmlInjectionServerValidator(object source, ServerValidateEventArgs args)
        {
            string regEx = @"<[\w]+>";
            string[] halfHtmlTags = { "<input", "<select", "<img", "<option", "<textarea", "<span", "<div", "<label", "<h", "<br", "<hr", "<table", "<tr", "<th", "<td", "<a", "<body", "<html", "<script", "<link", "<meta", "<iframe", "<p", "<b", "<srtong", "<i", "<dd", "<dt" };
            bool isValid = !System.Text.RegularExpressions.Regex.IsMatch(args.Value, regEx);

            if (isValid)
            {
                foreach (string halfHtmlTag in halfHtmlTags)
                {
                    if (args.Value.IndexOf(halfHtmlTag) > 0)
                    {
                        isValid = false;
                        break;
                    }
                }
            }
            args.IsValid = isValid;
        }
    }
}



The class, expose the property IsHtmlInjectionValidator, this property is not there in the traditional ASP.Net Custom Validator control. The validation control have client side and server side validation methods. Both method behave same. The server side validation method will be used when somebody has disabled the JavaScript support from the browser.



How To Call in ASPX Page?



To add the custom control into the ASPX page, we need to register the assembly into the page. Below is the code to register the assembly...



<%@ Register Assembly="ControlLib" Namespace="CustomControls" TagPrefix="CustomControls" %>


Below is the code for adding Custom Control into the ASPX page, 



<CustomControls:CustomValidator runat="server" ID="HtmlTestCustomValidator"
            ValidateHtmlInjection="true" ErrorMessage="This is HTML Injection..." ControlToValidate="InjuctionTestTextBox"></CustomControls:CustomValidator>



Other Usage



We can create SQL Injection using same methodology. I keep that for the readers. If you can find how we can do the SQL Injection validation please share with all. Otherwise I will post the SQL Injection into my next post.



Happy Coding....

Posted by Nirav Patel at 3:11 PM 0 comments
Labels: , ,

Friday, May 23, 2008

10 Tips For Effective Reading And Learning

 

  1. Relax Before Reading
    Concentration is key factor of effective reading and learning. You will need to relax your mind and swipe off your thoughts. You brain need to be empty by thoughts before you start the reading. It is like giving space to new thoughts which are going to be arise during your reading. Your emotions need to be in neutral before reading. That will give you chance to evaluate your reading. You can do some meditation or listen to soft music before start of reading. Most of all fighter pilots and F1 racers adopt this technic before go to the flight or in race. Try it, it is really effective. 
  2. Go Slow with the Reading
    Never do hurry with your reading. Don't just read. Go very slow with reading. Try to understand each and every word written by author. Try to ask questions to your own self and find the answer. The more deeply you force your brain to think, the better chance you have of learning and remembering.
  3. Take Challenges of Exercises.
    Authors keep exercises in book for you. But what if they do that for you? You will never attempt the challenge. It will be like, you are hungry and somebody is eating on behalf of you....
  4. Write Your Own Notes In Book
    Its not bad to use Pencil to write something in your books. You can write lots of your own notes in book. It is really good practice to improve your understanding of what you are reading. Some people don't like to write anything into book, as book get spoil. In this case you can write your notes into separate notebook or even you can use sticky notes. But please write your thoughts.
  5. Give Enough Time To Your Brain
    The process of transferring the reading into long-term memory happens after stop reading. Our brain needs time to do processing. If we keep anything new or challenging during the processing time, Some of what you learned might be lost. It is recommended to read before you go to bed.
  6. What Your Brain Need?
    The performance of Brain is depend on lots of things. But we can follow few basic things to make it more efficient. The brain works best in a nice bath of fluid. Research said that Dehydration decreases cognitive function of brain. The dehydration can happened before we feel thirsty. So, keep drinking enough water while reading [But this also can cause lots of washroom visit and can break your concentration, so keep it in your own limit]. Brain also need good sound sleep. To learn at it's best, give enough sleep to you brain [At least 6-8 hours]. And last but not least, you brain need food. Please eat proper to nourish your brain. Protein, Vitamins, Sodium and Iodine are very important for your brain.
  7. Speak it out Loud.
    Speaking activates a different part of your brain. If you are trying to understand something, or increase your chance of remembering it later, say it out loud. You can discuss what you have learned or read with some of your friend (Or even with your own self in front of mirror). The discussion will bust the confidence in you. And you will see that you are learning quickly. During discussion you might come out with new ideas you had not known were there when you were reading about it.
  8. When To Stop
    You should know that when to stop reading. Your brain may overloaded. You should understand the limitation of your brain (I can not read more then 45 minutes in row, it's limitation of my brain). Now one very obvious question, how to know when to stop? If you find yourself starting to forget what you just read, or the characters start dancing on page, then that is the right time to stop reading and have some break.
  9. Feel it !!
    You must feel the importance of what you are reading or learning. Your brain need to take the reading seriously to learn effectively. Your brain will never take the reading seriously if it don't know the importance of that. 
  10. Practices
    Apply what you have read in your life. Try to put that in your everyday practice. Theoretical and practical both are the different knowledge. You need to apply your theoretical knowledge in your practical life. Coz all reading and learning will not matter until you start practicing that in your routine life. Books will show you the path (Theory) but to walk on the path (Practical) is your responsibility. I might have read everything written or printed about the Everest, but to archived the Everest is complete different thing. My reading and knowledge about the Everest only worth if, I climb and archived the Everest.

Posted by Nirav Patel at 1:55 PM 3 comments
Labels: , , , , ,
Subscribe to: Posts (Atom)