August 7th, 2009 by Sameer | No Comments | Filed in Uncategorized
August 7th, 2009 by Sameer | No Comments | Filed in Uncategorized
If you read Creating SqlParameters Best Practices you will find the fun you have if you have null values:
SqlParameter[] sqlParams = new SqlParameter[] {
new SqlParameter("@Required", required),
questionCode == null ? new SqlParameter("@Code", DBNull.Value) : new SqlParameter("@Code", questionCode)
};
Here is a nice helper function to deal with nulls without having to manually check every time.
/// <summary>
/// Return a SqlParameter with DBNull value or value
/// </summary>
/// <param name="key"></param>
/// <param name="value"></param>
/// <returns></returns>
public static SqlParameter NullWrapper(string key, object value)
{
if (value == null)
return new SqlParameter(key, DBNull.Value);
else
return new SqlParameter(key, value);
}
Then you can use it as follows
SqlParameter[] sqlParams = new SqlParameter[] {
new SqlParameter("@UserID", userId),
new SqlParameter("@itemNo", itemNo),
General.NullWrapper("@expiryDate", expiryDate) //no need to check if null any more
};
July 1st, 2009 by Sameer | No Comments | Filed in Hosting
Have you ever tried to do a recursive linux search for a text string inside a particular file? For example
grep -r "mail" *.php
and then it fails because the current folder doesn’t have any php files in it?
Here is how you can achieve a search inside all .htaccess files for the text php_flag
find -iname .htaccess | while read line; do grep --with-filename "php_flag.*" $line; done
This below line will search all .PHP files for a common hack script
find -iname *.php | while read line; do grep --with-filename "eval (base64_decode('aWYoIWlzc2V0KCR" $line; done
If that gives you too much output, here is a search that will only display the filenames
find . -name "*.php" | while read line; do grep --files-with-matches --with-filename "base64_decode('aWYoIWlzc2V0KCR" $line; done
Tags: grep, linux
June 13th, 2009 by Sameer | No Comments | Filed in Hosting
Here is a cool way to delete files according to some complex rules without knowing complicated bash commands.
First, create a file as follows that contains your deletion rules.
+ public_html/
+ public_html/*
- access-logs
- etc/
- logs/
- mail/
- .cpanel/
- .cpaddons/
- .spamassassin/
- .ssh/
- public_ftp/
- cpmove.psql/
- tmp/
- cpeasyapache/
- MySQL-install/
Then, run rsync with the source and destination folder being the same
rsync -avz --include-from:rulesFile.txt . . --delete-excluded
You can add –dry-run if you want to see what will be deleted:
rsync -avz --include-from:rulesFile.txt . . --delete-excluded --dry-run
Tags: linux
May 27th, 2009 by Sameer | No Comments | Filed in Uncategorized
Here is a list of new features in ASP.NET 4.0.
Very interesting. Auto start feature, new ways to choose where data is cached, built in option for compression session (via gzip), and more!
April 9th, 2009 by Sameer | No Comments | Filed in .NET articles
LINQ to Entities seems really great. It can save you a lot of time in writing unnecessary db connection code, improve the performance many fold, only connect to the db when required (lazy loading), and easy concurrency handling for you.
However there is a missing feature which I found out the hard way. If you try to do a ‘Create Function Import’ and it returns a scalar, the code will not be automatically generated, due to ‘lack of time’ from the MS Team:
MSDN Forums – See the post by Noam.
So basically, you are handicapped! Either write the code yourself or just do it the old fashioned way
April 2nd, 2009 by Sameer | No Comments | Filed in Uncategorized
Wow, sweet. Use .NET 3.5 features in .NET 2.0.
A quick overview how to do it.
1. Edit your .CSPROJ file and manually add another reference to System.Core
Add a True
This will make the compiler copy it to the BIN folder.
Thats it. You can now use .NET 3.5 features
February 3rd, 2009 by Sameer | No Comments | Filed in Uncategorized
When using SQL Server Management Studio you might want to copy data from one DB to another (using just a SELECT and INSERT statement)
It’s so easy you won’t believe it
sp_addlinkedserver @server='192.168.123.456', @provider='SQLNCLI', @srvproduct='',@provstr='User Id=sa; Password=are-you-crazy-to-use-sa'
insert into [192.168.123.456].MYDB.dbo.tblRecords
select * from MYDB.dbo.tblRecords
and when you are done
sp_dropserver [192.168.123.456]
References:
sp_addlinkedserver on MSDN
sp_dropserver on MSDN
December 13th, 2008 by Sameer | No Comments | Filed in Uncategorized
hnc.cgi is a spam script. Its also known as dm.cgi.
If you have this script running, chances are your server has been exploited.
Here is the actual dm.cgi script if you want to see it.
November 27th, 2008 by Sameer | No Comments | Filed in Uncategorized
Before and After
If you manually want to simulate a postback, Here is how you would stick together a string manually calling __doPostBack in .NET 1.1
In this case its making a link in a particular linkbutton control inside a datagrid.
__doPostBack in .NET 1.0
string link = "<a href=\"javascript:__doPostBack('dataGridCart$_ctl" + i + "$linkButton','');\"";
__doPostBack in .NET 2.0
string link = "<a href=\"javascript:__doPostBack('dataGridCart$ctl0" + i + "$linkButton','');\"";
Dont use this function any more. Use Page.GetPostBackClientHyperlink from .NET 2.0+. This is because they might change __doPostBack yet again and your code will be broken.
Look at the comment thread on this codeproject article for more details
Further reading: Do Postback Hijacking