it's not impossible. UpdateOrder, DeleteOrder. And let's say, only certain fields can be updated, it's only checked in client-side Javascript. at the backend, there's NO checking !
Posts made by zzzxtreme
-
RE: Just a rant
-
Just a rant
currently working with younger programmers. they are very technically skilled and hardworking.
but, I notice the same problem with all companies I have been working in - almost non-existent data validation !
For example WebAPI : GetOrder(int id) , any tom dick and harry can basically view orders from any other users.
Why? These things not taught at college?
-
RE: Using LINQ
remember to use Transaction Readuncommited with Linq db access whenever you can
-
Getting london time in .net - DST mess
hey, DST (daylight savings time) is not outlawed by UN yet, no surprise there!
anyway, I wish to know how to get the correct current london datetime, no matter it is DST or GMT or BST, and no matter where I deploy the code to.
any help greatly appreciated !
-
RE: Microsoft's three-value boolean
March 2012, the next realease of oracle introduces new types, BOOLEAN2 !
Pre-register now for a 3-day course on Oracle installation, and get free 7 day course on DB2 installation course.
-
Improving art of programming
hi guys, how do you guys deal with, say, a user table with 10 fields. all web pages are done, all business logic are done, interface classes properties are done etc.... then suddenly, the client wants another 10 fields. just add more columns to the tables and more properties in the classes?
this project im working on faces this problem. tables starting with 10 fields, now it's uncommon to see them having 50 fields.
I started to get interested with programming ideas, abstraction, composition, generics, functional programming. really change my way of "thinking" about programming. How do you guys solve such design issues? Any good books out there to read to make me into a better programmer? I'm the kind of programmer who wants to know "Why", instead of "what" and "how".
any advice/thoughts are greatly appreciated
-
Job frustration
new job.
very old system. expected to work daily with unpaid overtime for the course of next whole year.
sounds ok if you like programming. except...
- the "developer document" to explain data relation is just displaying table and it's column names. no explanation on keys relationship.
- system is OVERLY FLEXIBLE. they(the original designers) would want to think their system is flexible. you can "configure it to your heart's content" from the front end. but really, it's not enough. you'll have to also program the logic. a complicated mess. thousands of repeated codes. and some codes has extra checking which has no explanation.
- a database view calls a view which calls another view which joins another view. OVERLY DEPENDENT on views. DB is not hidden from the programmer.
sure I can redevelop a new system. but new clients keep coming in, the mess will amplify, the project "can" support multiple clients on same website. more mess, more headaches. the ppl here all look like zombies, having no life besides work work work.
HUARGHHHHHHHHHHHHHHHHHHHHHHHH
-
RE: THE I-HATE-COLDFUSION CLUB?
i understand how u feel :-(
CFIF and cohort is just terrible. I had to put everything in CFSCRIPT, write some shared functions to make other programmer's morale a bit better. But now i have another job, using all .net. -
RE: Is it really Horricle?
The more simple a software is, the more complex the source code is.
-
RE: THE I-HATE-COLDFUSION CLUB?
ahhh can't believe somebody replied after 2 years i posted this !
coldfusion should not be called a language or script. there should be a new name for it, and COMPLETELY seperated from other programming language.
It is higher than high level language. I'd rather use COBOL.NET -
RE: An ASP.NET wtf
yeah its quite a common wtf
but i prefer
Viewstate(key) = guid
Session(Viewstate(key)) = thetable
-
RE: Struggle with shell capturing in .NET
i dunno much about consoles
but i can do
c:\myCommand.com myparam myparam > c:\temp.txt
the output will be in temp.txt
im sure there are other proper ways, but i would use that way because i can't find much examples out there
-
THE I-HATE-COLDFUSION CLUB?
cfscript != cftags != java errrr != c++ cfx ?
-
RE: VC demands Oracle?
Postgres-SQUEAL - oh funny laughing my pants off
-
RE: Official Membership Thread -- Just Reply Here!
hi i wanna join thanks