FCI-Helwan blog

Just another FCI-H weblog

Happy BizTalk to you – Part 1

Welcome To machine!

Today, I would like to introduce the series of Happy BizTalk to you; the idea behind these articles is to familiarize you with a set of design patterns in BizTalk orchestrations to simplify the programming process automatically. The plan is to get you some overview automatically, no additional effort required. When you’re familiar with the design patterns of BizTalk, you can face a programming issue and — Bam! — A solution will come to you more quickly. Instead of banging your head against the wall in desperation, you’ll say, “What I need here is the Splitter pattern Or the Aggregator pattern”. Let’s go

for more details click here

June 2, 2009 Posted by | BizTalk | Leave a comment

.NET Framework Posters (4 and 3.5)

While I am google for .NET Framework 3.5 Poster to see some new namespaces , I got .NET Framework 4 Poster so I want to share the both with you here.

.NET Framework 3.5 :

DotNet_poster_xps_large.xps 1.5 MB

DotNt_poster_xps_split.xps 1.8 MB

NET_35_Namespaces_Poster_JAN08.pdf 849 KB

NET35_Namespaces_Poster_Tiled_JAN08.pdf 25MB

All of them are available in this link

.NET Framework 4:
You can find in the next link two version for framework 4, the first is silverlight with deep zoom and the second is PDF high resolution version.
They are available in this link

June 1, 2009 Posted by | Uncategorized | Leave a comment

How to create SQL Server Login programmatically?

Q. How to create SQL Server Login programmatically?

I got this question from Daniweb C# forum, and of course when I need to do something against SQL Server object from .net I go to SMO (SQL Server Management Objects) which provides a great functionalities to do anything with SQL Server instead of going on SSMS and create some scripts then embedding them into stored procedure then call it…. off…
Anyway to avoid showing how much I’m talkative…

Create any C# project type (Windows, Class Library or even Console one), add reference to Microsoft.SqlServer.Smo, Microsoft.SqlServer.ConnectionInfo
and Microsoft.SqlServer.SqlEnum
Server sqlServerInstance =
new Server(new Microsoft.SqlServer.Management.Common.ServerConnection(
new System.Data.SqlClient.SqlConnection("Data Source=.;Initial Catalog=Master;Integrated Security=True")));
// your connection string I place mine for illustration..
Login loginObj = new Login(sqlServerInstance, @"DomainName\UserName");
loginObj.DefaultDatabase = "Master";
loginObj.LoginType = LoginType.WindowsUser;
loginObj.Enable();
loginObj.Create("password");
//set the password
//there're many properties to do some tasks related to Login object...

If you used LoginType.WindowsUser, be sure to provide valid windows username and if you aren’t on Domain use the machine name instead.

If you need to create SQL login use LoginType.SqlLogin…

You can explore Login class more on http://msdn.microsoft.com/en-us/library/microsoft.sqlserver.management.smo.login.create.aspx

 

 

 

April 28, 2009 Posted by | .NET Q and A, C#, Microsoft, SMO, SQL Server | 3 Comments

How to secure my ASP.Net web Application (XSS)

mmm, I’m not good enough in wrting a good introduction to my posts, so i’m going to get into the point directly. How to write a secure ASP.Net web application.

I will show you in this post the most common attacks on ASP.Net applications and how to prevent these attacks to happen on our Application.

1) Cross site scripting(XSS)

is the most common attack, it represents about 85% from web sites attacks. XSS happens when the attacker tries to inject a java script in any input controls like textboxs for example then submit this input to the server.

example: try to input this code in a test page has a one textbox to take ur user name and a button to preview this username –

<script>alert("Hacked using XSS");</script> –

i hear someone says, hehehe, i can validate the input text to see if it contains the tag <script> or not !!
ok, please make ur check then compile, and enter this text in ur textbox and tell me the results
-<body onload="alert("Hacked too ??!!?");"> –

sure any attacker will not write these kind of scripts, s/he may get ur cookies values, may be s/he put a script on ur server which make an automatically redirect any user to any other page may be may be may be …

I think now it is clear what is XSS, but how can we secure our ASP.Net application aginst this famous attack? there are many good practices like,

  1. Make sure that ValidateRequest attribute in Page tag is always true ( try to make it true and try this attack again.
  2. Use HtmlEncode Method in HttpUtility class which applies HTML encoding to a specified string and return the encoded string not to be executed as a client-side script(try to set ValidateRequest=”False” and use HtmlEncode Method ).
  3. Don’t trust user’s input and always keep validating aginst any special characters in the input.

C u in the next post

April 24, 2009 Posted by | ASP.NET | 1 Comment

Twitter Common Friends

For the past couple of months, A lot of people (who I don’t know) have been following my twitter.. Mostly they don’t look like anybody I know, not even Egyptians, & I’m not that popular anyway.. I’m ok with people following me anyway.. My twitter is public, & I’m not planning to change that.. But sometimes I need to know if these are real people who are in my twitter “social network” or just some sort of zombies or bots..

I’ve just created a small app to act like “common friends” in Facebook so I can find out whether I really know them or not.. Actually a couple of these followers are really interesting people & I’m following them now.. The app finds common people you’re follwoing.. not common followers, the followers all is almost the same it just need authentacation..



The application depend on a single twitter API which takes the user name as a parameter & returns an xml (or JSON) file of their freinds for eg these are my friends xml file:

http://twitter.com/statuses/friends/mshady.xml

I used the “XML schema definition” tool (Xsd.exe) to generate the class to use the xml nodes directly as nodes rather than querying the XML document.. I’m such a lazy coder.. I know :D..

Once the xml is deserialised into the users datatype like this:

XmlSerializer oXmlSerializer = new XmlSerializer(typeof(users));
users oUsers1 = (users)oXmlSerializer.Deserialize(
                     XmlReader.Create(@”http://twitter.com/statuses/friends/&#8221;+textBox1.Text+“.xml”
                        ));

All you need to do is to find the intersection set between the two list/sets.. & display them
 
The source code & binaries are available here: http://cid-570d40f05cc0dc13.skydrive.live.com/self.aspx/Sample%20Code/TwitterTest.rar

April 12, 2009 Posted by | C#, Tips | 2 Comments

dotNetWork.org April09 gathering

First thing to say, please don’t mix this event with Microsoft Innovation day organized by MSFT jointly with almost every Egyptian UGs.. I’ll be blogging about that later..

This month we are a bit earlier than usual (or should I say we are late for last month gathering? :D).. The gathering will be on April 18th (next Saturday)..

Concerning the venue, this gathering we will try a new thing, we will hold it at Fridays, City Stars.. This is a bit limiting so this time our maximum count of attendees will be around 60.. Also there’s a special-priced menu for DNW.. So if (only if) you’re interested & your schedule is free next Saturday from 10:00-13:00.. Please register..

So to know if you’re interested The speakers are

Hossam Kamel
Senior Software Engineer – ESRI, Northeast Africa

Mohamed Samir
Technical Lead – Timeline Interactive, Inc.

Concerning the agenda:

10:15 – 11:15
Testing automation using VSTS 2008 (for Dev & QC):
Lots of demos for both developers & testers..So Testing Engineers, please join us!!
Hosam Kamel
11:45 – 12:45
“CellFactor®: Psychokinetic Wars”, challenges and achievements:
CellFactor is first-person multiplayer shooter game, developed for  PS3 and XBOX 360 by a mostly-Egyptian team.
Mohamed Samir

Btw, Guys, just to make sure it won’t be understood wrong (again) Attendees will be paying for their own meals.. DNW is only organising the event 🙂

For more info, updates, registration
http://dnkapril-emailinvite.eventbrite.com/
You can, Also, find the menu there 😀

There’s also a Facebook event but registration only counts on through eventbrite..
http://www.facebook.com/event.php?eid=68200144013

Other helpful links:

Yahoo!Group:
http://tech.groups.yahoo.com/group/dotnetworkorg/

Facebook Fan Page:
http://www.facebook.com/pages/netWorkorg/13135685545

Facebook Group:
http://www.facebook.com/group.php?gid=2409268236

PS: I’ll update the post with the poster as soon as it’s ready.. isA

April 12, 2009 Posted by | Announcements | Leave a comment

EgySUG Launch

Egypt SharePoint user group real launch (after a couple of sessions with DNW) is expected to be next Thursday, isA.. It will be featuring Joel Oleson. The session title is “10 Steps to Successful Deployments“.. For more info, check the UG calendar..

Concerning the time & place:
18:30-21:00 @ Microsoft-Egypt, Smart Village..

Transportation will be available from in front of Masbiro mall beside Ramses Hilton, Abdel Moneim Raid Square starting from 17:15-17:30..

Attendance is free as usual.. but registration is needed here

For any further inquiries call Ebeid Soliman: 010 5064 838

PS. : Sorry for the late notice

April 7, 2009 Posted by | Announcements | Leave a comment

CodeCamp’09 Venue Confirmed!!

CodeCamp’09 venue will be BUE (The British University in Egypt) Campus, Cairo-Suez Desert Road, El-Sherouk City. There will be buses departing from several locations to CodeCamp. These locations will be announced soon, isA.

Looking forward to seeing you there!!

February 13, 2009 Posted by | Announcements | Leave a comment

CodeCamp’09 Agenda published!!

For those who aren’t subscribed to the event updates, the agenda is published on the event page cc.dotnetwork.org (if it’s not working you might use this url directly codecamp09.eventbrite.com) please remember to register on the page, the seats might become limted :).. The page has a RSS feed for the event updates, too.

For now, the venue is BUE, but it’s not yet confirmed.. I’ll keep you updated with more news to come, isA..

February 6, 2009 Posted by | Announcements | Leave a comment

dotNetWork.org CodeCamp’09

This time, dotNetwork is preparing for a “bigger-than-the-usual-gatherings” event.This is supposed to be dotNetwork’s first major Event, with around 18 sessions, 3 tracks, split over 2 days, which are intended to be on February 19th, 20th, isA.

The agenda has a wide range of topics covering Azure, Velocity, Scrum, BizTalk, SharePoint, C# 4, VS2010, SilverLight, & many other topics..

Speakers list include Stephen Forte, Remi Caron, Marianne Van Wanrooij, Mohamed Meligy, Mohamed  Samy, Yasser Makram, Mohammad Yousry, Hossam Kamel.

I’ll be updating you with more soon, but for now check the event page here:
http://codecamp09.eventbrite.com/
& subscribe to its feeds for updates, also check the the Facebook event:
http://www.facebook.com/event.php?eid=63066020983

This is not yet a formal announcement, so I’ll be updating you with any news here, too.. so keep tuned..

February 1, 2009 Posted by | Announcements | Leave a comment