Monday, July 21, 2008

Progress Bar

Essential Object offers a complete free to use progress bar for ASP.net. It is very nice tool with great flexibility for user to change the layout and it's very easy to use. Here is the link. However, the disadvantage is you'll have to install the full asp.net control set to your VS. The dll has to be included in the bin folder to deploy the site. (Telerik has a progress bar only for using with the upload control. I find it is odd that they didn't including a progress bar for general use.)

An alternative solution is to use an simple user control. The disadvantage is the look & feel of the progress bar. It's not as good looking as the progress bar from EO, but you can get the full source code. Here is the code in c#:

ProgressBar.aspx:
<%@ Control Language="C#" AutoEventWireup="true" CodeFile="ProgressBar.ascx.cs" Inherits="ProgressBar" %>

BorderWidth="1px"
CellPadding="1"
CellSpacing="1"
Height="10px"
Width="200px">




ProgressBar.ascx.cs
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class ProgressBar : System.Web.UI.UserControl
{
private System.Drawing.Color _colFillColor = System.Drawing.Color.Green;
private System.Drawing.Color _colBackcolor = System.Drawing.Color.White;
private System.Drawing.Color _colBorderColor = System.Drawing.Color.Black;
private int _intBorder = 1;
private int _intCellspacing = 1;
private int _intCellpadding = 1;
private int _intHeight = 15;
private int _intWidth = 130;
private int _intBlockNumber = 20;
private int _intValue;
TableRow _tblBlock;

public System.Drawing.Color BGColor
{
get
{
return _colBackcolor;
}
set
{
_colBackcolor = value;
}
}

public System.Drawing.Color FillColor
{
get
{
return _colFillColor;
}
set
{
_colFillColor = value;
}
}

public System.Drawing.Color BorderColor
{
get
{
return _colBorderColor;
}
set
{
_colBorderColor = value;
}
}

public int BorderSize
{
get
{
return _intBorder;
}
set
{
_intBorder = value;
}
}

public int Cellpadding
{
get
{
return _intCellpadding;
}
set
{
_intCellpadding = value;
}
}

public int CellSpacing
{
get
{
return _intCellspacing;
}
set
{
_intCellspacing = value;
}
}

public int Blocks
{
get
{
return _intBlockNumber;
}
set
{
_intBlockNumber = value;
}
}

public int Value
{
get
{
return _intValue;
}
set
{
_intValue = value;
}
}

public int Height
{
get
{
return _intHeight;
}
set
{
_intHeight = value;
}
}

public int Width
{
get
{
return _intWidth;
}
set
{
_intWidth = value;
}
}

protected void Page_PreRender(object sender, System.EventArgs e)
{
int intBlocks;
// add a new row to the table
_tblBlock = new TableRow();
// create cells and add to the row
for (intBlocks = 1; (intBlocks <= this.Blocks); intBlocks++)
{
TableCell tblCell = new TableCell();
tblCell.Text = " ";
decimal temp = (Convert.ToDecimal(this.Blocks) / 100) * Convert.ToDecimal(this.Value);
if ((intBlocks <= temp))
{
tblCell.BackColor = this.FillColor;
}
_tblBlock.Cells.Add(tblCell);
}
tblProgressBar.Rows.Add(_tblBlock);
// set the progress bar properties
tblProgressBar.CellPadding = this.Cellpadding;
tblProgressBar.CellSpacing = this.CellSpacing;
tblProgressBar.Width = this.Width;
tblProgressBar.Height = this.Height;
tblProgressBar.BackColor = this.BGColor;
tblProgressBar.BorderColor = this.BorderColor;
LabelProgress.Text = this.Value + "% complete";
}
}

Wednesday, July 16, 2008

Debug javascript inside VS2005

writing JavaScript functions in the asp.net is not an easy task specially lacking the debugging feature in VS2005 (VS2008 has this build in). However, there is an easy way to enable debugging feature in the VS2005.

1. uncheck the "disabling scripting debug" in the IE internet option.
2. add "debugger;" in the script block to enable javascript debugging.

for more detail, click here

Tuesday, July 15, 2008

Restore the SQL 2005 Database using script

The SQL 2005 management studio has wizard for restore the database. It works pretty good for most cases, but I found the scripting is much for flexible. Recently, I tried to restore a database to with a different name, but the wizard won't let me to do it. Here is the example of the alternative script way. It worked great for me.

Restore Database YourDBName
From Disk = 'TheBAKFileName.bak'
With Move 'MDFFileName' To 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\YourDBName.MDF',
Move 'LDFFileName_Log' To 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\YourDBName.ldf',
REPLACE

Tuesday, July 08, 2008

DNN installation problem

I tried to install the latest DNN 4.8.x last night, but the process is not very smooth. In the middle of the installation, the DNN hung up on the install the database script page. Not sure what was going on. Some people had the same experience (google search). The "Custom" and "Typical" installation choices are not working for some reason. The "Auto" did the job. I think the "Auto" is the traditional way of installing the DNN.

Monday, July 07, 2008

Multiple IEs

When developing the web applications, we have to make sure that the application is not only running fine on multiple browsers (IE and firefox), but also running on different version of IEs (firefox always keep the user in the latest version).

The MultipleIEs by tredosoft is a great tool for web developers to test the application on multiple version of the IE. I have latest version of IE installed on my pc and added only IE 6 for MultipleIEs.

MultipleIEs links at: http://tredosoft.com/Multiple_IE

Wednesday, July 02, 2008

Prevent XSS in ASP.net (Regular expression)

I've been working on the security of a web application to prevent the XSS (cross site scripting). I read many articles about how to handle this issue. There are two ways that I found is easy to implement and will prevent most of the XSS attack.

The first is to use HttpUtility.HtmlEncode in the code behind page. It will encode specially characters in the script code, so the script will not run when the page is rendered.

The second is to use the Regular Expression validator on the client side (I think custom validaor calling the System.Text.RegularExpressions.Regex.IsMatch(string input, string pattern) is most secure).

Here are some frequently use regular expressions I found on the web:

1. Name
"^([A-Za-z']|-|\s)+$"

2. Address (allow number, text only, ., -, and space. no special characters are allowed)
"^([a-zA-Z0-9.]|-|\s)+$"

3. Email
"^([\w\-\.]+)@((\[([0-9]{1,3}\.){3}[0-9]{1,3}\])|(([\w\-]+\.)+)([a-zA-Z]{2,4}))$"

4. Social Security #:
"\d{9}"

5. Date:
"^(([1-9])|(0[1-9])|(1[0-2]))\/(([0-9])|([0-2][0-9])|(3[0-1]))\/(([0-9][0-9])|([1-2][0,9][0-9][0-9]))$"

Regular Express Library