WCF basicHttpBinding with Windows Authentication

Wrote a Report scheduling program and was having a little problem with Windows Authentication and didn't want to turn Anonymous access on so I stumbled upon the following article which was a great help:

Recipe: WCF basicHttpBinding with Windows Authentication

Saving Binary in SQL Server to PDF file

Well, I'm working on a project where I enable a user to upload a file and store it in SQL Server 2005, and then need to pull it out of the database and save the PDF file to disk using a WinClient app.

System.IO.FileStream fs;                // Writes the binary to a file (*.pdf).
System.IO.BinaryWriter bw;              // Streams the binary to the FileStream object.
int bufferSize = 100;                   // Initial size of the binary buffer.
byte[] outbyte = new byte[bufferSize];  // The binary byte[] buffer to be filled by GetBytes.
long retval;                            // The bytes returned from GetBytes.
long startIndex = 0;                    // The starting position in the binary output.
string rec_id = "";                     // The id to use in the file name.

while (myReader.Read())
{
    // Get the id.
    rec_id = myReader["DocumentationUploadID"].ToString();

    // Create a file to hold the output.
    fs = new System.IO.FileStream("DocumentID-" + rec_id + ".pdf", System.IO.FileMode.OpenOrCreate, System.IO.FileAccess.Write);
    bw = new System.IO.BinaryWriter(fs);

    // Reset the starting byte for the new Binary.
    startIndex = 0;

    // Read the bytes into outbyte[] and retain the number of bytes returned.
    retval = myReader.GetBytes(1, startIndex, outbyte, 0, bufferSize);

    // Continue reading and writing while there are bytes beyond the size of the buffer.
    while (retval == bufferSize)
    {
        bw.Write(outbyte);
        bw.Flush();

        // Reposition the start index to the end of the last buffer and fill the buffer.
        startIndex += bufferSize;
        retval = myReader.GetBytes(1, startIndex, outbyte, 0, bufferSize);
    }

    // Write the remaining buffer.
    bw.Write(outbyte, 0, (int)retval);
    bw.Flush();

    // Close the output file.
    bw.Close();
    fs.Close();

Windows 7 Launch Party

Attended the Windows 7 and Server 2008 R2 launch party in Atlanta today.

It was interesting to see the sensor demos so I thought I'd post a quick note about it if anyone is interested.

Having Fun link

Pad Integer with Zeros using C#

A quick example for padding an Integer with zeros in C#:

System.Int32 intMyInteger = 87366;
System.String strMyInteger = intMyInteger.ToString().PadLeft(20, '0');

SQL Change Table Owner

Need a quick way to change the table owner for multiple tables then try this:

DECLARE @old sysname, @new sysname, @sql varchar(1000)

SELECT
  @old = 'CHANGE_name_here_ONLY'
  , @new = 'dbo'
  , @sql = '
  IF EXISTS (SELECT NULL FROM INFORMATION_SCHEMA.TABLES
  WHERE
      QUOTENAME(TABLE_SCHEMA)+''.''+QUOTENAME(TABLE_NAME) = ''?''
      AND TABLE_SCHEMA = ''' + @old + '''
  )
  EXECUTE sp_changeobjectowner ''?'', ''' + @new + ''''

EXECUTE sp_MSforeachtable @sql

Little fun...

Well, it's getting close to football season so I thought I'd post a little fun.

Who do you think would win? :)

Formatting Dates with T-SQL

I've seen a lot of weird and extravagant ways to format dates, and wanted to share a simple method for displaying dates with as little code as possible.

CONVERT (VARCHAR, column_name, StyleID)

Example StyleIDs are listed below:

0 or 100
101
102
103
104
105
106
107
108
9 or 109
110
111
112
13 or 113
114
20 or 120
21 or 121
126
130
131

mon dd yyyy hh:miAM (or PM)
mm/dd/yy
yy.mm.dd
dd/mm/yy
dd.mm.yy
dd-mm-yy
dd mon yy
Mon dd, yy
hh:mm:ss
mon dd yyyy hh:mi:ss:mmmAM (or PM)
mm-dd-yy
yy/mm/dd
yymmdd
dd mon yyyy hh:mm:ss:mmm(24h)
hh:mi:ss:mmm(24h)
yyyy-mm-dd hh:mi:ss(24h)
yyyy-mm-dd hh:mi:ss.mmm(24h)
yyyy-mm-dd Thh:mm:ss.mmm(no spaces)
dd mon yyyy hh:mi:ss:mmmAM
dd/mm/yy hh:mi:ss:mmmAM

ASP.NET menu problem in IE8

If you use the ASP.NET menu on any of your web sites and just upgraded to IE8 then you probably just noticed that the drop down menu may have a white background.

What IE8 is doing is correct (by design), in the sense that in Standards mode IE8 is following the standards. By default the (element).currentStyle.zIndex returns "auto" when the zindex has not been set. The ASP.NET menu controls just assumes a different value. :)

Override the zindex property. Like such:

CSS

<style type="text/css">
   .IE8MenuFix
   {
      z-index: 100;
   }
</style>

HTML

<DynamicMenuStyle CssClass="IE8MenuFix" />

Modal Progress Display for ASP.NET

If you use the AJAX Extensions in your ASP.NET web site then you've probably used the UpdateProgess control to display that some action is processing in the background.

Here is a code snippet of a simple Modal type processing box I use for some static notifications of some action.

HTML:

<asp:UpdateProgress ID="UpdateProgress2" runat="server" DynamicLayout="False" DisplayAfter="1">
    <ProgressTemplate>
        <div class="PageWorkingBackground">
        </div>
        <div class="UpdateProgress">
            <asp:Image ID="Image1" runat="server" ImageUrl="~/images/SEIB-Validating.gif" AlternateText="[image]" />
            <asp:Image ID="ajaxLoadNotificationImage" runat="server" ImageUrl="~/images/bar_loader.gif"
                AlternateText="[image]" />
        </div>
    </ProgressTemplate>
</asp:UpdateProgress>

CSS:

.PageWorkingBackground
{
position: fixed;
top: 0;
left: 0;
background-color:Gray;
filter:alpha(opacity=75);
opacity:0.75;
height: 100%;
width: 100%;
min-height: 100%;
min-width: 100%

}

.UpdateProgress
{
background-color:#fff;
width: 150px;
text-align: center;
vertical-align: middle;
position: fixed;
bottom: 50%;
left: 45%;
border: solid 2px #453825;
margin: 10px;
padding: 10px;
}

Here is a picture of the modal box in action:

Complicate Brute Force Attacks in ASP.NET

Have you ever used a test program to simulate a Brute Force attack on your login screen? It's pretty vicious and cool at the same time.

On my login screens I've developed for public access I perform the following to help block any Brute Force attempt.

1. Implement Captcha technology after 3rd failed login attempt.
2. Lock account after fifth failed login attempt (optional).
3. Implement a random delay using System.Threading.Thread.Sleep on each failed login attempt.

Of couse, all of this may not be 100% attack proof, but is sure complicates things.

Below is some pseudocode I used to implement step 3 above:

...
//Sample function to validate user
if (fncValidateUser(ref mCN, txtUserID.Text.Trim(), txtPassword.Text.Trim()))
{
   ...
   Response.Redirect(strReturnURL, true);
   ...
}
else
{
   //Delay Request
   subDelayRequest();
   ...
}

//Randomly delay request, I use anywhere between 2 and 20 seconds.
private void subDelayRequest()
{
   System.Int32 minSeconds, maxSeconds;
   minSeconds = 2;
   maxSeconds = 20;
   Random rand = new Random();
   System.Threading.Thread.Sleep(rand.Next(minSeconds, maxSeconds) * 1000);
}