SQL Injection I Can Support
As much as I hate SQL injection, this is actually a use for it I could kinda support:
http://gizmodo.com/5498412/sql-injection-license-plate-hopes-to-foil-euro-traffic-cameras
Fighting Big Brother! Love it. Ha!
Best Practices for Avoiding SQL Injection Attacks
A friend of mine recently brought this helpful link to my attention. It’s a very useful (and somewhat comical) listing of best practices for preventing SQL Injection attacks for various web programming languages. Thanks Sean!
CSS Box Model
One of my co-workers pointed out this a useful reference on the CSS Box Model: http://css-tricks.com/the-css-box-model/
This is extremely helpful for figuring out how to get CSS web design elements positioned and spaced exactly like you want.
Thanks for the heads-up, Trent!
Configuring IIS FTP and Windows Firewall for Passive Connections
The FTP Server included in the Microsoft Server OS is a bit limited. Only direct connections are enabled by default. To allow passive FTP connections to your server you have to do some manual configuration of the IIS metabase, Windows Firewall (if enabled), and any hardware firewall that you may have in place.
Unfortunately, in order to configure your FTP server to utilize passive connections you have to manually change the IIS Metabase. There isn’t any user-friendly IIS Manager checkbox or anything you can just click to make it happen. The easiest tool to use to browse and edit the IIS Metabase is Microsoft’s Metabase Explorer which is included in the IIS 6.0 Resouce Kit.
To enable passive FTP connections and set the port range, do the following:
1. Install the IIS Resource Kit on your server and open the IIS Metabase utility
2. Browse to [ServerName] (local) -> LM -> MSFTPSVC
3. Right-click on MSFTPSVC and create a new string record entry (New -> String Record)
4. Choose PassivePortRange as the Record Name or Identifier and String for the Data Type
5. Enter the range of ports you would like the FTP Server to use for passive connections; i.e. 5500-5525
6. Close the Metabase Explorer and bounce the IIS services or reboot the server to make sure the changes are put into effect
If your server is also running Windows Firewall, you will also have to allow incoming connections via the port range you specified for your passive connections. This is truly a pain since there isn’t a nice and easy way to define a firewall rule for a range of ports in the Windows Firewall admin utility. You have to enter a rule for each port in the range individually – ugh. But with the use of a simple script, you can automate this process. I originally found this info on David Eedle’s site and wanted to pass it on.
The following will add a Windows Firewall rule for each of the specified ports – 5500 thru 5525 – and name them “Passive FTP [port#]”
FOR /L %I IN (5500,1,5525) DO netsh firewall add portopening TCP %I “Passive FTP” %I
The last step is remembering to also open up the same TCP port range on any hardware firewall / router you may have in place; all pointing to the internal IP address of your FTP server.
Using Expressions for Fun and Profit
A co-worker put together a great post explaining how you can use the System.Expressions library and lambda expressions in C# to create dynamic functions that are compiled and cached at run time. This technique can be used in place of reflection. This is some good stuff – thanks Sean.
http://scmccart.wordpress.com/2009/05/04/using-expressions-for-fun-and-profit/
Table Layouts vs. Div Layouts
This is a very good article discussing the age-old tables vs. divs web structure debate. A lot of good comparisons, code examples, and best practices are included. Check it out:
http://www.smashingmagazine.com/2009/04/08/from-table-hell-to-div-hell/