Posted by: jorgedbucaran on: February 9, 2008
Unfortunately there is no String::ToProperCase() in the .NET Framework, but there is TextInfo::ToTitleCase which is not that bad and actually provides international support. Can’t help a chuckle from that statement. However, if you don’t like:
TextInfo ^texti = gcnew CultureInfo("en-US", false)->TextInfoYou can always implement your own simplified version. I share mine here:
String ^toTitleCase(String ^string)
{
Text::StringBuilder ^stringb = gcnew Text::StringBuilder();
Char lastch = ' ';
for each (Char ch in string) {
if (Char::IsLetter(ch) && Char::IsWhiteSpace(lastch)) {
ch = Char::ToUpper(ch);
}
lastch = ch;
stringb->Append(ch);
}
return stringb->ToString();
}Posted by: jorgedbucaran on: January 31, 2008
Open your favourite Internet browser. I prefer Firefox but I hold nothing against IE whatsoever, there is a reason why it shares the vast majority of the market. Click the address bar or just press Alt+D and type in:
javascript: alert("hello, world!");and later
javascript: alert("this is javascript injection"); alert("use with caution");I am not a hacker but I do share with them the joy to research and learn. Recently, however, I had to go savage and do a little hack in order to bypass a really weak free online poll system with a very moronic security attitude. The moment I was told to go there I made the first and valid vote and checked the cookies. In Firefox is Tools->Options->Privacy->Show Cookies immediately I realized the site used cookies to authenticate users because the cookie key/value pair had the very suggestive name DoVoted = OK, in other words to prevent voting multiple times in the system a cookie was used and set to expire after an hour or so. So lame. A slightly more robust system would’ve relied on IP addresses to prevent users to vote multiple times, at least from the same computer. So in order to actually proving my theory I erased my private data, including cookies, and voted again. It worked! I had fooled the system, only to realize an hour later that some other people found about this too. They must have had a trained group of fools erasing cookies and voting because their counter went really fast and peaked over a 1000 in no time. In order to simplify things and learn a little from this boring experience I had to research on Javascript code injection and I managed to come up with a much more hacker worthy approach.
Basically, I went to the page and voted. This action saved my choice in the HTML form that used the POST method to send the information to a PHP script that handled the database I/O. If I clicked the refresh button this information would be sent over through the POST method again, but of course, the purpose of the cookie was to avoid this adding another vote. So by erasing cookies and refreshing I had my algorithm. I had the plan, now I needed the code.
Nevertheless, there was a catch on all this. Whether you use IE or Firefox (I assume other browsers as well) whenever you refreshed, the infamous resending postdata dialog would present itself to take care of you in case you were sending delicate information like a credit card / eCommerce transaction data. Don’t get fooled by that link explaining how to get rid of it, it is not within the context of the problem. Anyway, no matter how hard I tried I couldn’t find any information on how remove it except for a very fresh guy explaining the only possible solution (it’s true, I’m almost convinced it is impossible to do it) was to directly modify the Firefox source code (which is easily obtainable though) and recompile (which is easily your worst nightmare though). I must say I didn’t stop there. I kept trying and thought a solution would be an external application, C++ Windows API console program that would lay there systematically checking for this dialog calling FindWindow() and in case of success post a WM_QUIT to its message queue. But I just didn’t have more time.
Anyway, having my two step way to success in place, I knew I’d still have to click the OK button for the crappy resending postdata dialog but that was better than nothing. The code turned out to be extremely easy. I do had to tweak a lot with the code for erasing the cookie but it was fine. This was the code:
javascript: document.cookie="DoVoted_252032=; expires=Mon, 01 Jan 1900 12:00:00 UTC; path=/"; location.reload();Yes, all in one line. The final part refreshes the document. The first part erases the cookie. To erase is simply to set the expiration date to the past, that thing of DoVoted_252032=; indeed, setting the name to nothing was meaningless (but looked professional) because what matters is the expiration date. I do needed to know the name of the cookie, which I picked up earlier in the Firefox cookies viewer. Also note the cryptic format of the string, you can do only little about it, but that is for another time. And finally note that to set/erase a cookie you change the value of the document.cookie property which can be set to a string.
Have fun with Javascript code injection, Google that sentence and you are likely to hit hundreds of useful resources.
Posted by: jorgedbucaran on: January 24, 2008
Haskell can be both interpreted or compiled, generally you’ll want to use an interpreter for testing but you’ll also need a compiler if you want to make a standalone executable.
There are several implementations of Haskell available and if you want more general information you can read it on Wikipedia. I will work with GHC which you can get here , if you don’t know what tar/gzip/bzip means, search for the binary packages or self-installers and don’t pretend you are geek, in other words, here is the Windows installer, that’s the one I got. The GHC stands for Glaslow Haskell Compiler and not GNU Haskell Compiler as I originally thought.
After you finish downloading and installing browse to the ghc bin directory which by default is c:\ghc\ghc-6.8.2\bin and you’ll find there the ghci.exe and ghc.exe which are the interpreter and compiler respectively. Instead of directly double clicking them (though you can do it for the interpreter and it will work great, at least for our newbie programs) open the command prompt at Windows, go to Start->Run type cmd and get comfortable with you new IDE. Don’t get fooled, there are dotNet implementations of Haskell as well as Eclipse extensions, but I won’t talk about that any time soon.
From the command prompt/line type ghci, this is the Haskell interpreter. You can also run the ghci passing the path to the (*.hs) Haskell source code file to execute. If everything goes well you’ll see:
c:\>ghci
GHCi, version 6.8.2: http://www.haskell.org/ghc/ :? for help
Loading package base ... linking ... done.
Prelude>Enter :? to bring up the help system and see all the available commands. To load a file use the :load command and specify the path to the Haskell file. To test this create a new text file and name it hh01.hs, save it on the c: drive (or whatever drive unit of yours). If you are on Windows Vista you may need to go through several dialogs in order to allow the writing on the c: bare bones unit so instead, save the file on your user folder, in my case c:\Users\jorgedbucaran, make sure to change the .txt extension to .hs. If you can’t see the file extension go here or here.
Enter this code in the created .hs file:
main = print("hello, world!") And save it. This may look familiar (or at least not weird enough) but don’t be deceived, Haskell is not a procedural/imperative/object oriented programming language like C++, Visual Basic or Java, it is a functional programming language, but we’ll get to that later. Again, please note that this program does not say more about Haskell, it is just a fair demonstration for us to get started.
Type from the command line, :load c:\\hh01.hs or :load c:\\users\\hh01.hs. If everything works well you’ll see:
[1 of 1] Compiling Main (c:hh01.hs, interpreted) OK, modules loaded: Main.*Main>Note that you need to escape the backslash (if you don’t know what escape means, then just type the \ twice). Enter main and you’ll see Haskell being polite. If you modify the code you’ll also need to reload the file into the interpreter because it won’t accept the new changes. To do this enter :reload and it’ll do the trick.
The function main is the entry point to the application. When you load the program/module you are on its context, so you can invoke whatever function is defined there, in this case we called the main function main and ran it because it was defined in the hh01.hs code. Once again, we’ll discuss later on Haskell being a functional language and what does that means. Bear with me, it’s like nothing you’ve ever seen, unless of course, you had programmed on Haskell, ML, Lisp, Scheme or Caml before. In which case you must be thinking, I can write a better tutorial about this. If you want to exit the interpreter, just type :quit. Remember to prefix the colon to all commands when running the ghci.
Back to the command line. Instead of interpreting the program, we can also compile it. That is as simple as:
c:\>ghc hh01.hs And it will generate an executable (as well as other files, on that later) which you can go ahead, double click and run. If you want These files will be created in the same folder the source file was located. There are several options available at compile time, run the compiler like ghc -? to review the help. We will study some of this options later, but for now what we care is to see an actual executable.
As some of you may not be familiar with the command line, let me shed some light on common questions you may have. First of all, how does the Windows command line knows about ghci and ghc? And what does it mean to run the compiler on the file context?
The first one is easy, when the GHC was installed, it added its path to the Path environment variable. Environment variables are global variables that the operating system is aware of and obviously able to retrieve, on Windows, whenever the GetEnviromentVariable(name, store, size) API function is called. Fine but that does not explain how the command line knows about the Haskell interpreter and compiler yet. Having the path to the Haskell installation appended to the Path variable allows applications that make use of this aware of any executables under that location. It’s like using namespace in C++\CLI or Imports in Visual Basic .net to resolve the scope of classes and namespaces. On Windows, you can look at the contents of this variable by accessing the System Properties dialog by right clicking on My Computer (just Computer on Vista), browse to the Advanced tab and click on the Environment Variables button at the bottom of the window.
So, does the command line uses this environment variable to know where to find the ghci and ghc? Yes. So what happens is that if you type the name of the executable, Windows will look for the program at the locations specified in the Path variable after searching in the current directory which has higher priority.
The second question is also an easy one. At the command line, you can navigate through directories using the cd directory command. This will change the current file context to that directory. That is like opening that folder and being in there. This also means that you don’t have to enter the full location of the executable you pass to the compiler. Windows will know where to find the ghc and will resolve the program by looking at the current file context, the current directory.
In a nutshell, we covered getting Haskell, loading programs and running them with the ghci (Haskell interpreter) and compile programs with ghc (Haskell compiler).
Finally, whether you believe my tutorial is good or not, I highly recommend the following links to tutorials, some of them I am still processing.
