Hey,

Lets say i have a complex obj -A that is a root of complexed objects graph. (this is a network device modeling)

I am using ORM ,

The PDF document that I wrote with Matt Gibbs a while ago on UpdatePanel is now up to date and in sync with the RTW (Release to Web) version of the ASP.NET 2.0 Ajax Extensions. It's a 60 page document that teaches how to use the UpdatePanel control to incrementally "ajaxify" an ASP.NET 2.0 web site. The booklet comes with downloadable code samples that are immediately applicable in the real world. The update contains a few new sections that cover the features that appeared since the last revision such as the client-side events for partial updates. Of course, if you bought it before this final version, O'Reilly offers the current version for free. Buy the book from the O'Reilly site : http://www.oreilly.com/catalog/atlasupc/...(read more)

Chris Shiflett has a post today, Allowing HTML and Preventing XSS. The problem is how to allow users to format their contributed content without introducing security vulnerabilities. The answer is usually some sort of markup language or filtering and sanitization of HTML.

BBCODE was designed for this purpose. There is no actual standard, but the core syntax seems fairly uniform. It's good for those used to forums, where it seems to norm.

HTML markup is nice because it is a standard, even if varying subsets are supported. Learning a little HTML isn't going to hurt anyone, at least for the next 20 years or so. The problem is that HTML was never intended to be hand edited. The syntax is not the most inviting, and different HTML-like markup languages handle whitespace differently than the HTML standard.

Wiki markup syntaxes were designed to be human friendly. The main problem I have with wiki syntax is that there is no standard. It seems like every wiki has a different way to formulate a link, for example. I guess there is some progress with Wiki Creole, but I still have a bad taste in my mouth.

The other problem I have with wiki markup is that I find it to be non-deterministic. When I edit any given wiki and try to use more than basic formatting, I never know what I am going to get. Most of the markup processing engines for these wikis are impenetrable morasses of regular expressions. It can be hard to gauge interactions. Are you really sure they are secure?

Speaking of impenetrable morasses of regular expressions, have you ever looked at WordPress's input path? I'm sure every one with a WordPress blog who likes to blog about PHP code knows that it is a code eater. I've been particularly disappointed with WordPress in this area. Most the "code formatting" plugins still have problems protecting code from WordPress' heavy hand.

But the WordPress preg_replace gauntlet doesn't just mangle code. I have a post which has been sitting in draft mode for several weeks because I can't figure out how to give it the proper markup. WordPress is somehow taking my perfectly balanced input markup and producing "unbalanced" output markup. I haven't yet tracked down the problem to either submit a fix or to do a good bug report. Frankly, I'm not looking forward to trudging through all those regular expressions.

In Chris' post, he takes the regular expression approach. Folks in the comments have pointed out a few problems with his approach, including the problem of interleaved tags. If you can't tell by now, I am not a fan of the regular expression gauntlet approach to markup languages. I prefer a defined syntax and a traditional computer science style parser (which may use regular expressions).

The other must-have is a preview option. With so much variation in markup languages, not having a preview leaves the user to play Russian roulette with their submitted content. I've talked about that before in the usability of input filtering. This is another area where WordPress leaves the user high and dry.

The complex input path in WordPress combined with its reliance on global variables seems to leave it unable to do an in-page preview. The admin area preview is an IFRAME so that it launches a separate request. The various live preview plugins are JavaScript based and don't work when it is disabled. They also don't pass the input through the same input path that WordPress uses, so they are not a true preview.

I don't mean for this to be a WordPress rant, on the whole, I like WordPress. Rather, I just wanted to point out how hard it can be to do good input filtering, that is safe, reliable, deterministic, and usable.

J.D. Meier has a good post on best practices for structuring your projects (ASP.NET and client) for best productivity in a team environment with source control and the like. One of the biggest benefits here is that you can stop arguing about which way is right and just follow J.D.'s lead ;-) Structuring Projects for Team Foundation Server Read More......(read more)

Up until now, we've never had a great set of JavaScript debugging tools, but "Orcas", the next version of Visual Studio will have some great new JavaScript debugging tools. While Visual Web Developer "Orcas" hasn't shipped yet, there is a CTP available that you can download and install. The VWD team (and my old team) has posted on their blog a couple of blog posts about how to do JS debugging in VWD Orcas. It's worth checking out. Jscript Intellisense in Orcas: http://blogs.msdn.com/webdevtools/archive/2007/03/02/jscript-intellisense-in-orcas.aspx Jscript Intellisense in March CTP – Gotchas & Workarounds: http://blogs.msdn.com/webdevtools/archive/2007/03/07/jscript-intellisense-march-ctp-gotchas-workarounds.aspx Jscript Debugging in Visual...(read more)

The next in the 3 rd Party AJAX Web Cast Series is Thursday March 29 th ASP.NET AJAX the Codeless Way: Telerik AJAX Manager in Action Ever dreamed about a shortcut to building ASP.NET AJAX-enabled applications? One that eliminates the need for writing JavaScript, placing UpdatePanels all over your form, setting dozens of Triggers? Now, wake up and watch carefully, because this is already possible in real world, thanks to a new control from Telerik, called ASP.NET AJAX Manager. Join us for a practical demonstration led by Todd Anglin , a Telerik Technical Evangelist. First, Todd will build a typical ASP.NET application using third-party controls for the rich UI. This app will perform regular postbacks. Then he will add Microsoft ASP.NET AJAX...(read more)

Learn how you can use Java code to convert Web pages to images with the click of a button.

SearchDomino.com member Sameer Thakur explains common pitfalls associated with using WebQuerySave agent and how to avoid them when validating data on a Lotus Notes form.

The team was finally able to find a fix for this sporadic issue: occasionally the Add View with Presenter recipe would throw a ValueProviderException. This was apparently due to having two versions of the same DLLs loaded in memory at the same time. The Recipes were built with a signed version of the DLL, but the projects were loaded with an unsigned, source version of the DLL. There is a full explanation of the issue , and also a fix on our known issues page . Read More......(read more)

Last week I started the first in a series of blog posts I'll be making that cover some of the new VB and C# language features that are coming as part of the Visual Studio and .NET Framework "Orcas" release later this year. My last blog post covered the new Automatic Properties, Object Initializer and Collection Initializer features . If you haven't read my previous post yet, please read it here . Today's blog post covers a much more significant new feature that is available with both VB and C#: Extension Methods . What are Extension Methods? Extension methods allow developers to add new methods to the public contract of an existing CLR type, without having to sub-class it or recompile the original type. Extension Methods help blend the flexibility...(read more)

Running PPC ads is one of the fastest and easiest ways to do niche keyword research.

We are giving away a free pass to the the fast approaching San Fransisco Elite Retreat conference.

Joost de Valk emailed me about a Firefox Greasemonkey extension webmasters can use with Google's Webmaster Tools to see the PageRank and anchor text of inbound links. The tool is fast, and does a good job of showing you how well you have been mixing your inbound anchor text.

I hope many of you have already downloaded the Notes 8 Beta, installed it, and are busy reporting your findings!

So far I think my favourite feature is the new style for type-ahead mail addressing. ? It is very "Gmail-like" and that is a good thing! ? Not only does it find matches for the characters I enter, but it moves the most recently used entries to the top of the list.





PS: Hi Unc!

Many of the most powerful web based business models are auctions.

I recently purchased a website at mydomain.somecompany.com as a store to sell somecompany.com's products and was wondering if the site had any value, and how I could do SEO on the site if I couldn't change the content?

I went to see the movie 300 this past weekend and it was enjoyable. Pretty much what I expected after seeing the previews: it looked just like a movie version of a Frank Miller graphic novel. In a good way, of course.

Since I know essentially nothing about "real" ancient history, I decided to check out the Wikipedia entry on Sparta to get an overview and I noticed that it was locked and under dispute:

Hmm, what's that all about? So I clicked through to the Talk:Sparta page and man o' man, what a grand Edit War they've got going on there. It's absolutely hilarious to a disinterested outsider like me. At this point in time (here's the permalink to a version of the page from today, in case it goes away or gets drastically changed) the big dispute is over whether Sparta should have been called a "superpower" or not, although there seems to be a lot of personality clash going on to fuel the fire.

If you've got a whole lot of time (more time than me, because I just did a healthy skim of the page), there's a world of entertainment buried in that discussion. To an oddball sense of humor like mine, anyway. Start at the Sparta as a World Power section about 1/4 of the way down the page and keep on reading.

It's also interesting to see how disputes like this get resolved in an open forum like Wikipedia. On the one hand, there's the idealist mindset of Do Not Feed The Trolls (DNFT), hoping that trollish behavior will eventually just go away. On the other hand, this sort of thing can end up being a huge timesink for the people who are the real caretakers in such a situation, and it's not necessarily clear whether there's true trolling going on here or not. It might just be an honest-to-goodness (and very harsh) disagreement.

---

[ permalink ] [ e-mail me ] [ read/add comments ]