A gross misuse of the fabric of space-time

LinqFilter Code Injection

3 minute read Published:

Unless you’ve been living under a rock, you may have heard of such things as SQL Injection and XSS (cross-site scripting) attacks, just to name the popular forms of the attack. These types of attacks are language specific forms of the general “Code Injection” attack. These types of attacks happen when developers concatenate source code with unchecked user input and get to the stage where that fully trusted source code is eventually executed.

C# Case Expression via Extension Methods

5 minute read Published:

As a veteran C# developer yourself, I’m sure you’re familiar with the switch statement. Since it is a statement this means you cannot effectively use this ever-so-useful construct in an expression, such as in a LINQ query. This is a shame, and it irks me greatly that I have to resort to emulating the switch behavior with a series of chained ternary operators (a ? b : c ? d : e ?

LinqFilter: Run LINQ Code From The Command Line Interface!

4 minute read Published:

Having recently acquired a taste for using git on Windows with msysGit, I’ve been getting a lot more productive with my use of bash and other command-line tools in Windows. Shifting data around on the command line gets pretty hairy very quickly. Unfortunately, the basic set of Un*x utilities that process text data is just not powerful/flexible enough and usually each tool has some ridiculous custom syntax to learn, all of them different.

Immutable DataContract generator for Visual Studio 2008 T4

8 minute read Published:

At a first glance, using WCF appears to limit one’s capabilities in working with immutable data structures, namely immutable data contracts (classes decorated with [DataContract] and [DataMember]) attributes. After some thought and a little experimentation, I came to a reasonable solution implemented in T4 where one can code-generate the immutable data structure and its related mutable class builder structure used to construct said immutable data contract instances. First, let me demonstrate and explain a bit of the basic code pattern behind immutable data contracts before we move onto the T4 solution.

IQueryable to LINQ C# syntax formatter

2 minute read Published:

Technically, the title of this article should be System.Linq.Expressions.Expression to LINQ C# syntax formatter but that’s a bit lengthy. To get right to the point, I’ve developed a class to parse an Expression tree generated by a LINQ IQueryable query and produce C# LINQ syntax as output. I tried searching the internet for similar work and nothing was immediately available or that was in source form for me to integrate with my tool.

LINQ-to-SQL auditing web-based tool

4 minute read Published:

I’ve been developing a LINQ-to-SQL auditing web-based tool for the last few days and I’d like to share some progress with you all. This auditing tool takes an instance of our data repository implementation class, finds all public methods via reflection, and executes them one-by-one with a special auditing mode enabled. Each of our query methods is required to call one of our various audit methods depending on the query execution scenario.

T-SQL HTML formatting code in C#

2 minute read Published:

As usual, when I blog, I only blog about things I find that are unique and that haven’t been posted before. Today is no exception. I give you an HTML formatter for T-SQL, written in C# using Regular Expressions. public static string HTMLColorizeSQL(string sql) { string output = HttpUtility.HtmlEncode(sql); output = Regex.Replace(output, @"^--(?<comment>[^\r\n]*)(?<post>\r\n|$)", @"<span class=""sql_comment"">--${comment}</span>${post}", RegexOptions.IgnoreCase | RegexOptions.Multiline ); output = Regex.Replace(output, @"(?<=(\[|\b))(?<keyword>(SELECT|FROM|WHERE|ORDER|INNER|JOIN|OUTER|LEFT|RIGHT|CROSS" + @"|DISTINCT|DECLARE|SET|EXEC|NOT|IN|IS|NULL|BETWEEN|GROUP|BY|ASC|DESC|OVER|AS|ON" + @"|AND|OR|TOP|GO|CASE|WHEN|ELSE|THEN|IF|BEGIN|END|LIKE))\b", @"<span class=""sql_keyword"">${keyword}</span>", RegexOptions.IgnoreCase ); output = Regex.

LINQ-to-SQL query auditing

4 minute read Published:

Have you ever found it a pain to try to debug the SQL query generated by LINQ-to-SQL?¬†For my employer, Kaplan, I’ve designed a SQL query auditing “framework” that allows us to audit all of the LINQ generated SQL queries from our data repository implementation class. (I use the term “framework” here lightly because it is no more than a few “shim” methods implemented in an abstract base class that the repository implementation class derives from.

Resumes

3 minute read Published:

What’s on your resume? Is it just a collection of what I refer to as buzzword bingo with filler words in between? How does it stack up against other resumes? Oh, you listed C# 3.0 on your resume? Great! Just what we’re looking for. You have experience with ASP.NET? Wow! What a match! Let me put your resume next to all the other identical copies in my big whoop folder.

Algorithmic Test for Senior Software Engineers

4 minute read Published:

Having had enough of the tired old “ask a question get an answer” interview tactics, I decided to put together a test bed application to test the interviewee’s real-world problem solving skills. Based on feedback from other team members, I did not actually force this upon on any of our recent interviewees. The purpose of the test is to find out if the interviewee can actually develop an algorithm to solve a problem from scratch and can fit it into an existing project.