Styles

Monday, February 15, 2010

Commonly used Regular Expressions

Here is a list I put together a while back to keep for reference whenever I do validation:

First Name or Last Name

^[a-zA-Z-'\s]*$

Email

^[a-zA-Z0-9]+[a-zA-Z0-9\'._%+-]*@[a-zA-Z0-9_-]+[.]%7b1%7d[a-zA-Z0-9_-]+
[a-zA-Z0-9._-]*[a-zA-Z0-9]+$">*@[a-zA-Z0-9_-]+[.]{1}[a-zA-Z0-9_-]+
[a-zA-Z0-9._-]*[a-zA-Z0-9]+$

Phone or Mobile

^[0-9\(\)\-+\s]*$

Postcode for Australia

^[0-9]{4}$

Postcode for the US

^[0-9]{5}$

Postcode for the UK

^[a-zA-Z]{1,2}[0-9]{1,2}[a-zA-Z]?[\s]*[0-9]{1}[a-zA-Z]{2}$

Date: Day

^([0-2]*[1-9]{1}|3[0-1]{1})$

Date: Month

^([0]*[1-9]{1}|1[0-2]{1})$

Date: Year

^(19[0-9][0-9]|20[0-9][0-9])$

CSV File with comma delimited text

,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))
There is also an incredibly useful tool that a colleague of mine, Ross Donald, built that had helped me out so much in the past:
http://www.radsoftware.com.au/regexdesigner/

Saturday, February 13, 2010

Sitefinity CMS features

Rich Text Editor

In order for the WYSIWYG editor to contain the table editor as follows:



You must edit the [Web Root Folder]\Sitefinity\Admin\ControlTemplates\EditorToolsFile.xml file and add the following tool:

<root>
  <tools dockable="false">
    <tool name="InsertTable" />
  </tools>
</root>

Page Navigation


For certain properties you only want to navigate to pages within your own sitefinity application, the following property with its attribute definition is the most appropriate for this requirement:

[WebEditor("Telerik.Cms.Web.UI.CmsUrlWebEditor, Telerik.Cms")]
    public string StartingNodeUrl
    { 
        get; set;
    }



File System Navigation


Some properties may require selecting a file or folder within within your sitefinity application. The following attribute definition is the most appropriate for this requirement:

[WebEditor("Telerik.FileManager.UrlWebEditor, Telerik.FileManager")]
    public string EndNodeUrl
    { 
        get; set;
    }



General URL Navigation

The System.Web General attribute description for a Url type Property is demonstrated below. Sitefinity would detect this and realise that it is a Url type Property, and would therefore allow the selection of a page or file within the sitefinity application:

[Editor(typeof(UITypeEditor), typeof(UITypeEditor)), UrlProperty]
    public string RedirectUrl
    { 
        get; set;
    }



Image URL


Some images in sitefinity are stored in libraries and so the standard sitefinity dialog for selecting from either library or file system needs to be used as follows:

[Editor("System.Web.UI.Design.ImageUrlEditor, System.Design",
 typeof(UITypeEditor)), UrlProperty]
    public string ImageUrl
    { 
        get; set;
    }

Wednesday, February 10, 2010

Classic ASP - prevent SQL Injection hacks

Typically, a developer would be tempted to write the following to connect to a database.
<%@ Language=VBScript %>
<% option explicit %>
<%
    set cnn = server.CreateObject("ADODB.Connection")
    cnn.Open(ConnectionString)

    strSQL = "exec uspSQLInsertString " & customerID & "," & contactID

    dim result
    result = cnn.Execute(strSQL)

    cnn is nothing
%>

This is actually a bad use of ADO which allows a potential security threat using SQL Injection.
A more appropriate use of ADO in Classic ASP is as follows:

<%@ Language=VBScript %>
<% option explicit %>
<%
    set cmd = Server.CreateObject("ADODB.Command") 
    cmd.ActiveConnection = ConnectionString 
    cmd.CommandText = "uspSQLInsertString" 
    cmd.CommandType = adCmdStoredProc
    cmd.Parameters.Append(cmdInsert.CreateParameter("@date", 
    adDBDate, adParamInput, 6, cdate(Request.Form("hLive"))))

    dim result
    result = cmd.Execute() 

    set cmd = nothing 
%>

This is a more appropriate way using parameterised queries.