Tech Tips, Tricks & Trivia

In the 10th Anniversary edition of SQL Server Magazine, there are recommendations to 5 free tools for SQL Server. Two of them are for load testing and the others for preventing SQL Injection - SQLQueryStress - query load testing tool written by SQL Server MVP Adam Machanic. SQL Load Generator - run multiple concurrent queries against SQL Server HP Scrawlr — This free scanner utility can detect and identify whether your website is susceptible to an SQL injection attack. URLScan — This security tool actively restricts the kind of HTTP requests that Microsoft IIS will process. Microsoft Source Code Analyzer for SQL Injection — Static code analysis tool for finding SQL Injection vulnerabilities in ASP code The following are Kalen Delaney 's recommendations for testing before deployment: 1. Test with real data. 2. Test with real data volumes. 3. Test with a real number of concurrent users. Also see: SQL Server Performance Audit Checklist Tips on ASP.NET Hosting & Deployment

One of the best free learning resources on the Web is Wikipedia. It has been built by thousands of altruistic volunteers from across the world. Despite some controversies, it is favored by millions and it runs on donations. If you have benefited from it, you can donate to the cause or pay it forward by contributing your knowledge and time to it. Editing existing articles or adding new ones though is not for the technically faint of heart. Luckily there is now help at hand. The how-to book Wikipedia: The Missing Manual is now available online for free on Wikipedia . ( Thanks Amit ) Update(27-Apr-09): You can create a book out of any content on Wikipedia and download the finished book as a PDF. Talking of donations, Philip Greenspun gifted $20,000 for creation of illustrations for Wikimedia Foundation projects. "It occurred to me that when the dust settled on the Wikipedia versus Britannica question, the likely conclusion would be 'Wikipedia is more up to date; Britannica h

Did you know, Mort Reichek , a World War II army veteran & former editor of Business Week, began blogging when he achieved octogenarian status in 2005? If you are a blogger, you may find useful tips & interesting stats about bloggers & blogging in Technorati's Annual Blogosphere Report. Key findings from the detailed State of the Blogosphere 2008 report - Blogging is a global phenomenon Self expression and sharing expertise are the top reasons for blogging Personal satisfaction is the key success metric for three out of four bloggers Most Professional and Corporate Bloggers have benefited professionally One in three bloggers are concerned about blog readers learning their identity The vast majority of bloggers are tracking their site visitors and monthly pageviews Bloggers are enjoying CPMs on parity with large publishers Bloggers are active Web 2.0 participants

Giveaway Of The Day recently offered a FREE licensed copy of PDFZilla. PDFZilla has a option to convert a PDF to Word, RTF or text file format. I was a little surprised to discover that it can even convert PDFs with copy protection and as a result text can be copied from the converted file. I (naively?) believed that the a PDFs copy protection property was unbreakable. In fact there seem to be other tools as well that can bypass a PDF's copy protection. I wanted to share this finding so that others wanting to protect their PDFs are not under the mistaken belief that the protection mechanism is reliable. Also see: HOW TO convert authenticated / protected pages to PDF Set PDF security settings with OpenOffice

For Computer Science students & developers, a good knowledge of Algorithms & Data Structures is essential. Not all reading material you find may be easily digestible & put to practical use. Here is a list of useful articles, audio & video presentations that are freely available online - Skiena's Algorithms Lectures MIT's Introduction to Algorithms Data Structures and Algorithms: Annotated Reference with Examples (free eBook) A 6 part series by Scott Mitchell - An Extensive Examination of Data Structures Using C# 2.0 Part 1: An Introduction to Data Structures Part 2: The Queue, Stack, and Hashtable Part 3: Binary Trees and BSTs Part 4: Building a Better Binary Search Tree Part 5: From Trees to Graphs Part 6: Efficiently Representing Sets

You can retrieve the cookies with JavaScript if you set the HttpOnly property of HttpCookie class to false. The HttpOnly property gets or sets a true/false value if cookie is accesible by client side javascript. If value is true, cookie will be accessible only by server side ASP.NET code. The default is false. This property is new in the .NET Framework version 2.0. Check the MSDN documentation for a code sample . If HttpOnly can help mitigate cross-site scripting threats that result in stolen cookies, I wonder why the default value of the property is false. As per this OWASP article , Opera & Safari do not support HTTPOnly while only some browsers prevent writing to a cookie or reading HttpOnly cookies using XMLHTTPRequest. Also see: A Web App Is As Secure As You Make It & the Browser It Runs On

It's difficult not to get fascinated by a digital camera once you lay hands on it. It's also not easy not be intrigued by all the features and settings of the camera. The convenience of not having to buy film rolls & wait for them to be developed in order to view your photos as in older times means you can experiment a lot with your digicam . With digital cameras getting more sophisticated and their prices coming down (at least the point and shoot variety), photography is turning out to be an inexpensive hobby for many. I have been compiling articles on Photography by experts. These are some of the links I have so far: Tips for Using a Point & Shoot Camera Top 3 digital shooting mistakes—and how to prevent them Take better pictures of the great outdoors: 6 tips How To Conceptualize Your "people" Pictures 21 Settings, Techniques and Rules All New Camera Owners Should Know National Geographic Photo Tips Digital Photography All-In-One For Dummies Cheat S

On my sixteenth birthday, a cousin gifted me a copy of MAD magazine ("Number one in a field of one"). The magazine or comic book as some would call, satirizes various aspects of American life & generally takes the side of the underdog. It had a perspective that was unique and its irreverent (but never below-the-belt) humor kept me hooked for years. Last year an American friend presented me the book A People's History of the United States as a parting gift. I found this to be a serious version of MAD magazine in the way it chronicles American life. When I sat to read both books, I did not have any idea what I was getting into. Both turned out to be very thought provoking. Prior to reading the book, I had scant knowledge of American History. To relate to it better, I started reading the chapters from the back. Covering the history of America through five centuries , the prolific author Howard Zinn empathetically tells the untold stories through the voices of oppres

The site Giveaway Of The Day offers free licensed software with full functionality for download for a time-limited period, generally 24 hours. You can subscribe to their RSS Feed to track goodies that may be of your interest. Their current giveaway is TextAloud, a text to speech tool that also let's you save specified text as MP3 or WMA files. Talking of MP3, Project Gutenberg, the first producer of free electronic books (ebooks) also offers Audio Books that are both human-read and computer-generated. To find out-of-copyright books that you can download, you can select the "Full view only" option from the dropdown while searching on books.google.com . Some magazines are also available with the "Full view" option. Also see: Voice of Opera

Did you know about these security issues... An IP addresses such as 74.125.19.99 can be written in ambiguous ways such as 74.0x7d.023.99 (mixing decimal, octal, and hexadecimal notation) or 74.8196963. This is a trick used in phishing exploits. SVG natively permits embedded scripts and event handlers. Firefox, Safari, Opera, Chrome support SVG image format. xssed.com, a site dedicated to tracking publicly reported issues about HTML injection flaws, amassed over 50,000 entries in under two years. The recently released Browser Security Handbook has revelations like these and a thorough review of browser quirks that can affect security. This 60-page document provides a comprehensive comparison of a broad set of security features and characteristics in commonly used browsers, along with (hopefully) useful commentary and implementation tips for application developers who need to rely on these mechanisms, as well as engineering teams working on future browser-side security enhancements. Th

I use Excel occasionally and I'm always amazed at how there is always a function that you can adapt to suit a requirement. To get date 3 working days ahead in Excel there is a helpful WORKDAY function . It however returns a number that represents a date that is the indicated number of working days before or after a date (the starting date). By default, January 1, 1900 is serial number 1, and January 1, 2008 is serial number 39448 because it is 39,448 days after January 1, 1900. Working days exclude weekends and any dates identified as holidays. WORKDAY can be used to exclude weekends or holidays Excel stores all dates as integers and all times as decimal fractions. With this system, Excel can add, subtract, or compare dates and times just like any other numbers, and all dates are manipulated by using this system. So the formula to get a DATE 3 working days ahead in Excel takes a little more work as we have to convert the serial number representing the resulting date - =DATE(YEAR(WO

"Overnight success takes a long time" - Paul Buchheit , original lead developer of GMail If you plan to migrate to SQL Server 2008 or later in the future, you can save yourself a lot of trouble by being aware of the deprecated features. Some of the changes have been made to get in line with ANSI SQL standards. MSDN has a detailed list of the Deprecated Database Engine Features in SQL Server 2008 and those planned for the future versions. T-SQL expert Itzik Ben-Gan has highlighted some of the more important ones among them & suggested best practices to follow.

"Success is waking up and doing what you love and working long hours and feeling blessed you get to work them, feeling like the luckiest guy on earth that you get to do your job. " - John Wood, Founder and CEO of Room to Read and author of 'Leaving Microsoft to Change the World' As Mary Jo Foley reports , Ray Ozzie, Craig Mundie and Microsoft Technical Fellows will be filling in the Chief-Software-Architect (CSA) role that Bill Gates held. She has started interviewing Microsoft's Technical Fellows in a series titled "Microsoft Big Brains" . Their profiles make for interesting reading.

jQuery is pretty comprehensive and it is good to have a handy reference while you are working with it. It boggles me why the index of :nth-child starts from 1 while for most other functions the index is zero-based. These references can be great time-savers - Visual jQuery jQuery API Browser (downloadable offline copy available)

While constructing a regular expression pattern, sometimes it may be easier to write a pattern that negates the non-matching characters (did I just write a double negative ?) rather than write a more complex pattern to pick matching characters. Let's say you want to ignore a word that has vowels. The following pattern will match any single character NOT in the specified set of characters. [^aeiou] There is some nice info on Character Classes on MSDN . [^character_group] represents a Negative character group. It matches any character not in the specified character group Now we want the pattern to match not just a single character but a complete word so we use the + to indicate there are multiple characters. The ^ sign represents start of a string and $ denotes end of a string, so our final pattern to ignore a whole word that has vowels becomes this - ^[^aeiou]+$ Regular expressions can drastically replace several lines of validation code. However we need to test our pattern aggressi

There is a pattern in which URLs to generate image thumbnails are created by Amazon, YouTube. The trick to get the images is to manipulate these URLs.  Check these detailed notes on how an Amazon URL to fetch an image is built .  Replace the Amazon Standard Identification Number (ASIN) in the URL to get a 93 x 140 pixels, standard size image - http://images.amazon.com/images/P/{ASIN}.01.MZZZZZZZ.jpg  As per this discussion thread , you can adapt the format of the YouTube URLs by replacing the actual VideoId in this URL to get thumbnail images of dimensions 130x97 -  http://img.youtube.com/vi/{VideoId}/1.jpg  and use this for a 320x240 image - http://img.youtube.com/vi/{VideoId}/0.jpg  You may have to check for the licensing terms before you use them.

Social bookmarking sites & online bookmarking sites serve a good purpose but require logging into an additional site. Wouldn't it be good if your Feed Reader (supposing it is Google Reader) doubles as a bookmarker to preserve your favorite pages as well? This tip requires some familiarity with the Google Reader interface. While you can pick the special posts from the feeds you already subscribe to by specifically marking them with the "Add Star" and " Add Tags " features to differentiate them from the rest, how do we add web pages that are not provided as a RSS feed to Google Reader? The tutorial Create RSS Feeds for your Website shows us how to get any web page into Google Reader as if it were a RSS feed. The following are the steps adapted from that tutorial to suit our purpose. 1. Login to your Google Reader account. From the menu on the top left, select Notes. You will find a label titled "Note in reader" in the right frame. Drag &

Last week I signed up for the Monthly Plan of BigFlix, India's version of NetFlix. The largest number of movies are produced from India and this means that there is also a huge audience for it (although they don't generate the kind of revenue that Hollywood movies do). So it makes this movie rental service a cool idea that is first of kind as it leverages the Internet. To get a movie you can place a request through their site, by phone or their Store. The BigFlix website runs on ASP.NET & utilizes ASP.NET AJAX. The pages are well designed considering an average user can get his work done but slow loading. The UI has some rough edges (search keywords vanish when you change search options) that can be polished to make it better accessible. The movie summaries are terse and badly written. They do not help in deciding if you should pick a particular movie. Given the fact that there will be a large number of subscribers, the site has the potential to build collective intelligen

One of the innovative AJAX features I like is the Infinite Scrolling or the Continuous Scrolling UI Pattern you seen in websites like Google Reader and Wikia Search ( the open source search engine !) UIPatterns explains Continuous Scrolling in the following way: In contrast to the Pagination patterns, the Continuous Scrolling pattern has no natural break. When using pagination patterns, a decision to only show a subset of data at a time and then let the user request more data if wanted is chosen. With the Continuous Scrolling, new data is automatically retrieved as the user has scrolled to the bottom of the page. It thus appears as if the page has no end, as more data will be loaded and inserted into the page each time the user scrolls to the bottom of page. In my opinion, Infinite Scrolling scores over Paging especially for read-only data and it is more intuitive and accessible. As this Classic ASP sample shows, implementing Infinite Scrolling is simplified with jQuery . In that sa

There are three major groups of audio file formats: Uncompressed audio formats, such as WAV Formats with lossless compression, such as FLAC, lossless Windows Media Audio (WMA) Formats with lossy compression, such as MP3, Vorbis, lossy Windows Media Audio (WMA) and AAC. Zamzar is a free online file conversion service that let's you convert files from one format to other. The audio formats they support can be considered the most popular. We're keen to be a verb in the Oxford English dictionary: Want to convert a file? Just "Zamzar" it. Co-founders Chris and Mike Whyley still run Zamzar on a part-time basis without external funding (Picture courtesy: Guardian ) I was curious to know more about formats other than MP3 & WMA and my search took me to Wikipedia. Here is some paraphrased info on popular audio file formats - aac – the Advanced Audio Coding format is based on the MPEG2 and MPEG4 standards. aac files are usually ADTS or ADIF containers. AAC's