The CLR gets all the press in articles about SQL Server 2005, but I think the most popular features won’t involve CREATE ASSEMBLY. The most popular features will be those that prevent ‘uncomfortable conversations’. You know, those conversations you don't want to hear....
Feature: DDL Triggers
Prevents: Well I thought I was in the test database when I dropped the Orders table, but, um, well, um. We have a backup right?
Feature: Snapshot Isolation
Prevents: Hi, I’m Sandy with the Oracle Corporation. Your application will suck wind with with their database. Pick us. We can do things they can’t do, blah blah blah multi-version consistency blah blah blah. I’m not leaving till you pick us.
Feature: TRY/CATCH in T-SQL
Prevents: “This stored procedure has more litter in it than the Hudson river.“
| Before | After | |
BEGIN TRANSACTION
UPDATE Categories SET CategoryName . . .
SET @Error=@@ERROR
IF @Error <> 0 BEGIN
RAISERROR('blah blah blah',16,10)
IF @@TRANCOUNT <> 0 ROLLBACK
RETURN(@Error)
END
INSERT INTO Categories . . .
SET @Error=@@ERROR
IF @Error <> 0 BEGIN
RAISERROR('blah blah blah',16,10)
IF @@TRANCOUNT <> 0 ROLLBACK
RETURN(@Error)
END
COMMIT TRANSACTION
|
BEGIN TRY
BEGIN TRANSACTION
UPDATE Categories SET CategoryName . . .
INSERT INTO Categories . . .
COMMIT TRANSACTION
END TRY
BEGIN CATCH
IF @@TRANCOUNT <> 0 ROLLBACK
SELECT @Error = ERROR_NUMBER()
RETURN (@Error)
END CATCH
|
Yes, nice indeed.
Earlier this month Christopher Steen gave a CMAP presentation on ReSharper by JetBrains. Chris had a lot of ‘oohs’ and ‘aahs’ going. I was prepared to steal Chris’s laptop and lock myself in a room- just to spend a few minutes alone with the tool before surrendering to police, but I exercised patience instead.
While checking out the JetBrains site I noticed Omea Reader (currently free) and Omea Pro. I’ve been looking for a better newsgroup reader. For the last 10 years I’ve used Agent, but it still doesn’t support multiple newsgroup servers in a single instance.
Omea Reader currently supports multiple newsgroup servers, has a sharp interface and RSS feeds. The app offers various ways to categorize, annotate, and flag posts. The major downside to me is the need to use the Ctrl key for short cut operations, like to mark a post as read, or move to the next unread post. There also doesn’t appear to be a kill file, or a way to mark a thread to ignore. Without these features, the app feels too cumbersome for high volume groups (300+ posts a day). Agent has these features, and the commands need only a single finger.
Omea Reader isn’t quite out of the running yet though, because there is a plug-in architecture….
Dear Sony,
By the time you read this, I’ll be gone. I’m sorry for doing this, but I feel our relationship has run the course. I realize this might come as a bit of a surprise to you, but I need some freedom. I’m going to gather together all the pieces around the house with your name on them and put them into a pile. This includes:I could keep going, but I’m sure this is hurting me more than it is hurting you.
P.S. The software you bundle with your MP3 players is an atrocity.
I’m quite excited to see my article published in this issue alongside so many people I’ve read and followed for years. Just one example is Paul DiLascia, who has been writing a C++ Q&A column each month. I still have a well worn copy of his Windows++ book that I bought 10 years ago. I even remember where I bought the book, mostly because I thought the store name was so cool (README.DOC).
I think I might frame this issue so my kids can look at it someday and marvel at the primitive tools we work with.
Many of you will have friends and family over between now and the beginning of the new year. They’ll eat your food, drink your eggnog, and fall asleep on your sofas at the most inconvenient moments. More importantly, however, they will be around your electronic equipment and your home network. Don’t let love, friendship, or a blood relationship lull you into a false sense of security. The time to start planning your defense starts now.
Whenever I need some information about security, I turn to Anil John’s SecureCoder.com site. Anil is a fellow CMAP member whose obsession with security shows through at every meeting. Anil regularly makes comments like:
Why are you running as administrator?
Hey – that password is in plaintext!
You did what with the request validation setting?!?!?
Anil’s blog has some great posts on security and also about threat modeling. Threat modeling is an important step in planning an in-depth defense against holiday guests. You need to identify assets, identify threats, and build attack trees. Only after analysis is complete will you understand the true perils of having people inside your home.
Before starting your project, I suggest putting together a guest list and jotting down some notes about each individual. An example guest list is shown in figure 1.
| Charlie (Uncle) | Only wants to check stock quotes on the computer, but always mistypes a URL and ends up clicking “Yes”, “OK”, and “Accept”. |
| Fred (Nephew) | Two years ago, Fred asked for a laptop to finish his school geography assignment. Removing all the chat software afterwards required the magnet from a 15-inch subwoofer. |
| Jasmin (Neice) | Last year, she was found in the home office brute forcing SAM passwords from an NT Emergency Repair Disk with software on a jump drive. |
| Wendy (Aunt) | Regularly forces an evacuation of the premises when microwaving popcorn. |
| Figure 1: The guest list. Never underestimate your adversaries. | |
Another technique Anil talks about is using multiple layers of defense. It is important to have a fall back in case a guest circumvents the outer protective shell. For instance, not giving your guests administrator privileges will prevent many problems, but what if they stumble across the piece of paper from the locked firebox behind the hollow brick in the basement where you scribbled the administrator passphrase in lemon juice? You are screwed!
One plan would be to ask such a guest to leave the house immediately, but I realize this plan is fraught with emotional complexities. Another plan, one I like to call “Operation Blackout”, requires you to find the master circuit breaker for your property. By revoking power from targeted areas of the house, you can be sure no packets flow over the network - even while the turkey continues to cook in the kitchen!
Remember to plan ahead, and best wishes for an electronically safe and happy holiday season.
Dear Vivian:
You didn’t leave me a return address, so I hope you see this response. I said I had an answer for you, but it’s taken many days to respond, and I apologize. It has been a difficult week in the salt mines. Deployments. Conference calls. Customers destroying network settings. Sales staff destroying demo software. It's crazy around here.
Anyway, the question was: how to hide a parameter in Reporting Services?
Go to the Report menu, select Report Parameters, and highlight the parameter you need to hide. The key is to clear the Prompt text box, and make sure to supply a default value. Reporting Services will no longer prompt the user to enter a value for the parameter. The parameter value can still be dynamic if there is a VB expression or a query to specify the default value.
To override the parameter at run time with a different value (perhaps by passing the new value in the query string when using URL access), then you may get the error “parameter is readonly and may not be modified”. Make sure to install SP1 for Reporting Services to fix this.
To determine the version of Reporting Services, go to the base URL for the report server (typically http://machinename/reportserver/. At the bottom of the browser page will be the version number:
Microsoft SQL Server Reporting Services Version 8.00.743.00 <- this is old
Microsoft SQL Server Reporting Services Version 8.00.878.00 <- this is SP1
OdeToCode by K. Scott Allen
Subscribe
Twitter
Search
About
Learn C#