搜尋 ti 結果:
Visual Studio 預設發佈的模式是不包括錯誤行號的. 要開啟在這裡設定:
還有 option 要設定:
還有 option 要設定:
Bike, 2017/12/17 下午 12:57:14
想到的先列出來.
1. 幫 String 擴充屬性(javascript, .NET)
2. SQL Injection.
3. Cross Site Script Attack.
4. 避免排程未完全執行以及重覆執行.
5. 更新 Cache 與 Lock.
6. SQL Transaction.
1. 幫 String 擴充屬性(javascript, .NET)
2. SQL Injection.
3. Cross Site Script Attack.
4. 避免排程未完全執行以及重覆執行.
5. 更新 Cache 與 Lock.
6. SQL Transaction.
Bike, 2017/12/16 下午 04:56:39
先留個言, 有空來補內容.
VB
Public Module SqlStringExtention
<Extension()>
Function SQLStr(ByVal Original As String) As String
Return Original.Replace("'", "''")
End Function
<Extension()>
Function SQLTrim(ByVal Original As String) As String
Return Original.Trim.Replace("'", "''")
End Function
End Module
C#
//Extension methods must be defined in a static class
public static class StringExtension
{
/// <summary>
/// 把 ' 取代成 ''
/// </summary>
/// <param name="value"></param>
/// <returns></returns>
public static string sqlStr(this string value)
{
return value.Replace("'", "''");
}
/// <summary>
/// 假設欄位名稱中不會有 [ 或 ] 的符號
/// </summary>
/// <param name="value"></param>
/// <returns></returns>
public static string sqlField(this string value)
{
return "[" + value.Replace("[", "").Replace("]", "") + "]";
}
}
VB
Public Module SqlStringExtention
<Extension()>
Function SQLStr(ByVal Original As String) As String
Return Original.Replace("'", "''")
End Function
<Extension()>
Function SQLTrim(ByVal Original As String) As String
Return Original.Trim.Replace("'", "''")
End Function
End Module
C#
//Extension methods must be defined in a static class
public static class StringExtension
{
/// <summary>
/// 把 ' 取代成 ''
/// </summary>
/// <param name="value"></param>
/// <returns></returns>
public static string sqlStr(this string value)
{
return value.Replace("'", "''");
}
/// <summary>
/// 假設欄位名稱中不會有 [ 或 ] 的符號
/// </summary>
/// <param name="value"></param>
/// <returns></returns>
public static string sqlField(this string value)
{
return "[" + value.Replace("[", "").Replace("]", "") + "]";
}
}
Bike, 2017/9/30 下午 04:51:18
LEN: 不會計入空白結尾.
DATALENGTH: 實際的長度.
Bike, 2017/8/19 上午 09:48:06
突然發現 yahoo 不支援 SSL3.0 或 TLS 1.0 了, 要改用 TLS 1.2 才抓的到網頁資料
.Net 4.0 在抓網頁之前先加這兩行, 就可以了.
.Net 4.5 支援 Tls12, 可以用
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;.Net 4.0 在抓網頁之前先加這兩行, 就可以了.
.Net 4.5 支援 Tls12, 可以用
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;Bike, 2017/7/31 下午 09:35:43
var TotalOldQty = 0;
$(".AdjQty_" + yano + "_" + pdno + " [type='text']").each(function () {
TotalOldQty += parseInt($(this).data("oldqty"));
});
$(".AdjQty_" + yano + "_" + pdno).html($(".AdjQty_" + yano + "_" + pdno).html() + "更新中.....");
$(".AdjQty_" + yano + "_" + pdno + " span").hide();
和
$(".AdjQty_" + yano + "_" + pdno).html($(".AdjQty_" + yano + "_" + pdno).html() + "更新中.....");
$(".AdjQty_" + yano + "_" + pdno + " span").hide();
var TotalOldQty = 0;
$(".AdjQty_" + yano + "_" + pdno + " [type='text']").each(function () {
TotalOldQty += parseInt($(this).data("oldqty"));
});
出來的 TotalOldQty 會不相同..
Bike, 2017/7/4 下午 03:36:43
自從上次調整 server 2008 R2 SSL 設定之後
http://blog.uwinfo.com.tw/auth/article/darren/324
調整一堆reg設定, 好不容易最後到達 A 等級
然而最近讓一家PCI認證公司做弱點掃描,他要求我把 3DES 及 TLS1.0關掉 才肯給證書
於是我就調整以下的 reg
重開機,發生一個小災難,就是遠端登入(RDP) 進不去,查了一下,發現是 server2008 R2 的遠端登入是 TLS 1.0 連線
需要上 KB3080079 才能解決,但遠端都進不去了,要如何 patch
本來想說跑一趟機房,但太麻煩,於是上網查一下,發現其實可以用 PS command 方式做遠端 windows update
幸好網路上有一些這種UI工具可以做遠端管控 例如 batchpatch
於是下載執行遠端作 patch 之後,重開機就可以遠端登入啦,省了跑機房的功夫
題外話 batchpatch 這工具蠻不錯的
http://blog.uwinfo.com.tw/auth/article/darren/324
調整一堆reg設定, 好不容易最後到達 A 等級
然而最近讓一家PCI認證公司做弱點掃描,他要求我把 3DES 及 TLS1.0關掉 才肯給證書
於是我就調整以下的 reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168]
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\Schannel\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
重開機,發生一個小災難,就是遠端登入(RDP) 進不去,查了一下,發現是 server2008 R2 的遠端登入是 TLS 1.0 連線
需要上 KB3080079 才能解決,但遠端都進不去了,要如何 patch
本來想說跑一趟機房,但太麻煩,於是上網查一下,發現其實可以用 PS command 方式做遠端 windows update
幸好網路上有一些這種UI工具可以做遠端管控 例如 batchpatch
於是下載執行遠端作 patch 之後,重開機就可以遠端登入啦,省了跑機房的功夫
題外話 batchpatch 這工具蠻不錯的
darren, 2017/6/30 上午 10:16:00
LINE Pay款流程:
reserve Page(紅科) 發送 reserve API => 取得 payment URL => 轉址到 payment URL => LINE Pay 檢查USER狀態 => 轉回confirm page(紅科), 發送 confirm API => DOWN.
付款需要程式:
reserve API, confirm API:
send request JSON and read return JSON:
C#:
.vb
工具網站:
JSON 轉物件 http://json2csharp.com/
C# to VB : http://converter.telerik.com/
#專案: 紅科
reserve Page(紅科) 發送 reserve API => 取得 payment URL => 轉址到 payment URL => LINE Pay 檢查USER狀態 => 轉回confirm page(紅科), 發送 confirm API => DOWN.
付款需要程式:
reserve API, confirm API:
send request JSON and read return JSON:
C#:
using System.Net;
using System.IO;
public partial class TEST : System.Web.UI.Page
{
DB.OrderMain oOrderObj = null;
protected void Page_Load(object sender, EventArgs e)
{
//Setting request header
HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("__APIRootURL__");
httpWebRequest.ContentType = "application/json; charset=UTF-8";
httpWebRequest.Method = "POST";
httpWebRequest.Headers.Add("X-LINE-ChannelId", DB.SysConfig.LINEPay.ChannelId);
httpWebRequest.Headers.Add("X-LINE-ChannelSecret", DB.SysConfig.LINEPay.SecretKey);
//加入參數
using (var streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
{
string requestJSON = "{\"productName\": \"" + DB.SysConfig.SYSTEM_NAME + "\"," +
"\"productImageUrl\": \"" + DB.SysConfig.URL_Shopping + "images/Logo.jpg\"," +
"\"amount\": " + oOrderObj.TotalAmount() + "," +
"\"currency\": \"TWD\"," +
"\"orderId\": \"" + oOrderObj.DisplayOrderId + "\"," +
"\"confirmUrl\": \"" + DB.SysConfig.URL_Shopping + "Handler/LinePay/GotoComfirm.aspx?Id=" + oOrderObj.Id + "\"," +
"\"cancelUrl\": \"" + DB.SysConfig.URL_Shopping + "Shopping/OrderComplete.aspx?Id=" + oOrderObj.Id + "\"," +
"\"capture\": \"true\"," +
"\"confirmUrlType\": \"CLIENT\"}";
streamWriter.Write(requestJSON);
streamWriter.Flush();
streamWriter.Close();
}
//取得回覆資訊
var httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
//解讀回覆資訊
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
var responseJSON = streamReader.ReadToEnd();
//將 JSON 轉為物件
GN.LinePay.reserveRes.ReturnJSON oReturnObj = (GN.LinePay.reserveRes.ReturnJSON)Newtonsoft.Json.JsonConvert.DeserializeObject(responseJSON, typeof(GN.LinePay.reserveRes.ReturnJSON));
if (oReturnObj.returnCode == "0000")
{
//成功
}
else
{
//失敗
string ErrMsg = "Error Code: " + oReturnObj.returnCode + "\r\n" + oReturnObj.returnMessage;
}
}
}
}
.vb
Imports System.Net
Imports System.IO
Partial Class TEST
Inherits System.Web.UI.Page
Dim oOrderObj As DB.OrderMain
Private Sub Admin_TEST_Load(sender As Object, e As EventArgs) Handles Me.Load
'Setting request header
Dim httpWebRequest As HttpWebRequest = WebRequest.Create("__APIRootURL__")
httpWebRequest.ContentType = "application/json; charset=UTF-8"
httpWebRequest.Method = "POST"
httpWebRequest.Headers.Add("X-LINE-ChannelId", DB.SysConfig.LINEPay.ChannelId)
httpWebRequest.Headers.Add("X-LINE-ChannelSecret", DB.SysConfig.LINEPay.SecretKey)
'加入參數
Using streamWriter As New StreamWriter(httpWebRequest.GetRequestStream())
Dim requestJSON As String = "{""productName"": """ + DB.SysConfig.SYSTEM_NAME + """," +
"""productImageUrl"": """ + DB.SysConfig.URL_Shopping + "images/Logo.jpg""," +
"""amount"": " + oOrderObj.TotalAmount() + "," +
"""currency"": ""TWD""," +
"""orderId"": """ + oOrderObj.DisplayOrderId + """," +
"""confirmUrl"": """ + DB.SysConfig.URL_Shopping + "Handler/LinePay/GotoComfirm.aspx?Id=" + oOrderObj.Id + """," +
"""cancelUrl"": """ + DB.SysConfig.URL_Shopping + "Shopping/OrderComplete.aspx?Id=" + oOrderObj.Id + """," +
"""capture"": ""true""," +
"""confirmUrlType"": ""CLIENT""}"
streamWriter.Write(requestJSON)
streamWriter.Flush()
streamWriter.Close()
End Using
'取得回覆資訊
Dim httpResponse As HttpWebResponse = httpWebRequest.GetResponse
'解讀回覆資訊
Using streamReader As New StreamReader(httpResponse.GetResponseStream())
Dim responseJSON As String = streamReader.ReadToEnd()
'將 JSON 轉為物件
Dim oReturnObj As GN.LinePay.reserveRes.ReturnJSON = Newtonsoft.Json.JsonConvert.DeserializeObject(responseJSON, GetType(GN.LinePay.reserveRes.ReturnJSON))
Dim ResMsg As String = ""
If oReturnObj.returnCode = "0000" Then
'成功
Else
'失敗
End If
End Using
End Sub
End Class
工具網站:
JSON 轉物件 http://json2csharp.com/
C# to VB : http://converter.telerik.com/
#專案: 紅科
Reiko, 2017/6/21 下午 07:22:58
使用 SQL Server 管理介面設定欄位權限時要很小心陷井. 如下圖,
1. Col2 和 Id 欄位沒有被授予也沒有被拒絕.
2. 若是設定 Col2 欄位為授予, Id 欄位沒有做任何的修改.
3. 存檔後, Id 欄位會被拒絶存取.
以上的情況是用以下 SQL 生成:
GRANT SELECT ON OBJECT::S3..test TO webuser;
Deny SELECT ON OBJECT::S3..test(Col1) TO webuser;
1. Col2 和 Id 欄位沒有被授予也沒有被拒絕.
2. 若是設定 Col2 欄位為授予, Id 欄位沒有做任何的修改.
3. 存檔後, Id 欄位會被拒絶存取.
以上的情況是用以下 SQL 生成:
GRANT SELECT ON OBJECT::S3..test TO webuser;
Deny SELECT ON OBJECT::S3..test(Col1) TO webuser;
Bike, 2017/6/20 下午 08:49:07