Pro9ramming https://pro9ramming.com Software craftsman's blog Wed, 15 Apr 2020 17:51:04 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.2 Python Windows API calls https://pro9ramming.com/python-windows-api-calls/ Sun, 10 Sep 2017 14:59:00 +0000 http://pro9ramming.com/blog/?p=491 Continue reading Python Windows API calls]]> This link will allow you to install python that has win32api
http://sourceforge.net/projects/pywin32/files/

This is a example that gets the computer name.

import win32api
[code]
print(win32api.GetComputerName());
win32api.MessageBox(0,'hello world','api example');

if you do dir(win32api) you can see a list of api calls you can do. Here is my output.
>>> for x in dir(win32api):
… print(x);

AbortSystemShutdown
Apply
Beep
BeginUpdateResource
ChangeDisplaySettings
ChangeDisplaySettingsEx
ClipCursor
CloseHandle
CopyFile
DebugBreak
DeleteFile
DragFinish
DragQueryFile
DuplicateHandle
EndUpdateResource
EnumDisplayDevices
EnumDisplayMonitors
EnumDisplaySettings
EnumDisplaySettingsEx
EnumResourceLanguages
EnumResourceNames
EnumResourceTypes
ExitWindows
ExitWindowsEx
ExpandEnvironmentStrings
FindCloseChangeNotification
FindExecutable
FindFiles
FindFirstChangeNotification
FindNextChangeNotification
FormatMessage
FormatMessageW
FreeLibrary
GenerateConsoleCtrlEvent
GetAsyncKeyState
GetCommandLine
GetComputerName
GetComputerNameEx
GetComputerObjectName
GetConsoleTitle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetCursorPos
GetDateFormat
GetDiskFreeSpace
GetDiskFreeSpaceEx
GetDllDirectory
GetDomainName
GetEnvironmentVariable
GetFileAttributes
GetFileVersionInfo
GetFocus
GetFullPathName
GetHandleInformation
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardState
GetLastError
GetLastInputInfo
GetLocalTime
GetLogicalDriveStrings
GetLogicalDrives
GetLongPathName
GetLongPathNameW
GetModuleFileName
GetModuleFileNameW
GetModuleHandle
GetMonitorInfo
GetNativeSystemInfo
GetProcAddress
GetProfileSection
GetProfileVal
GetPwrCapabilities
GetShortPathName
GetStdHandle
GetSysColor
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDirectory
GetSystemFileCacheSize
GetSystemInfo
GetSystemMetrics
GetSystemTime
GetTempFileName
GetTempPath
GetThreadLocale
GetTickCount
GetTimeFormat
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserName
GetUserNameEx
GetVersion
GetVersionEx
GetVolumeInformation
GetWindowLong
GetWindowsDirectory
GlobalMemoryStatus
GlobalMemoryStatusEx
HIBYTE
HIWORD
InitiateSystemShutdown
LOBYTE
LOWORD
LoadCursor
LoadKeyboardLayout
LoadLibrary
LoadLibraryEx
LoadResource
LoadString
MAKELANGID
MAKELONG
MAKEWORD
MessageBeep
MessageBox
MessageBoxEx
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MoveFile
MoveFileEx
NameCanonical
NameCanonicalEx
NameDisplay
NameFullyQualifiedDN
NameSamCompatible
NameServicePrincipal
NameUniqueId
NameUnknown
NameUserPrincipal
OpenProcess
OutputDebugString
PostMessage
PostQuitMessage
PostThreadMessage
PyDISPLAY_DEVICEType
REG_NOTIFY_CHANGE_ATTRIBUTES
REG_NOTIFY_CHANGE_LAST_SET
REG_NOTIFY_CHANGE_NAME
REG_NOTIFY_CHANGE_SECURITY
RGB
RegCloseKey
RegConnectRegistry
RegCopyTree
RegCreateKey
RegCreateKeyEx
RegDeleteKey
RegDeleteKeyEx
RegDeleteTree
RegDeleteValue
RegEnumKey
RegEnumKeyEx
RegEnumKeyExW
RegEnumValue
RegFlushKey
RegGetKeySecurity
RegLoadKey
RegNotifyChangeKeyValue
RegOpenCurrentUser
RegOpenKey
RegOpenKeyEx
RegOpenKeyTransacted
RegOverridePredefKey
RegQueryInfoKey
RegQueryInfoKeyW
RegQueryValue
RegQueryValueEx
RegRestoreKey
RegSaveKey
RegSaveKeyEx
RegSetKeySecurity
RegSetValue
RegSetValueEx
RegUnLoadKey
RegisterWindowMessage
STD_ERROR_HANDLE
STD_INPUT_HANDLE
STD_OUTPUT_HANDLE
SearchPath
SendMessage
SetClassLong
SetClassWord
SetConsoleCtrlHandler
SetConsoleTitle
SetCursor
SetCursorPos
SetDllDirectory
SetEnvironmentVariable
SetErrorMode
SetFileAttributes
SetHandleInformation
SetLastError
SetLocalTime
SetStdHandle
SetSysColors
SetSystemFileCacheSize
SetSystemPowerState
SetSystemTime
SetThreadLocale
SetTimeZoneInformation
SetWindowLong
ShellExecute
ShowCursor
Sleep
SleepEx
TerminateProcess
Unicode
UpdateResource
VFT_APP
VFT_DLL
VFT_DRV
VFT_FONT
VFT_STATIC_LIB
VFT_UNKNOWN
VFT_VXD
VOS_DOS
VOS_DOS_WINDOWS16
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_OS216
VOS_OS216_PM16
VOS_OS232
VOS_OS232_PM32
VOS_UNKNOWN
VOS__PM16
VOS__PM32
VOS__WINDOWS16
VOS__WINDOWS32
VS_FF_DEBUG
VS_FF_INFOINFERRED
VS_FF_PATCHED
VS_FF_PRERELEASE
VS_FF_PRIVATEBUILD
VS_FF_SPECIALBUILD
VkKeyScan
VkKeyScanEx
WinExec
WinHelp
WriteProfileSection
WriteProfileVal
__doc__
__file__
__name__
__package__
error
keybd_event
mouse_event
>>>


If you don’t want to type win32 for the api calls you can do this.

from win32api *;
MessageBox(0,"Example of win32 api messagebox","Example");

There are other modules for win32 api When you install it there there is a huge help file. there are units for mmsystem, win32gui, etc…


All the windows api are a lot easier in python. You don’t have to worry about pointers etc… For example the GetSystemInfo api is very easy to use.

win32api.GetSystemInfo
tuple = GetSystemInfo()

Retrieves information about the current system.

Win32 API References

Search for GetSystemInfo at msdn, google or google groups.

Return Value
The return value is a tuple of 9 values, which corresponds to the Win32 SYSTEM_INFO structure. The element names are:
wProcessorArchitecture
dwPageSize
lpMinimumApplicationAddress
lpMaximumApplicationAddress
dwActiveProcessorMask
dwNumberOfProcessors
dwProcessorType
dwAllocationGranularity
(wProcessorLevel,wProcessorRevision)

from win32api import GetSystemInfo;
info = GetSystemInfo();
nProcessors = info[5];
print('Number of processors: ' + str(nProcessor));
]]>
Python Powerball number generator https://pro9ramming.com/python-powerball-number-generator/ Wed, 16 Aug 2017 14:51:40 +0000 http://pro9ramming.com/blog/?p=489 Continue reading Python Powerball number generator]]> http://openbookproject.net/pybiblio/practice/wilson/powerball.php

Description
To win the Powerball lottery (an extremely unlikely event so don’t waste your time) you have to pick six numbers correctly. The first five numbers are drawn from a drum containing 53 balls and the sixth is drawn from a drum containing 42 balls. The chances of doing this are 1 in 120,526,770. Write a program to generate a set of Powerball numbers by utilizing the choice function in Python’s random module.

Input
Ask the user how many sets of Powerball numbers he or she would like.

Output
The program will print each set of Powerball numbers in numeric order.

Sample session
Official (but fruitless) Powerball number generator

How many sets of numbers? 3

Your numbers: 3 12 14 26 47 Powerball: 2
Your numbers: 1 4 31 34 51 Powerball: 17
Your numbers: 10 12 49 50 53 Powerball: 35

from random import randint
def BubbleSort(l):
    e=0
    for i in range(len(l)-1):
        for j in range(len(l)-1):
            if l[j]>l[j+1]:
                e=l[j+1]
                l[j+1]=l[j]
                l[j]=e
    return l
def MyPrint(L,pb):
        BubbleSort(L)
        print "Your numbers: %d %d %d %d %d Powerball: %d"%(L[0],L[1],L[2],L[3],L[4],pb)

print "Official (but fruitless) Powerball number generator"
No=int(raw_input("How many sets of numbers? "))
for i in range(No):
    numbers=[]
    powerball=randint(1,42)
    i=0
    while (i!=5):
        numbers.append(randint(1,53))
        i+=1
    for i in range(len(numbers)-1):
        for j in range(len(numbers)-1):
            if i==j:
                j+=1
            if numbers[i]==numbers[j] or powerball==numbers[j]:
                numbers[j]=randint(1,53)
                j-=1
    MyPrint(numbers,powerball)

Few notes:
After you choose how many sets of numbers you want, the first ‘while’ loop gives some random numbers to our powerball list. After that, the 2 ‘for’ loops check if we have double numbers in our list. Because after we draw one ball, that one cannot be chosen again and it is out of the game.

Then the process repeats for the rest of the sets.

]]>
Generate Machine Key JSON Token https://pro9ramming.com/generate-machine-key-json-token/ Tue, 16 May 2017 12:03:46 +0000 http://pro9ramming.com/blog/?p=480 When creating a password reset functionality, cryptographic token generation is often required. Idea is to serialize an object to JSON (using Newtonsoft.Json) and protect it using MachineKey. To be able to safely transfer the token over URL (GET request), HEX string can be used.

public class MachineKeyToken
    {
        public static string GetToken(object tokenData, string purpose)
        {
            var json = JsonConvert.SerializeObject(tokenData);
            var plainBytes = Encoding.UTF8.GetBytes(json);
            var protectedBytes = MachineKey.Protect(plainBytes, purpose);
            return BytesToHexString(protectedBytes);
        }

        public static T GetFromToken<T>(string token, string purpose)
        {
            var stringBytes = HexStringToBytes(token);
            var unprotectedBytes = MachineKey.Unprotect(stringBytes, purpose);
            var plainBytes = Encoding.UTF8.GetString(unprotectedBytes);
            return JsonConvert.DeserializeObject<T>(plainBytes);
        }

        private static string BytesToHexString(byte[] bytes)
        {
            return BitConverter.ToString(bytes).Replace("-", "");
        }

        private static byte[] HexStringToBytes(string hexString)
        {
            if (string.IsNullOrEmpty(hexString))
                throw new InvalidOperationException("String is either null or empty.");

            if (hexString.Length % 2 != 0)
                throw new InvalidOperationException("Hex string length must be even.");

            return Enumerable.Range(0, hexString.Length)
                         .Where(x => x % 2 == 0)
                         .Select(x => Convert.ToByte(hexString.Substring(x, 2), 16))
                         .ToArray();
        }

    }

 

]]>
Send E-mail using ASP.NET https://pro9ramming.com/send-email-using-asp-net/ Wed, 19 Apr 2017 13:38:33 +0000 http://pro9ramming.com/blog/?p=470 Continue reading Send E-mail using ASP.NET]]> E-mail can be sent using System.Net.Mail namespace classes (not deprecated System.Web.Mail). First place the following configuration in Web.config:

<system.net>
    <mailSettings>
      <smtp from="from email">
        <network host="smtp.googlemail.com" 
                 port="587" 
                 userName="username" 
                 password="pass" 
                 defaultCredentials="false" 
                 enableSsl="true" />
      </smtp>
    </mailSettings>
  </system.net>

For testing purposes Google Mail server can be used. Google Mail requres SSL, so enableSsl=”true” has to be placed in the config. In order to send mail, SmtpClient and MailMessage classes are used:

using (SmtpClient client = new SmtpClient())
{
      MailMessage msg = new MailMessage();
      msg.To.Add("to email");
      msg.Subject = "Subject";
      msg.Body = "Body";
      msg.IsBodyHtml = true;
      client.Send(msg);
}

Configuration from Web.config is going to be automatically recognized. From address can be overriden using msg.From property. If body contains HTML, msg.IsBodyHtml property can be used.

]]>
WinForms DataGridView BindingList example https://pro9ramming.com/winforms-datagridview-bindinglist-example/ Tue, 18 Apr 2017 12:09:58 +0000 http://pro9ramming.com/blog/?p=468 Continue reading WinForms DataGridView BindingList example]]> Binding of component to model is a usual requirement for both desktop and web applications nowadays. This tutorial shows how to bind a list of persons to DataGridView using Windows Forms (and of course C#).

First of all, create a model class:

public class Person : INotifyPropertyChanged
    {
       [Browsable(false)]
        public int Id { get; set; }

        [DisplayName("First name")]
        public string FirstName { get; set; }

        [DisplayName("Last name")]
        public string LastName { get; set; }

        private int _age;
        public int Age
        {
            get {
                return _age;
            }
            set {
                _age = value;
                OnPropertyChanged(nameof(Age));
            }
        }

        public event PropertyChangedEventHandler PropertyChanged;

        protected void OnPropertyChanged(string propertyName)
        {
            if (PropertyChanged != null)
                PropertyChanged(this, new PropertyChangedEventArgs(propertyName));
        }
    }

INotifyPropertyChanged interface is used to notify a client that certain value has changed. [Browsable(false)] attribute is used to mark a property not visible in DataGridView. In order to change the column header, use [DisplayName] attribute.

After creating a model, let’s add some data to it (place the following code inside of Form):

private BindingList<Person> persons = new BindingList<Person>
            {
                new Person {
                    Id = 1,
                    FirstName = "John",
                    LastName = "Smith",
                    Age = 25
                },
                new Person {
                    Id = 2,
                    FirstName = "Nick",
                    LastName = "Adams",
                    Age = 64
                }
            };

After that add a DataGridView on a form. On Form_Load() execute the following lines:

dataGridView1.DataSource = new BindingSource
            {
                DataSource = persons
            };
            dataGridView1.AutoSizeColumnsMode = DataGridViewAutoSizeColumnsMode.DisplayedCells;

That binds the data with the component and uses auto sizing of columns.

Functionality can be tested, for example by using button_Click() and changing the Age property:

persons[0].Age = 27;

Data should change in the grid automatically.

]]>
ASP.NET MVC file upload to Azure Blob storage https://pro9ramming.com/asp-net-mvc-file-upload-to-azure-blob-storage/ Thu, 13 Apr 2017 12:41:09 +0000 http://pro9ramming.com/blog/?p=465 Continue reading ASP.NET MVC file upload to Azure Blob storage]]> Azure has it’s own blob storage functionality called Azure Blob storage. It’s a classic object storage cloud service like Amazon S3 and OpenStack Swift. Also, Riak works in similar fashion. Logic behind is pretty simple, account can have multiple containers which can have multiple files (objects or blobs). It can handle huge amounts of unstructured data.

First create a new ASP.NET MVC project and create a FileController. After that create a method which returns specific container.

private CloudBlobContainer GetContainer()
        {
            var storageAccount = CloudStorageAccount.Parse(ConfigurationManager.AppSettings["StorageAccount"]);
            var blobClient = storageAccount.CreateCloudBlobClient();
            var container = blobClient.GetContainerReference(ConfigurationManager.AppSettings["StorageContainer"]);
            return container;
        }

Account and container data can be saved in <appSettings> in Web.config:

<appSettings>
    <add key="StorageAccount" value="ACCOUNT CONNECTION STRING"/>
    <add key="StorageContainer" value="CONTAINER NAME" />
</appSettings>

Razor syntax for file upload looks like this:

@using (Html.BeginForm("UploadFile", "File", FormMethod.Post, new { enctype = "multipart/form-data" }))
{
    <input type="file" name="file" />
    <br />
    <input type="submit" value="Upload" />
}

Action method UploadFile() contains some validation logic. GetBlockBlobReference() creates a new blob with specified fileName:

[HttpPost]
        public ActionResult UploadFile()
        {
            if (Request.Files.Count > 0)
            {
                var file = Request.Files[0];
                if (file != null && file.ContentLength > 0)
                    SaveToStorage(file.InputStream, file.FileName);
            }
            return View();
        }

        public void SaveToStorage(Stream inputStream, string fileName)
        {
            var container = GetContainer();
            var blob = container.GetBlockBlobReference(fileName);

            using (inputStream)
                blob.UploadFromStream(inputStream);
        }

Blob can be downloaded by using MemoryStream:

[HttpGet]
        public ActionResult DownloadFile(string fileName)
        {
            try
            {
                var container = GetContainer();
                var blob = container.GetBlockBlobReference(fileName);

                var memStream = new MemoryStream();
                blob.DownloadToStream(memStream);

                Response.ContentType = blob.Properties.ContentType;
                Response.AddHeader("Content-Disposition", "Attachment;filename=" + fileName);
                Response.AddHeader("Content-Length", blob.Properties.Length.ToString());
                Response.BinaryWrite(memStream.ToArray());

                return new HttpStatusCodeResult(200);
            }
            catch (Exception ex)
            {
                return Content(ex.ToString());
            }
        }

 

]]>
Mapping of ResultSet to objects https://pro9ramming.com/mapping-of-resultset-to-objects/ Wed, 12 Apr 2017 13:49:36 +0000 http://pro9ramming.com/blog/?p=461 Continue reading Mapping of ResultSet to objects]]> This tutorial shows how to create a simple mapping of ResultSet data to object, of course by using  Java programming language. This is basically a simple ORM (Object Relational Mapper) which can be customized for different needs. ORM represents a pattern for accessing database  records using object-oriented language. There are different implementations of ORM libraries  (like Hibernate). Using a library, or implementing you own ORM depends on your needs. At least, in this tutorial you can get an insight of how ORM libraries are implemented.

For purposes of this tutorial, JDBC is going to be used. JDBC is the API that enables the client to talk to the database (usually relational). After creating a connection you can execute queries using Statements. PreparedStatement represents a type of Statement which accepts parameters. ResultSet is a class that is used to get the data from query that is executed using a Statement.

Reading class properties, annotations, invoking methods and much more is done using reflection. Everyone knows that metadata is data about data. But what is metalanguage ? It’s easy: Metalanguage is a language that describes another language. Reflection is the ability of language to be it’s own metalanguage. As you might suppose, it’s an abstract way of thinking. Class has properties which can have annotations. Annotations are generally used to give some more info about property, method, class etc.  They can be viewed as metadata.

ResultSet class doesn’t contain only data, it contains also contains metadata. As you can see in the picture, headers of columns (or column names) are basically metadata (that includes column types).

For example, next code reads column names types from ResultSet metadata:

PreparedStatement ps = conn.prepareStatement("select * from car");
            ResultSet rs = ps.executeQuery();
            for (int i = 1; i <= rs.getMetaData().getColumnCount(); i++) {
                String columnName = rs.getMetaData().getColumnName(i);
                String columnType = rs.getMetaData().getColumnTypeName(i);
                System.out.println(columnName+" - "+columnType);
            }

Annotations can be accessed at compile time and at runtime [1]. For example, annotation that should be inspected at runtime should have next annotation:

@Retention(RetentionPolicy.RUNTIME)

Type of annotation is defined by using java.lang.annotation.ElementType enum which has fields: CONSTRUCTOR, FIELD, METHOD, TYPE. ElementType is parameter in @Target annotations. Annotation can be inspected on class, field or method by calling isAnnotationPresent() method.  For purposes of this tutorial, Column annotation is going to be created. It’s going to have name parameter, and should be accesible at runtime.

@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.FIELD)
@interface Column {
    String name() default "";
}

Java has a class which name is Class. For purposes of this tutorial, Class<? extends Object> parameter is going to be used. It defines a class that extends Object (root class).  Fields of a class are accessed by using getFields() method, but it won’t read private fields, so getDeclaredFields() is used instead. That would retur an array of fields (Field[]). Private field has to be set as accessible by using method setAccessible(true)[2]. By using this techniques, reading class fields (including types) is easy:

public static void printFields(Class<? extends Object> cls){
        for(Field field : cls.getDeclaredFields()){
            field.setAccessible(true);
            System.out.println(field.getName()+" - "+field.getType().getName());
        }
    }

So, we have a result set which returns metadata (column headers) and we have a class which has fields with names (and annotations). Those are 2 different kinds of metadata. We are going to map them together. First of all, field name is also a metadata, so if it’s the same as the corresponding column header, mapping could be achieved without reading the annotation. But fields are usually named by using camelCase, and column headers by using Snake case (or underscore) [3]. So if Column annotation is not present, field’s name should be translated to Snake case:

public class StringUtil {
    public static String getSnakeCase(String str) {
        if (str == null) {
            return null;
        }
        if (str.equals("")) {
            return "";
        }
        StringBuilder sb = new StringBuilder();
        int lastIndex = 0;
        //starts from 1 to cover Pascal case too
        for (int i = 1; i <= str.length(); i++) {
            if (i == str.length() || Character.isUpperCase(str.charAt(i))) {
                sb.append(str.substring(lastIndex, i).toLowerCase());
                lastIndex = i;
                if (i < str.length()) 
                    sb.append("_");
            }
        }
        return sb.toString();
    }
}

If Column annotation is present on the field, it’s name parameter is going to be used when mapping. For purposes of this tutorial, Mapper class is created. It has 2 methods: getFieldMap() and map(). getFieldMap() is used internally by map() method. It basically creates a map of fields and corresponding names. Map method returns list of mapped objects from ResultSet records. It goes through records and maps columns to fields. If field is not found, it jumps over it. So only intersection of field names and column headers is mapped.

public class Mapper{
public static Map<String, Field> getFieldMap(Class<? extends Object> cls){
        Map<String, Field> map = new HashMap<>();
        for (Field field : cls.getDeclaredFields()) {
            field.setAccessible(true);
            String name = StringUtil.getSnakeCase(field.getName());
            if (field.isAnnotationPresent(Column.class)) {
                Column c = field.getAnnotation(Column.class);
                name = c.name();
            }
            map.put(name.toLowerCase(), field);
        }
        return map;
    }
    
    public static List<Object> map(Class<? extends Object> cls, ResultSet rs){
        List<Object> list = new ArrayList<>();
        Map<String, Field> fieldMap = Mapper.getFieldMap(cls);
        try{
            while(rs.next()){
                Object obj = cls.newInstance();
                for (int i = 1; i <= rs.getMetaData().getColumnCount(); i++) {
                    String columnName = rs.getMetaData().getColumnName(i).toLowerCase();
                    Field field = fieldMap.get(columnName);
                    if(field != null)
                        field.set(obj, rs.getObject(i));
                }
                list.add(obj);
            }
        }catch(Exception e){
            e.printStackTrace();
        }
        return list;
}
}

Two facts should be emphasized: SQL type and corresponding field type must be compatible, and class should have a default constructor. Because map() method returns list of objects, while iterating through that list, each object should be type-cast-ed to appropriate class. Example:

List<Object> list = Mapper.map(Person.class, resultSet);
            for (Object obj : list){
                Person person = (Person)obj;
                System.out.println(person.toString());
            }

Class used for mapping is Person which has 4 fields: id, firstName, lastName, birthDate. As you can see only birthDate has Column annotation which defines DOB (Date Of Birth) name for query metadata. So ResultSet metadata has next column headers: id, first_name, last_name, dob. FirstName and LastName are converted to Snake case. Person class also has default constructor, getters and setters, and toString() method.

public class Person {
    private Integer id;
    private String firstName;
    private String lastName;
    @Column(name="dob")
    private Date birthDate;

    public Person() {}
    
    public Integer getId() {
        return id;
    }

    public void setId(Integer id) {
        this.id = id;
    }

    public String getFirstName() {
        return firstName;
    }

    public void setFirstName(String firstName) {
        this.firstName = firstName;
    }

    public String getLastName() {
        return lastName;
    }

    public void setLastName(String lastName) {
        this.lastName = lastName;
    }

    public Date getBirthDate() {
        return birthDate;
    }

    public void setBirthDate(Date birthDate) {
        this.birthDate = birthDate;
    }
    
    @Override
    public String toString() {
        return "Person{" + "id=" + getId() + ", firstName=" + getFirstName() + ", lastName=" + getLastName() + ", birthDate=" + getBirthDate() + '}';
    }
}

Techniques represented in this tutorial only work for “select” queries (reading data). Other operations like “insert”, “update” and “delete” can also be created in a similar manner, so you can create a generic CRUD using JDBC. That would be a different way to implement a DAO pattern if some of your data mapping logic is redundant.

References:

[1] Jenkov annotations

[2] Accessing private fields

[3] Snake case

]]>
JSF 2.2 Image upload and serve over Image Servlet https://pro9ramming.com/jsf-2-2-image-upload-and-serve-over-image-servlet/ Wed, 12 Apr 2017 13:35:39 +0000 http://pro9ramming.com/blog/?p=459 Continue reading JSF 2.2 Image upload and serve over Image Servlet]]> Purpose of this tutorial is to make image upload (with validation) in JSF 2.2 and serve uploaded images over Image Servlet. JSF 2.2 has support for file upload, and you don’t need third party libraries anymore. We will upload images on to absolute path and serve them over stream inside registered image servlet. This way of serving image files is perfect if you are using Eclipse with some servlet container (like Tomcat) on Windows OS, and you want to place your images on absolute path in your file system.

First create new “Dynamic Web Project” in Eclipse. First we are going to add some utility classes. StreamUtil class has one static method WriteToOutputStream() which writes data from input to output stream using a buffer with a certain size:

package com.pro9ramming;

import java.io.*;

public class StreamUtil {
	public static final int BUFFER_SIZE = 10240;

	public static void WriteToOutputStream(InputStream input, OutputStream output) throws IOException {
		byte[] buffer = new byte[BUFFER_SIZE];
		int numOfBytes = 0;
		while ((numOfBytes = input.read(buffer)) > 0)
			output.write(buffer, 0, numOfBytes);
	}
}

While there are bytes that need to be copied, this it takes them into the buffer and outputs them to OutputStream. This code is going to be used twice, later in the tutorial (for saving and serving images).

Next class is FileUtil which has 4 static methods:

  • Boolean uploadedFileIsImage(String imageLocation) checks if uploaded file is image by using MIME types. It creates MimetypesFileTypeMap and adds MIME types which need to be checked to that object (all images: png tif jpg jpeg bmp). All image MIME types start with image (for example: image/jpeg, image/bmp etc.).
  • void deleteFile(String fileLocation) deletes file if it exists.
  • List<String> getImagesFromLocation(String location) gets list of file names from absolute path (location) where images are stored. It doesn’t check if those files are images, so that folder needs to be clean (only images).
  • String getImageName(Part image) gets image name from Part interface. First it gets “content-disposition” header and it splits it to get key/value elements (example of header: form-data;name=”form:file”;filename=”some_image.jpg”). Then it looks for “filename” key and it returns it’s value prepended with UUID. UUID (Universally unique identifier) is a random 128 bit number written in certain format. It is used as a prepend because there could be images with the same name in folder where we keep images in.

package com.pro9ramming;

import java.io.File;
import java.util.*;
import javax.activation.MimetypesFileTypeMap;
import javax.servlet.http.Part;

public class FileUtil {
	public static Boolean uploadedFileIsImage(String imageLocation) {
        File f = new File(imageLocation);
        MimetypesFileTypeMap mtftp = new MimetypesFileTypeMap();
        mtftp.addMimeTypes("image png tif jpg jpeg bmp");
        String mimetype = mtftp.getContentType(f);
        String type = mimetype.split("/")[0];
        return type.equals("image");
    }
	
	public static void deleteFile(String fileLocation){
		File f = new File(fileLocation);
		if(f.exists())
			f.delete();
	}
	
	public static List<String> getImagesFromLocation(String location) {
		File f = new File(location);
		ArrayList<String> images = new ArrayList<String>(Arrays.asList(f.list()));
		return images;
	}
	
	public static String getImageName(Part image) {
		String[] arr = image.getHeader("content-disposition").split(";");
		for (String content : arr) {
			if (content.trim().startsWith("filename"))
				return UUID.randomUUID().toString() + "_" + content.substring(content.indexOf('=') + 1).trim()
								.replace("\"", "");
		}
		return null;
	}
}

Then create a managed bean that is going to be used for image uploading (let’s call it MainBean). Register it using @ManagedBean@SessionScoped annotations. MainBean has Part interface property (with getter and setter methods). MainBean has 3 methods (except getters and setters) :

  • void outputError(String messageStr) which gets FacesContext and creates FacesMessage which is outputted to “image-upload-form:image” location in .xhtml file.
  • List<String> getImages() gets images by using getImagesFromLocation() method from FileUtil class.
  • String upload() is an action method which is called by commandButton when user uploads it’s image. It gets image name (FileUtil.getImageName() method), creates streams (input and output) and writes image to absolute path. Then it validates if uploaded file is image (FileUtil.uploadedFileIsImage() method), and deletes the image if it is not, with message using FacesMessage from outputError() method. InputStream is stream from Part interface, and OutputStream is simple FileOutputStream. Input is written to output by using StreamUtil.WriteToOutputStream(input, output) static method.

package com.pro9ramming;

import java.io.*;
import java.util.*;
import javax.faces.application.FacesMessage;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import javax.faces.context.FacesContext;
import javax.servlet.http.Part;

@ManagedBean
@SessionScoped
public class MainBean {
	public static final String PATH = "C:/images/";
	private Part image;

	public Part getImage() {
		return image;
	}

	public void setImage(Part image) {
		this.image = image;
	}

	public String upload() {
		try {

			String imageName = FileUtil.getImageName(image);
			if (imageName == null)
				outputError("Image name not available.");
			String imageLocation = PATH + imageName;
			InputStream input = image.getInputStream();
			FileOutputStream output = new FileOutputStream(imageLocation);
			StreamUtil.WriteToOutputStream(input, output);
			input.close();
			output.close();
			if (!FileUtil.uploadedFileIsImage(imageLocation)) {
				outputError("Uploaded file is not an image.");
				FileUtil.deleteFile(imageLocation);
				return null;
			}
		} catch (Exception e) {
			e.printStackTrace();
			outputError("Error while uploading.");
			return null;
		}
		return "gallery";
	}

	private void outputError(String messageStr) {
		FacesContext context = FacesContext.getCurrentInstance();
		FacesMessage msg = new FacesMessage(messageStr);
		context.addMessage("image-upload-form:image", msg);
	}

	public List<String> getImages() {
		return FileUtil.getImagesFromLocation(PATH);
	}

}

That is background logic for uploading. There are 2 views (.xhtml files), let’s say index.xhtml (used for uploading) and gallery.xhtml (used for showing all uploaded images). Index.xhtml contains form with enctype=”multipart/form-data” attribute. Form contains:

  • h:inputFile with attribute value=”#{mainBean.image}”, which is part of JSF 2.2 standard.
  • h:message for showing FacesMessage messages associated with uploading process.
  • h:commandButton which calls upload() action method, when image file is selected.

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:ui="http://java.sun.com/jsf/facelets"
	xmlns:h="http://java.sun.com/jsf/html"
	xmlns:f="http://java.sun.com/jsf/core">
<h:head>
<title>Image upload</title>
</h:head>
<h:body>
<h:form id="image-upload-form" enctype="multipart/form-data">
  <h:inputFile id="image" value="#{mainBean.image}"/><br />
  <h:message for="image" style="color:red"/><br />
  <h:commandButton value="Upload" action="#{mainBean.upload}"/>
</h:form>
</h:body>
</html>

Gallery.xhtml shows all images from folder where we keep them. It contains ui:repeat which shows all images by calling getImages() method. It also encapsultes h:graphicImage inside h:outputLink tags, so you can view actual size image, and not limited 300×200 size.

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:ui="http://java.sun.com/jsf/facelets"
	xmlns:h="http://java.sun.com/jsf/html"
	xmlns:f="http://java.sun.com/jsf/core">
<h:head>
<title>Gallery</title>
</h:head>
<h:body>
<h2><h:outputText value="Gallery"/></h2>
<h:graphicImage value="/image/a1AXpew_460sa.gif" /><br />


<ui:repeat var="str" value="#{mainBean.images}">
<h:outputLink value="/JSFImageUpload/image/#{str}">
<h:graphicImage value="/image/#{str}" alt="Image not found" width="300" height="200"/><br /><br />
</h:outputLink>
</ui:repeat>

</h:body>
</html>

 

The final thing is creation of ImageServlet[4]. It uses doGet() method to retrieve requested image. It checks if image exists and it serves it by using FileInputStream and OutputStream from response object. Again writing from input to output stream is being done by using StreamUtil.WriteToOutputStream() method. Before serving, servlet sets “Content-Length” and “Content-Disposition” HTTP headers.

package com.pro9ramming;

import java.io.*;
import java.net.URLDecoder;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class ImageServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;

	protected void doGet(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		BufferedInputStream input = null;
		BufferedOutputStream output = null;
		try {
			String requestedImage = request.getPathInfo();

			if (requestedImage == null) {
				response.sendError(HttpServletResponse.SC_NOT_FOUND);
				return;
			}

			File image = new File(MainBean.PATH, URLDecoder.decode(
					requestedImage, "UTF-8"));

			if (!image.exists()) {
				response.sendError(HttpServletResponse.SC_NOT_FOUND);
				return;
			}

			String contentType = getServletContext().getMimeType(
					image.getName());

			if (contentType == null || !contentType.startsWith("image")) {
				response.sendError(HttpServletResponse.SC_NOT_FOUND);
				return;
			}

			response.reset();
			response.setBufferSize(StreamUtil.BUFFER_SIZE);
			response.setContentType(contentType);
			response.setHeader("Content-Length", String.valueOf(image.length()));
			response.setHeader("Content-Disposition", "inline; filename=\""
					+ image.getName() + "\"");

			input = new BufferedInputStream(new FileInputStream(image),
					StreamUtil.BUFFER_SIZE);
			output = new BufferedOutputStream(response.getOutputStream(),
					StreamUtil.BUFFER_SIZE);
			StreamUtil.WriteToOutputStream(input, output);

		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			if (output != null)
				output.close();
			if (input != null)
				input.close();
		}
	}

}

And in your web.xml (WebContent/WEB-INF/web.xml) file, you need to register your ImageServlet:

<servlet>
    <servlet-name>imageServlet</servlet-name>
    <servlet-class>com.pro9ramming.ImageServlet</servlet-class>
</servlet>
<servlet-mapping>
    <servlet-name>imageServlet</servlet-name>
    <url-pattern>/image/*</url-pattern>
</servlet-mapping>

Now you can test your simple image gallery. For more information about certain parts of this tutorial, you can view references.

References :

Part interface 

File upload tutorial

BalusC Image Servlet

UUID reference

Check file type

Extend MimetypesFileTypeMap

]]>
Matrix style JavaScript injection https://pro9ramming.com/matrix-style-javascript-injection/ Tue, 21 Mar 2017 10:42:28 +0000 http://pro9ramming.com/blog/?p=453 Who doesn’t like The Matrix !? Paste this into your URL bar and experience the magic:

data:text/html,<body%20style=margin:0><canvas%20id=q%20/><script>var%20q=document.getElementById('q'),s=window.screen,w=q.width=s.width,h=q.height=s.height,p=Array(256).join(1).split(''),c=q.getContext('2d'),m=Math;setInterval(function(){c.fillStyle='rgba(0,0,0,0.05)';c.fillRect(0,0,w,h);c.fillStyle='rgba(0,255,0,1)';p=p.map(function(v,i){r=m.random();c.fillText(String.fromCharCode(m.floor(2720+r*33)),i*10,v);v+=10;%20return%20v>768+r*1e4?0:v})},33)</script>

 

]]>
OWIN cookie authentication with roles (part 2) https://pro9ramming.com/owin-cookie-authentication-with-roles-part-2/ Fri, 17 Feb 2017 12:50:10 +0000 http://pro9ramming.com/blog/?p=443 Continue reading OWIN cookie authentication with roles (part 2)]]> In Part 1 of this tutorial, basic OWIN cookie authentication with roles has been set. This part describes further features than are added upon Part 1.

ReturnUrl 

First feature is ReturnUrl functionality (the possibility to return the user to the right place when after login). First of all, signature of Login() action method has to be changed a bit, by adding returnUrl parameter:

public ActionResult Login(LoginViewModel model, string returnUrl)

After checking credentials, adding claims and creating a cookie, returnUrl has to be checked:

if (!string.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl))
   return Redirect(returnUrl);
else
   return RedirectToAction("UserPanel");

If it’s not local or not specified, redirect to User panel.

In /Account/Login, Login form should look like this:

@using (Html.BeginForm("Login", "Account", new { returnUrl = Request.QueryString["ReturnUrl"] }, FormMethod.Post))

Make sure to place anonymous object in place where routeValues parameter is specified (not where htmlAttributes are).

AntiForgeryToken

In order to avoid CSRF attacks, AntiForgeryToken should be used in forms. Add the following line inside the form:

@Html.AntiForgeryToken()

And the [ValidateAntiForgeryToken] attribute to Login() method:

[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginViewModel model, string returnUrl)

Using AntiForgeryToken with claims identity requires additional step. Add the following line in Application_Start() method in Global.asax.cs:

protected void Application_Start()
{
   //...
   AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.Name;
}

Changing/updating of claims

Claims have to be updated when user’s role is changed. Add the following code in AccountController:

[Authorize(Roles = "User")]
        public ActionResult SetAdminRole()
        {
            var identity = new ClaimsIdentity(User.Identity);
            identity.RemoveClaim(identity.FindFirst(ClaimTypes.Role));
            identity.AddClaim(new Claim(ClaimTypes.Role, "Administrator"));
            HttpContext.GetOwinContext().Authentication.AuthenticationResponseGrant = new AuthenticationResponseGrant(new ClaimsPrincipal(identity), new AuthenticationProperties { IsPersistent = true });
            return RedirectToAction("UserPanel");
        }

And link in /Account/UserPanel:

<p>@Html.ActionLink("Set admin role", "SetAdminRole", "Account")</p>

When user clicks specified link, his role (claim) is going to be changed.

ExpireTimeSpan and SlidingExpiration

These settings are set in CookieAuthenticationOptions:

app.UseCookieAuthentication(new CookieAuthenticationOptions {
                AuthenticationType = "ApplicationCookie",
                LoginPath = new PathString("/Home/Index"),
                CookieSecure = CookieSecureOption.SameAsRequest,
                ExpireTimeSpan = TimeSpan.FromSeconds(10),
                SlidingExpiration = true
            });

ExpireTimeSpan indicates the time cookie is valid. If SlidingExpiration is true, than middleware re-issues a new cookie with new expiration time when request is more than halfway through the expiration window. Default value for ExpireTimeSpan is 14 days, and SlidingExpiration is true. For testing purposes, in the above code, ExpirationTimeSpan is set to 10 seconds (TimeSpan.FromSeconds(10)).

 

]]>