Blog » Blog

For a while now I’ve been wishing I didn’t have to do this…

<asp :LoginView ID="LoginView1" runat="server">
  <rolegroups>
    <asp :RoleGroup Roles="Administrator">
      <p>Admins only!</p>
    </asp>
  </rolegroups>
</asp>

…every time I want to have something only an Admin can see. It’s not that it takes long to do, it just seems incredibly inefficient.

So now my first custom control to the rescue, to this point I’ve only used user controls in ASP.net.

using System.Web.Security;
using System.Web.UI.WebControls;

namespace Teknohippy
{
    public class AdminView : PlaceHolder
    {
        public AdminView()
        {

        }

        public override bool Visible
        {
            get
            {
                if (DesignMode)
                {
                    return base.Visible;
                }
                else
                {
                    return base.Visible && Roles.IsUserInRole("Administrator");
                }
            }
            set
            {
                base.Visible = value;
            }
        }
    }
}

Now I can just to the following instead…

<tekno:AdminRole id="a1" runat="server">
  <p>Admins Only!</p>
</tekno:AdminRole>

Softrope is now available to beta testing Dungeon Masters.

To become a beta tester simply email beta@softrope.net and request to join.

Softrope also now has it’s own site, softrope.net.

After months of grabbing the odd bit of time here and there during lunctimes and evenings, Softrope is slowly approaching a useable state. Next week I’ll be using it during a game. If that goes well then I’ll be releasing it to a private beta group.

Here’s a recent screenshot.

My mobile wordprocessing needs have been met for now by a Samsung NC-10 netbook. Not my ideal size or battery life but definitely the functionality that I need. Coupled with BTModem enabled phone it’s very usable as a mobile platform. Although without the modem I’d get more writing actually done!

Had me for a while this one. Simply check that you haven’t inadvertently set ThreeState property to true like I had.

I spent some time yesterday checking out which S60 word processor I’d like to use with my E71. I decided in the end that the answer would be, none.

One huge feature that is missing for me in every single one I tried, is styles. I find it really hard to outline a document without some kind of style library. Is it too much to ask to just have a choice of heading 1, 2, 3 and normal?

It’s a step backwards from my existing mobile word processing experience, the Psion 5mx.

Mind you a lot of stuff is a step backwards from the Psion. Okay yes it has some serious faults nowadays.

• Very unclear screen
• No easy mobile connectivity
• No color
• No decent web experience

But as a word processor for a mobile writer it does many things very well, some that still haven’t been matched.

• Good keyboard for its size
• Functional word processor
• Excellent battery life

Of course correcting lots of the things it does badly would damage the excellent battery life. But still it would be nice if I could have a non-crippled word processor for my E71. Anyone know of one?

I just spent a little time trying to work out why some of the UserControls had disappeared from the Asset Library in Blend.

Turns out in the end it was simply because they had not got a parameterless constructor.

Dmitry’s fantastic Multimedia Keyboard plug-in  for Griffin’s Airclick USB has been updated.

It gives you the ability to control any application that supports Multimedia Keyboards by simulating multimedia key or arrow key strokes. You don’t have to change to another plug-in to control different applications, in fact, you might never have to change it again.

Well now it even works with Adobe Flash players in full screen! (YouTube, Hulu, Amazon, JW FLV Player and similar)

You can download Dmitry’s plugin here:

http://www.dimin.net/software/airclick

With a couple of tweaks we’ve managed a nice stable single instance WPF application for Xtractor following this advice from John Melville’s blog.

Of course using your own Main method causes problems for Blend, so we also made use of this advice from the Blend and Design Team’s blog.

UK mapping developers Earthware have launched London street side views in their real estate mapping solution by partnering with street view innovators Seety. Take a look for yourself at the sights of London.Let’s hope this street level mapping solution spreads to the rest of the UK quickly.

read more | digg story

I’ve been working a lot in the admin section of my WordPress install recently. Now my hosting doesn’t serve files to me very fast, particulaly admin pages. I installed google.gears and that sped things up some.

What’s really made a difference though is this drop down menu plugin for the admin pages. No more clicking through pages you didn’t need to get to the one you do.

Thanks to Ozh for that!

I’ve been working on a subscription site, logins are powered by the ASP.net membership provider system.

Now I want to stop people sharing their logins and avoiding paying for a subscription. We don’t really want multiple logins from the same username.

After a lot of Googling I came up with an almost suitable solution:

http://www.eggheadcafe.com/articles/20030418.asp

The only problem for me is that this solution stops a new login. This means that if a user logs in, closes the browser, and then logs in again, they are denied a login for the next twenty minutes (or however long the session timeout is set to).

So I switched things around, and actually ended up with a slightly simpler solution.

In my asp:Login control’s LoggedOn event I have the following:

protected void LoginMain_LoggedIn(object sender, EventArgs e)
{
    System.Web.UI.WebControls.Login senderLogin = sender as System.Web.UI.WebControls.Login;

    string key = senderLogin.UserName + senderLogin.Password;

    TimeSpan TimeOut = new TimeSpan(0, 0, HttpContext.Current.Session.Timeout, 0, 0);

    HttpContext.Current.Cache.Insert(key,
        Session.SessionID,
        null,
        DateTime.MaxValue,
        TimeOut,
        System.Web.Caching.CacheItemPriority.NotRemovable,
        null);

    Session["username"] = key;
}

We concatonate the username and password as before and use this as the key for a cache item. The cache item value though is set to the just logged in users SessionID. We then add the key to a session variable.

In global.asax we have:

protected void Application_PreRequestHandlerExecute(Object sender, EventArgs e)
{
    if (HttpContext.Current.Session != null)
    {
        if (Session["username"] != null)
        {
            string cacheKey = Session["username"].ToString();
            if ((string)HttpContext.Current.Cache[cacheKey] != Session.SessionID)
            {
                FormsAuthentication.SignOut();
                Session.Abandon();
                Response.Redirect("/errors/DuplicateLogin.aspx");
            }

            string user = (string)HttpContext.Current.Cache[cacheKey];
        }
    }
}

This will fire for every request. If the username session variable exists then the SessionID is taken from the cache and compared to the current SessionID. If they don’t match then the user is kicked to an error page after being logged out and Session.Abandoned.

This means that a second user logging in will change the cached SessionID and login fine, whilst the original user will be logged out.

The error message explains what has happened and provides support for what to do. Which is of course either, stop cheating me out of cash, or let us know if you think your account is compromised.

If you use ASP.net masterpages then sooner or later you will have discovered that you cannot access your masterpage properties using Page.Master or simply Master.

Previously I have used the solution you see floating around a lot, that is to put the following in your content page aspx (assuming our masterpage is called Main.master):

<%@ MasterType VirtualPath="~/Main.master" %>

And the following in your code behind for example:

Master.BodyClass = "pgKeyboard";

It works fine, although for every new page you make you need to remember to add the MasterType declaration, which has always frustrated me.

So the other day I realised, obvious though it was once I had, that I could drop the MasterType declaration and simply cast the Master object to the correct type.

For example:

((Main)Master).BodyClass = “pgKeyboard”;

So if you can’t access your masterpage properties or methods, just remember you need to cast the Master object into your masterpage type.

My goal for the winter was to shoot more than 550 for a Porstmouth. My last 3 were all 546, and it was getting quite frustrating. Last night on the last day of the Winter season I finally did it with a 557.

I shot a 546 Portsmouth again yesterday night. That’s four in a row now. Shot six 7s, rather disappointing. Without them I’d have made the 550 Winter goal I set myself. Not much of the Winter season left now. Next chance is Monday evening, a little more concentration and we’ll get there.

During the aftermath of the footer hack, and becuase I’ve started to take fiction writing seriously, I’ve decided to split my blog into two. teknohippy.net is pretty much what it has been and anything about writing is now on http://iainmnorman.com.

Well I’ve learned my lesson regarding critical security updates. I’ve been running a couple of version behind the latest for months now.

I then spotted a whole bunch of 404s in Google’s webmaster tools. Really odd links that shouldn’t even exist on my site. So after investigating I discovered that my footer.php was full of spam links.

So I deleted them. Next time I checked they had come back. So I exported my posts as XML and ditched both the WordPress and the database. I then reinstalled the lastest version of WordPress and imported my posts. Next time I will upgrade when a security patch is realeased!

The only remaining problem is the damage done to my search engine listings, I have fallen off the map completely. Googlebot still hasn’t revisted my site since I repaired the damage, so who knows how long before things correct themselves, I have made a resumbission request just in case I’ve been blacklisted or something.

If like me you run an installation of DasBlog in a sub folder/app then you may run into this error message when you start using ASP.net 2.0 membership/role providers in the base app.

The SSE Provider did not find the database file specified in the connection string. At the configured trust level (below High trust level), the SSE provider can not automatically create the database file.

All that is required to fix is to add:

<roleManager enabled=”false”/>

to system.web in the DasBlog web.config.

As I’ve previously written about, I’ve been having some trouble with PayPal PDT ( Payment Data Transfer ) and Google Analytics e-commerce tracking.

If you’ve added Analytics to your PayPal thank-you page, and used PDT to get the data to be sent to Analytics and got that working nicely then you will have discovered that not every sale gets tracked, because not every shopper can be guaranteed to land on your thank-you page.

Now I’ve been doing some testing on an idea to get around this using IPN. The basic premise is this.

1. Google Analytics works through a request for __utm.gif from the Analytics server, to which is attached all the tracking information.
2. On the page just before leaving for PayPal set the analytics script to local only.
3. Use url rewriting to hide a script behind your local __utm.gif.
4. Record all the details for the request for the local __utm.gif in a database, referenced to the session.
5. Send the session ID information through PayPal’s custom variable.
6. User finishes sale.
7. IPN script picks up sale, checks session ID and looks up the stored request.
8. IPN script rebuilds request and forwards to Google’s __utm.gif.

Now to test this before getting involved in databases and IPNs I just made two pages. One with Analytics set to remote, the next page with analytics set to local. Then I made a local __utm.gif just forward the request for the remote __utm.gif through a server side HTTP request.

Wait a day.

No joy, nothing showing up for the e-commerce tracking, or the visit to the second page, just the first page visits where the script was set to remote.

Then I fiddle for weeks trying to improve the request. Adding all the cookies etc. etc.

No joy.

So I took a look at the urchin.js file to determine whether or not the local request was being built any differently to the remote one. And it was. If you have a look through urchin.js searching for the local/remote variable (forget the name of it right now) then you’ll see that there are extra things appended to the end of the querystring for the remote call to _utm.gif. The extra stuff is the content of all the analytics cookies.

So I fiddle urchin.js and made a local copy that built the same request for remote and local, including all the cookie data. I had a couple of people hit the two pages and a day later…

Success, there is e-commerce transaction data, items, totals, everything in Analytics now.

I used different sources and the like for a couple of test and those have also come through. Even more surprising though is that where I have had other people test the two pages for me, their locations have been tracked and assigned to the e-commerce transactions correctly. Which I didn’t expect as it’s always the web server making that request, and it’s not moving around!

So that’s something to work on. I’ll keep you updated on the next stage of implementation.