I have a situation recently identified by the users of my app which i did more than 2 years ago.
To cut the matter short there is a URL link sent to the customer on click of which some things executes based upon the encrypted key that is passed along with the URL query string. Earlier it was working fine because the user had to click on the link in the SMS to execute that. But now a days the SMS clients for example in iPhone or something similar they pick up the URL and try to show the preview (similar to what what's app skype etc do). But the problem is that the link is only one time and on a second click the link is already expired because it is assumed that its already hit.
So, in this situation the user is never able to go to the next step since the link is already consumed in the form of the message preview.
I have a work around for the same for example to show a fake page or something similar but i do not want to use that since i understand that this think i quite common and you genius folks out there have something to share.
Please share how to may be identify the client which are just looking for og tags or how to identify these kinds of clients so that the actual request is not processed unless is done manually by the user by clicking on the link.
As far as I know there is no consistent user agent clients have to use in the open graph spec.
Therefore blocking based on that is an ever moving target, each app could use a different agent if they so wish.
The way I have always countered to this is that a get action should never be a destructive action.
The get should always be safe to run over and over.
If you need a destructive action, the page should include some form of user input/button/link which would trigger a post to the server.
If required you can then also add an added level of security in the link by asking the user to confirm something from the data, e.g. their phone number.
This means if a link was to get into the wrong hands (remember, SMS are not encrypted so can be snooped) then without this information the user is required to enter they will be unable to execute the destructive action of the link.
Related
So I have ga.js code tracking orders in my web application. These are then picked up in the Conversions-->Tracking-->Transactions section in Google Analytics. The thing is I'm getting average 80-90% of my orders showing up in GA. I've read up online that it is normal that a small percentage of orders wont show up in GA. Is this a correct assumption to make?
Yes it is correct because many users block monitoring sites like that one.
The information is given by javascript call, that is also mean that users with javascript disabled, or get javascript error on page, also fail to send that info to google.
The block can be done either using antivirus/anti malware programs, ether direct by add some site names on the host file of the system and changing the IP to localhost so they fail to run. Its an easy trick if you try to avoid some sites that monitor you.
If you wondering if there is a way to always give that infos regarding if the user blocks it, yes there is, you send that informations on code behind direct on google server, but its a little complicate.
And one tip - better keep that infos for your only.
NET Web-forms based application in c#. I need to add a module in the application which allows chatting between logged in users and users can share files during chatting, like Skype. Meanwhile I have to keep a PERMANENT RECORD of each and every word of conversation and files transferred during the session, on my server. I have a bit idea about the implementation of module to achieve the desired result, but I am sure that is not a good practice. Here is my idea:
Chatting:
While users are chatting, create a data-table which will contain the sender id, receiver id, and message contents. When ever user presses send button or hit Enter, a new row would be inserted in the data-table with both IDs and message contents and then the data-table will be bound to a div etc. to show updated messages to both users. At the end, on an event (like window close etc) data-table will be converted to the XML and the XML file will be stored permanently either on hard disk or in database.
File-transfer:
During chatting whenever user press enter/send button we will check the message contents, if the message being sent is a file (with some extension) then upload the file on server and provide a download link to the receiver.
I hope you got my point.
Problem:
1) I want to share files asynchronously i.e. transfer to the receiver and save on the server at the same time. Is it possible?
2) How to tell one user that the other user is typing?
Is there any better way to implement this module? What sort of knowledge should I have to properly comprehend and implement the module?
Thanks for any guidance.
For web-based real-time chat the current open source standard bearer seems to be SignalR.
There are quite a few discussions here on SO about that product and those should help move you in the right direction.
As far as storage is concerned, that will depend upon the infrastructure you have available and the costs you are willing to incur to build the system.
You might look into using RabbitMQ for message delivery and if you set that up appropriately, you can attach queue listeners that will also perform logging of chats as needed. (There are well documented .NET/C# clients already available for RabbitMQ.) You may also want to check out the Wikipedia page for RabbitMQ.
File transfer would probably be best done through uploading of the file to the web-server and temporary storage there with a link to the file to be downloaded by the other chat client. That causes the server to increase its bandwidth requirements though.
You might also look into running your own XMPP server and using a web interface through SignalR to interface into the XMPP server. It might leverage the most functionality for easing time to market.
Have you looked into SignalR?
I am creating a windows 8 app to send mail from the entered fields. There are two approaches that i have tested and tried. But each one has its own limitation. My requirement is simple to send mail via outlook desktop app for the user. The content body of the mail is well formatted hence I used HTML to create it(Other ways if any let me know), there is an image attachment also of the InkManager used to take user sign.
Approach 1: Use share charm. All things work well but some times the app stops sharing then I need to restart or logoff from that account and then again login. And the clients wants to open his/ her outlook
Approach 2: Use mailto and open using Launcher.LaunchUriAsync it gives me an option to choose outlook but I can't set the HTML content formatted and unable to put the InkManager used to take user sign as an image
How can I solve this issue?
If you need to send the mail from the user's account these are the only two ways. Alternatives are using an external web service as Filip suggested or sending it directly from the app using a mail API such as Mail for Windows Store.
I have another remark regarding the first approach, though. In my experience the sharing typically stops working until the next logon when an app does something wrong handling the DataRequested event - this breaks the share charm for all the apps. If it happens to you during development or testing your own app, make sure you handle any exceptions that might happen in the event handler and also check that you are adding and removing the event handler properly. Also avoid stopping the app within this event handler when debugging. This should prevent the issue from occuring.
The best way right now is to write/connect to a web service that sends the mail. I think there might be existing ones out there.
I would like to send a message to an Active Directory user so when he/she loggs in next time they see the message though a popup window. Is it possible to do it in any way beside using the usual netsend?
This is usually a mess when trying to push out a message to a user. If you want a message to pop up, I would suggest that you create a small application with a pull mechanism. When the user logs in, the application should run to determine if they have a message waiting (messages could be in a central database or even file location). If they do, the application could pop up the message. In this way, the application would also bypass most of your firewall/network segment issues. You would only need to open communication to a central location for the data rather than diagnosing network issues for every client.
Not only would this method allow you to do exactly what you are asking for, it would allow you to expand your application to do even more. For example, you could require the user to acknowledge the message in a more formal way than just hitting OK (maybe make them check a box first saying "I read and understand the message"). You could also capture the time when the user saw the message (they might not log in for hours after you send the message). It could also be used when the user is currently logged in and you want to send them a message (the app could poll the server).
While there are downsides to this method (creating an app, installing it everywhere, managing it, etc.) I think the benefits would outweigh the downsides if you really need to have a notification system like you are specifying.
On Windows 2003 you've got an old fashion way of doing that.
In the scriptPath attribut of the AD user nod, you put the name of a script or exe file for example username.cmd.
On your DC, you've got a folder C:\WINDOWS\SYSVOL\sysvol\DOMAIN.NAME\SCRIPTS shared with the name NETLOGON. you just create the file username.cmd in this folder. the program username.cmd is going to be played on every logon of the user. In this file you can put a popup message.
It's still working on Windows Server 2008 R2.
I'm writing a video cms and want all my users to have new assets displayed immediately as they come in.
If I'm right, facebook updates its wall-page in realtime. So when I post something to a friend it immediately displays on his wall. The realtime web, as they say.
I wonder how you do that? Not the technology of client-server-communication, but what goes on on the server.
I understand the principles of the observer-pattern.
But a wall is in fact a query on a table of messages.
How does the observer know what query a user is interested in?
Does it hold all the query's of all connected users and reruns it when something new comes in.
I believe Google-realtime works that way to.
Thank you for helping me out.
When you open facebook, open the script timeline in your browser to see what scripts are executing on the page. You'll notice that there is a polling script being executed several times a second. So the page is looking at the cache several times a second to see if there is any new information that can be displayed.
http://www.ajaxwith.com/Poll-vs-Push-Technology.html - this should give you a background on the subject.
Facebook uses AJAX and a JavaScript timer that polls in the background looking for anything that's changed. Other sites use the same type of functionality to update stock quotes embedded in the page, etc. It's not truly updating immediately, it's updating as frequently as the JavaScript timer hits their server. This is because web browsers use HTTP, which is a request/response protocol. A browser won't display anything that's not as a direct response to a request initiated by the browser; there's no way to just send content directly to the browser from your webserver.