I am relatively new to FB development, but I have managed to do what I wanted, which was to get a list of friends, and from each of them, get their work history. I accomplished this by using Facebook's own C# SDK, and using the Get method on each of my friends, basically doing: _fa.Get("/").
This worked perfectly up until a couple of days ago, where it suddenly stopped working, and now I no longer have the work history (and education for that matter) available to me in the JSONObject which is returned from the Get method. One other thing of note is that a couple of my friends who installed the app I am developing (as a means of testing), do return their work history, but other friends (who have not installed the app), and do have a work history open (which I can see if I look at their profile by browsing into it with my browser) do not return it in my Get call...
The obvious explanation is that FB changed something, and now applications can no longer access this information unless installed on a specific user profile (hence the odd behavior).
Has anyone else encountered the same thing? Am I doing something wrong?
Any help would be appreciated!
Many thanks,
As you said, the answer appears obvious and is probably some change in default privacy settings that have been rolled out. Note that Facebook has introduced a couple of new features this week, most notably the "places" stuff. Most likely work history is not shared anymore by default. You probably only had access because the work history was publicly visible anyway.
Update
Seems to me, the best places to check for changes is the developer blog and the developer roadmap.
Related
Im building a small winforms app using: ayende rhino licensing. The licensing is working fine, I can create licences and distribute them as I choose.
The problem is, How do I make each license work on just one machine? I know there is a class in ayende's project called LicensingService which I believe does something like what I'm trying to do, but I just cant figure it out. I've done quite a bit of searching and couldnt really find any tutorials except this one.
Maybe someone has implemented this, or has some tips on how I could accomplish this? I do have access to a webserver, if that helps.
Any help is much appreciated, as always.
Depends how annoying you want to make it for your users to be honest. You could implement a HWID (see How to fast get Hardware-ID in C#? on how to generate them) which will be unique from system to system, then have your program check if the HWID matches the ID found to the place you store them on-line (usually by using a database).
Needless to say, this will make your application require internet connection in order to run which might be a bit frustrating for your users.
Or you can merge the HWID with the serial and have your application do the same to verify if they match, but that would be easily cracked by the average cracker.
In the end of the day, .net isn't the best as far as security goes since you can easily get the source code and modify the assemblies as needed to patch certain protections. Keep that in mind when deciding what route you want to take to protect your software.
I do not know what exactly is a rhino licensing. To tackle your need generally there are two approaches.
Either give some randomly generated password to the client machine, and maintain a pool of passwords in your server. Each time a password is entered to register the application in a local machine, check if it was already registered elsewhere by connecting to your server via internet.
Or, what we do is, generate a code unique to that machine (perhaps a hash of some unique machine id, say mac id) and get the client sent it to you. You would then rehash the code and send it back using some logic. Now when the client enters this code to his machine do the same thing: fetch the very machine id, do the same rehashing using the same some logicand check if it matches.
I cant think of anything else
I'm working on an asp.net content management system and we need to have Flesch-Kincaid grade level stats available to the users. I've done quite a bit of searching and I haven't found any viable ways to implement this. The closest I've come is the MS Word ReadabilityStatistics Property. I can get this to work great in a console app but support for the dll in asp.net isn't supported and I get an access denied error whenever I try to leverage it from my asp.net application. I spent 8 hours the other day trying to get that to work from asp.net with no luck.
Does anyone know of another dll or method to get a FK value? We do tell our content users that the FK value is from MS word, so that'd be best, but really anything which is close would be appreciated at this point. Even an js version would be adequate.
If you're happy translating PHP, the work has been done for you.
I am not a software engineer as you will see if you continue reading, however I managed to write a very valuable application that saves our company lots of money. I am not paid to write software, I was not paid for writing this application, nor is my job title software engineer so I would like to have total control over who uses this application if I ever had to leave since as far as I can tell it is not legally theirs (did not write during company hours either).
This may sound childish but I've put much much time into this and I've been maintaining it almost on a daily basis so I feel that I should have some control over it, or at least could sell it to my company if they ever had to let me go, or I wanted to move on.
My current protection scheme on this application looks something like this:
string version;
WebRequest request = WebRequest.Create("http://MyWebSiteURL/Licence text file that either says 'expired' or "not expired'");
WebResponse response = request.GetResponse();
StreamReader stream = new StreamReader(response.GetResponseStream());
version = stream.ReadToEnd();
stream.Close();
response.Close();
if (version == ("not expired") == false)
{
MessageBox.Show(Environment.NewLine + "application expired etc etc", "Version Control");
}
It checks my server for "not expired" (in plain text), and if the webrequest comes back as anything but "not expired", it ultimately pops up another form stating it is expired and allows you to type in a passcode for the day which is a multiplication of some predetermined numbers times the current date to create "day passes" if ever needed (I think Alan Turing just rolled over in his grave).
Not the best security scheme, but I thought it was pretty clever having no experience in software security. I have however heard of hex editing to get around security so I did a little test for science and found this area of my compiled EXE:
"System.Net.WebRequest." Which I filled in with zeros to look like this: System.Net000000000
That was all it took to offset the loading of the application to hiccup during the server check which allowed me to click "continue" and completely bypass all my "security" and go along using the program without it ever expiring.
Now would a normal person go to this length (hex editing) to try to get past my protection scheme? Not likely, however just as a learning experience, what could I do as an added step to make hex editing or any other common workarounds not work unless it was by "professional" cracker?
Again I'm not paranoid, I'm just eager to learn more about security of applications. I was both proud of myself and ashamed at the same time for creating and breaking my own protection.
If commenting, please be kind since I know this is probably a humerus post to those more informed than I as I really have little experience in writing software and have never taken any type of course etc. Thanks for reading!
Another way to bypass the license check is to redirect the checking url to localhost returning always the desired text...
A better way is to make a call to a function doing the same thing but make your server response a signed XML including the server response time-stamp, that you can check on addition with the system datetime (use UTC dates in both sides). It is also a good idea to throw exceptions whenever something is not the way you expect it, and control the flow of your program with exception handling.
Check the following to get a how to clue:
How to: Sign XML Documents with Digital Signatures
How to: Verify the Digital Signatures of XML Documents
Now would a normal person go to this length (hex editing) to try to
get past my protection scheme?
Well i guess, that depends on how useful the application is for that "normal person", and how determines he is to make it work.
Most .net application unless obfuscated can be easily de-compiled to the source code using tools like (Telerik JustDecompile) or they can simple use the ildasm to see the IL code, i heard there are tools to even de-compile obfuscated .net libraries, although i haven't used or found any.
With my little experience, i can suggest two approaches
Enforcing licensing and cracking it in a application which runs plainly on the user machine is a cat and mouse game, you can add some extra protection to your code by moving some part of the applications functionality to the server and expose it as a web service which your client can consume, the part you move to the server must be an important part for the application to work and should be something that is hard to simulate.
The other approach is to add a auto updater feature to your application that will check the server for latest updates, and when ever it finds a new version it will overwrite the older one, thus overriding any cracked version, this can be easily disabled, but if disabled this will also stop any bug fixes you might release
I tried both the approaches, but they are only useful to some extent and you have to decide whether it is worth the effort enforcing or not
We have a C# (winforms) application used for adding new starters to amongst other things AD, Exchange mailbox, sending emails to relevant people to say new starter arrived etc etc.
However, I'd like to extend this so that it also, where required, checks SFDC to see if there is a free licence available for their role.
If there IS then email SFDC admin to set them up (perhaps later do this in code as well).
If not, then notify different department of licence requirement.
Hoping to make a a C# call to the SFDC webservice.
I've looked through the documentation and can't find how to do this.
Open question or not, here's something I think might steer you in the right direction - the UserLicense object
http://www.salesforce.com/us/developer/docs/api/Content/sforce_api_objects_userlicense.htm
See also the Profile object, which has a "UserType" field that shows license info
http://www.salesforce.com/us/developer/docs/api/Content/sforce_api_objects_profile.htm
I've not dabbled with the API (yet!) but I'd imagine that it is possible to enumerate collections of Users and/or Profiles
You just asked how to deal with a proprietary product unrelated to any of the topics this site covers (namely, anything programming-related). See https://stackoverflow.com/faq
You should contact their customer service, if their online docs are insufficient.
http://www.salesforce.com/services-training/customer-support/
Is there a way to determine what (and where) in my code is causing certain capabilities to be required?
When I run CapabilityDetection.exe against my bin folder it comes up with:
ID_CAP_MEDIALIB
ID_CAP_NETWORKING
ID_CAP_PHONEDIALER
ID_CAP_WEBBROWSERCOMPONENT
ID_CAP_IDENTITY_USER
ID_CAP_MEDIALIB indicates that you're accessing the media library somewhere, but I've seen this reported incorrectly a lot. ID_CAP_NETWORKING means you're accessing a data connection at some point, ID_CAP_PHONEDIALER means that you're making a phone call, ID_CAP_WEBBROWSERCOMPONENT means that you've go the WebBrowser control on at least one page. I don't think I've ever seen these reported in error. ID_CAP_IDENTITY_USER means that you're using the anonymous Windows Live ID for user identification, which is typically the case when you're using a third party analytics solution such as mtiks or Flurry.
There's a list of the various capabilities on MSDN. Generally speaking, if you don't think you're using a particular capability, take it out, and then check that your application still runs as expected.