Nerseus

Personally, I wouldn't worry about anyone decompiling code. As mentioned, it's ALWAYS available in some form, even if it's just machine code (assembly). Some argue the merits of making it harder for the average hacker to see the code and that's probably good enough for most - any obfuscator will do that. I haven't tried it, but Visual Studio 2003 even comes with one (at least the Enterprise Edition does) - the community edition of Dotfuscator. Besides obfuscating your code, just use the rule of thumb that you never put passwords, serial numbers, etc. - ie, sensitive data - in your code. That makes it easier for the simpleton hackers to view the EXE and see it. If you validate against a webserver, database server, etc., you'll stop the majority of average hackers since you won't be embedding anything. You will never be able to stop the "good" hackers if they really want to get at your code. And remember, if your product/software is so good that someone wants to decompile it or change it, someone will be able to do it. You can't stop them, period. The only thing you can do is make it harder for them to read it, which is what the obfuscator does. If you really want/need to embed sensitive data, then you can try and make it as hard as possible, but nothing is fullproof. That isn't meant to sound scary, it's just a fact - the code is always available for viewing. I'd love to hear about a specific program someone's written or knows about that would definitely need some kind of encryption beyond an obfuscator. I tried to think of one but I just can't. I can always think of a better solution to slow down (not prevent) a user from getting at what I wouldn't want them to. -ner

Are you quoting that article because it fixed your problem? Which suggestion fixed it? Or, are you just adding more info to the original problem and you're still looking for an answer? -ner

To add to sam's comment, you have the following line which will get you the maxlength of the column in the DB: odbcDataAdapter.FillSchema(odbcDataSet, SchemaType.Source) You should be able to check the DB's length with: Dim i As Integer = odbcDataSet.Tables(0).Columns("MyColumn").MaxLength -nerseus

Wile said I was thinking (but said wrong). I got confused on the IIF versus the new "AndAlso" keyword. -ner

He's a good kid. Every kid that I've seen use a computer (probably about 6 or 7 counting family and friends) picks it up SO fast. My son started at about 2 and a half. After about 15 minutes he was actually picking colors from mspaint's little color squares. I was dumbfounded. I'm not saying it to brag, but to point out that you probably DO need to protect Windows for kids software, but do it in a "normal" way like a fullscreen app rather than "taking over" windows. This book has a great little sample app called "Dodger" where you steer a car between two lanes and dodge square, teapots, etc. This simple little test app is my son's current favorite game, a very simple DirectX game that could easily be made full screen and "lock down" the keyboard. I'm tempted to put my name and picture in it so he thinks I'm that cool to have written it :) -ner

I thought I read that VB.NET 2003 introduced a new way to do IIF that only evaluated the true/false part instead of both? For example: Dim b as Boolean = True Dim d As DialogResult = IIF(b, MessageBox.Show("b is true"), MessageBox.Show("b is false")) You'll get both messageboxes. I can't remember the new syntax. Anyway, I would worry about using IIF except in extremely simple scenarios, never something that might cause a problem like the above. Anything that's "too complex" should likely be written as a full "If...Then...Else" for readability. I scanned my code at work, and I saw less than 10 occurrences of "( ? : )" syntax and that's searching a LOT of code. -ner

It sounds like you want to more or less hide windows from the user? Pretty much impossible and could be VERY malicious. Suppose your app displayed a login to Windows screen and gathered a password. Now, a better thing for kids would be to not allow certain keyboard combos like Ctrl-Esc to bring up the start menu. When the kids run the app, the parents hide the task bar to prevent accidental clicks. At least, that's what I do for my son. He still manages to right click in the browser but I'm too lazy to figure out how to turn off right clicks :) You could also develop your app/game in DirectX as a fullscreen app. It would be a lot more work, potentially, but has a lot of advantages - you can more easily "lock down" the keyboard and go full screen, prevent right mouse clicks, etc. To start something up automatically, you could simply put an icon in the start menu. I've found that my son can find "his" icon pretty fast on the desktop and knows how to press Enter AND maximize the browser when his webpage loads up. He can even drag and drop with the best of them. For most kids that I've watched, they pick all this up in a few short sessions on the computer, maybe 2 or 3 hours (30 minutes a day and they'll be dragging and dropping in a week). -ner

Howard Jones, Jars of Clay and The Cure, round-robin. Shouldn't this be "what MP3's are you playing"?

Are you sure Column 0 and 1 are what you want and they're not reversed? You can specify a column name if you want (I can't see them because you use "SELECT *..."). I'll test this out in just a bit. -ner

How are you adding items to the listbox? Are you binding or just adding items manually? -ner

I've never tried this, but I can think of two possible solutions: 1. Maybe use a login script that launches your EXE that can log when people come in/out. Not sure what info you can get about the user using this method. 2. Look into hooking into the Terminal Services "services". I would assume there's a set of APIs that you can get access to (heck, maybe even a .NET component) that might provide you with what you want: who's logging in, when, etc. I would suspect it's near impossible or at least very difficult to log when a real user logs in/out as that would make it easy for malicious programmers to get at account access. Just my opinion, could be quite wrong. -ner

It looks like you're assuming the SelectedItem is an Integer? Is that right? That would imply your listbox shows just numbers? Normally you'd load a listbox with a name/value object - the name is displayed while the number is used as the key. What line does your code blow up on? When you do the Database stuff (which happens first) or farther down when you remove the value from the DataTable? By the way, you can use DataTable's Select method to get a set of DataRows that match a filter and delete from that. When you get the other part working, let me know and I'll get you a sample for the Select (if you want). -ner

I think Doom3 will have great sales, but not as big as HL2. I think HL2 will become at least as big as the original. Nothing that I've seen of Doom 3 has shown me that it has great replayability or a "suck you in" factor except the graphics, which lots of games have. Maybe it has the scare factor and of course the "Doom" legacy, but I just don't get excited thinking about Doom 3. I think people really like the idea of being sucked into a great story inside a great environment like HL2 seems to be shooting for. That's one reason why the Grand Theft Auto 3+ series did so well - you felt like you could do almost anything and yet still follow the plot. Doom 3 seems similar to Unreal 2, great graphics but not much in terms of plot. -ner

Your radio buttons MUST be grouped in some kind of containing control or else they will not work like radio buttons. There is no programmatic way (that I've ever seen) to group them without having them inside a control. If you don't want the containing control to be visible then try a panel. It's default border is none and won't show up. Unless you have something very simple like 2 or maybe 3 radio buttons, keeping them grouped visually in something like a groupbox is definitely the way to go. If you only have 2 radio buttons, try a checkbox instead? -ner

We've done something similar. For us, our If test on whether to add an item to a combo was changed to filter out inactive items unless it was the current value (driver in your case). Also, I'd change your loop to do a Select and loop through the filtered rows. Here's a code snippet to do both: Dim MatchingRows() As DataRow() = DsDetDrivers1.Tables("Drivers").Select("Inactive = False OR DriverID = " + myDriverID) For Each DRDriver In MatchingRows ' No need to do the following check anymore - filtered above ' If DRDriver("Inactive") <> True Then ArryDriver.Add(New LookupItem(DRDriver("DriverID"), DRDriver("DriverName").ToString())) ' End If Next In the above, myDriverID would be set to the one you want to include even if it's inactive. Another option is to use a new custom object, similar to your LookupItem class, but on that includes the Inactive flag as a property. When trying to select anyone from the combo for editing, you could run code that checks the Inactive propert and disables the "Edit" button (or maybe display a message if they try to edit them). -ner

You can use the DataSet's merge method to import a filtered set of rows. Below is a sample on some test data. DataSet dsSource = new DataSet(); dsSource.Tables.Add("Table1"); dsSource.Tables[0].Columns.Add("name"); dsSource.Tables[0].Rows.Add(new object[] {"a"}); dsSource.Tables[0].Rows.Add(new object[] {"b"}); dsSource.Tables[0].Rows.Add(new object[] {"c"}); DataSet dsDest = new DataSet(); dsDest = dsSource.Clone(); // Get a copy of all the table structures into dsDest. string filter = "name = 'b'"; // This would be your date range check DataRow[] matchingRows = dsSource.Tables[0].Select(filter); dsDest.Merge(matchingRows); This solution actually creates a whole new DataSet (dsDest) not just a datatable. I started by cloning the source DataSet which creates an exact copy of the dsSource dataset minus any data. -ner

What do you need to do when someone logs in/out? Couldn't you just run something in their startup group or as a registered "startup" application (puts an entry in the registry)? -ner

One solution is to not use direct connections from a client. This is one of the benefits of an n-tier architecture. A webserver typically takes the credentials, verifies the user, then lets them in (assigning them a session ID or cookie or similar token). On subsequent calls, only this auto-generated token is passed. On every call it's validated and, if it works, the user gets access to the webmethod which handles DB connection strings and such and returns the data. If you're in a client/server architecture and can't use the webserver (or any remote server), then I've seen the following approach used with success: A user enters their uid/pwd and logs into a "test" database. The app uses a special login "testuser/password" to get access to the test database and verifies their credentials. This will the return, encrypted, the userid and password to the client machine "on the fly" so that it is never stored (except in memory). A similar approach had this functionality compiled into a COM object that exposed the connection objects to the main app. There are a number of "better" solutions, most just take more administrative work. You could force all users to get their own credentials and log into a database using SQL Server's credentials (not trusted connections). Their userIDs would not have any direct table access. They would only be granted rights to the procs. You could also do this with a single userid/password that everyone shares. -ner

You can xpcmdshell (with underscores in the name somewhere) in SQLServer to run any EXE. I would guess Oracle has a similar bit of functionality. BUT, I would strong reccommend NOT using this. Performance alone should be enough to drive you away from this one (it's absolutely horrible on a realworld transactional server). If you just want to run a proc during a trigger, then sure - go for it (that's mostly what it's there for). Generally, you'll have your code right in the trigger since triggers should be fast (do their work and get out quickly). If you need something realtime, go with triggers or a proc. If all your inserts into TableA go through one proc, then you wouldn't need a trigger (for example). If you need something more robust, like an EXE, then I'd suggest logging to a specific table that an EXE can scan periodically (polling). If we knew what you were trying, maybe even more suggestions. -ner

...it's also something you will rarely need to use (ref in C# or ByRef in VB). For example, in ultraman's sample code it's not needed. Passing in the param without ref implies "By Value" but you can still change the Text property. Now, if the param is a struct then you might want/need a ref param. I've rarely used structs (but I have) and more rarely needed to use ref on them. -ner

Yes, I meant programmatically. If you have the need, sql tasks are easier to program against. Plus, since this is technically an sql task, it seems fitting to go there. But, a windows task is super easy to setup as well and works quite well. Just offering up another option since many probably don't know that SQL Server supports setting up scheduled tasks. -ner

You can use the Windows Task Scheduler (as mentioned). An alternate approach, available if you're using SQL Server, is to use a sqltask. It works similarly to the Windows Task Scheduler (very robust) and has the advantage that you can easily change the scheduling (turn on/off, time of day, etc.). Interfacing with the Windows Task Scheduler, in my past experience, has been difficult. Interfacing to the sqltask scheduler is a breeze. And, since you're loading data into SQL (SQL Server?), it would make sense to make this a sql job. -ner

I use the "visual" approach to get things going (figure out those darned complicated connection strings) and for test projects. In a "real" product, you would normally have a better strategy for sharing connections or not using them at all (some kind of DB layer, generally on a webserver for example). As for commands, adapters, etc. - there's only one issue I'm aware of. The commands that are auto-generated will use the column directly such as "SELECT FirstName, LastName...". If you have reserved words in your column names, you'll need to change this to "SELECT [FirstName], [LastName], ...". Again, in a "real" product, you're likely to have masked the use of adapters and commands in some kind of DB layer. For example, a simple class might expose a GetDataSet method that takes the name of a proc (with no params) that returns the DataSet. This type of hiding is ideal since it hides the connection, database, etc. and just gets you back your data. Microsoft has an "Application Block" that you might want to look at: http://www.microsoft.com/downloads/details.aspx?FamilyID=f63d1f0a-9877-4a7b-88ec-0426b48df275&displaylang=en It's like a framework or recommended practice for setting up database objects. -ner

I don't think you can do what you're trying. The data returned from Oracle is meant to be read through a datareader because it's a readonly/forward only type of return, often called a firehose query. That type of query wouldn't work with a command object as an output param, to the best of my knowledge. Why do you want the data as an output param? What's your endgoal for using the data you're getting back? -ner

I don't have both Visual Studio's on my machine here, but I think the difference lies in the solution files, not the project files (?) Try moving your SLN file out of the folder that has the project file (if they're in the same folder, Visual Studio will try to load the solution). Then open the project file (the one created by 1.1) into Visual Studio 1.0. The problem with cutting and pasting all the code is that it isn't all the code. There are some embedded resources in a .resx file that go with forms. If the above doesn't work, you might try creating a new project in VS 1.0 and import all the classes one by one. I would bet that someone has already written a converter to change solution files back to their 1.0 version - maybe search google for such a tool? -ner