Best Practice Suggestions?
Hey CF World,
I have to revamp an online order process. The process is broken into 4 steps.
The app as it exists today was built by a different developer and for the life of me, I have wasted about 5 hours trying to figure out exactly what the person is doing in the code just so I can make some basic tweaks to the process.
Could anyone offer what might be considered today's best practice for a step by step order process?
The thought is, if the user could complete step 1, upon clicking next the data elements of the form would be validated and then they would be taken to step 2, etc, etc... until the end where upon submission, the order would then be written to the database and next process triggered internally.
Should I have one page that upon submit of step 1 cycles back to itself, processes the data and then loads a separate div of info for step 2 or...?
Any suggestions would be great. Thank you so much in advance for your help, I sincerely appreciate it.
Ciao'
D.
I'm not going to attempt to answer the user interface side, that's not my area of expertise.
In terms of validation, ideally this should occur at three levels
1) Client-side - immediate response. Traditionally this is Javascript. For instance, if the user tries to enter a letter into a numeric field, they get feedback as soon as they press the button.
1a) Client side - on submit. Any extra validation (blank mandatory fields, comparison of fields) that doesn't require a trip to the server. Also traditionally Javascript.
2) Application level. Assume that the user had Javascript disabled, and none of your previous validation had happened. Also, there are tools such as Firebug that let them edit your HTML before running it: adding extra items to a SELECT, for instance. Redo all previous validation!
This is also where you check things against your database - and parameterise any database interface. SQL injection is a Bad Thing. Do as much as you can via stored procedures called by CFCs, and if your code only needs read access, use a datasource that only has read access.
3) Database level. Assume they've somehow got in via a route other than your application: maybe a malicious or careless employee using command-line SQL. Enforce all business rules and all data integrity constraints at database level: constraints, triggers, whatever your database provides.
Sounds horribly paranoid, doesn't it? But that trick of editing the SELECT is done by 13-year-olds hacking games, so if you're dealing with real money and adults, it's the sort of thing you have to allow for.
Similar Messages
-
Localization: Best practice suggestions Apps with mixed UI and Content languages?
I am trying to write a simple Universal app that can be easily localized to different UI languages. But the app also needs to display content that is determined by user settings. For example I would like the app UI to display in the users region (English,
Russian, etc.) while at the same time having fields on the page whose strings are coming from other resources (Latin "la"? , Spanish, etc.).
The samples are pretty good about how to setup resources with respect to the UI ( e.g. Strings/en-us/Resources.resw ) but not what to do if you want to also be able to draw strings from a different language. When the words in the content fields show in Latin
I don't want the UI to also be in Latin.
Suggestions on best way to do this?
Thanks,
-Tom19Hi Tom19,
I did not receive the email notification on my mailbox for your reply, that's weird. Sorry for the late response.
Basically we have the best practice documentation for you:
Creating and retrieving resources in Windows Store apps also
Quickstart: Using string resources, take a look at the documentations to see if these helps.
--James
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Order Process Best Practice Suggestions?
Hey CF World,
I have to revamp an online order process. The process is broken into 4 steps.
The app as it exists today was built by a different developer and for the life of me, I have wasted about 5 hours trying to figure out exactly what the person is doing in the code just so I can make some basic tweaks to the process.
Could anyone offer what might be considered today's best practice for a step by step order process?
The thought is, if the user could complete step 1, upon clicking next the data elements of the form would be validated and then they would be taken to step 2, etc, etc... until the end where upon submission, the order would then be written to the database and next process triggered internally.
Should I have one page that upon submit of step 1 cycles back to itself, processes the data and then loads a separate div of info for step 2 or...?
Any suggestions would be great. Thank you so much in advance for your help, I sincerely appreciate it.
Ciao'
D.Hello,
Thank you so much for that. Let me qualify a few things as I probably should have in the first place. (my apologies)
Coldfusion 8
SQL Server 2005
There is no payment or credit card information being provided.
The user comes online, goes through a basic order process for some work to be done. As mentioned, it is a multi step process for gathering their information.
Once the entire order is in and all the fields validated along the way to ensure they were populated where required, the order is to be written into the pending orders table and an email is sent to the branch closest to the customer notifying them of the new order with a link into the details. The branch then calls them directly to confirm the details of the order before activating it.
So, the code I received, is next to impossible to follow through, for the life of me I can not figure out what the former developer has done. I need to make some changes to the process and if I can not even follow the flow to figure out where to make my changes, that could pose a problem.
I have not coded too much in Coldfusion for the past two years but did so quite extensively before that. I totally agree on the CFTransaction suggestion. I guess what I was looking for is, are there any best practices for coding that I should be aware of, especially considering what I want to accomplish? Previously we used the "fusebox" concept of coding and had most of our code in CustomTags in a very reusable and easy to follow structure and flow.
Any thoughts/suggestions would be great! Thank you very much!
D. -
Multiple IPs and Outbound IP on 2008, best practice suggestion...
Hello,
I need a suggestion on an issue;
I have a Windows 2008 R2 SP1 Std. Ed. I have 3 IPs for that server, each of them uses the same gateway. By design the IP which is closest to the gateway is the default outbound IP on W2K8_R2_SP1_SE.
I want to choose any other IP out of other 2 assigned IPs as default outbound one.
example:
GATEWAY: 10.0.0.1
IP1: 10.0.0.2 (default outbound by design)
IP2: 10.0.0.3 (the one I want it to be default outbound)
IP3: 10.0.0.4 (not important)
There are basically 2 choices available to me doable right now. Can you please take a moment and suggest one of the solutions below or state if you know the best practice for such a case? Thank you very much in advance =)
First Solution:
apply this command: Netsh int ipv4 add address 12 10.0.0.1 255.x.x.x skipassource=true
then apply these 3 hotfixes:
IP addresses are still registered on the DNS servers even if the IP addresses are not used for outgoing traffic on a computer that is running Windows 7 or Windows Server 2008 R2
http://support.microsoft.com/kb/2386184
The "skipassource" flag of IP addresses is cleared after you use the GUI to change IP settings of a network adapter in Windows 7 or in Windows Server 2008 R2
http://support.microsoft.com/kb/2554859
FIX: IIS Manager does not display IP addresses that are assigned to the network adapter together with the skipassource flag
http://support.microsoft.com/kb/2551090
Second Solution:
Simply create 2 interfaces. Use the first one with the IP that I want to be as outbound default, dump all other IPs to the second interface. 2 interfaces will have the same gateway but Windows will assume the first one as the outbound default.I believe you want to set the metric on the interfaces.
You can do this by altering your routing table with
route.exe or alternatively, you can change the interface metric in the TCP/IP advanced properties for your network adapter (via Control Panel). By default it uses an automatic metric (i.e. Windows chooses which interface to use).
For your reference (and the reference of anyone else facing a similar challenge), the metric is a weighted value Windows will use to determine which interface to use for a particular endpoint. Here is the definition from the route.exe documentation:
metric Metric : Specifies
an integer cost metric (ranging from 1 to 9999) for the route, which is used when choosing among multiple routes in the routing table that most closely match the destination address of a packet being forwarded. The route with the lowest metric is chosen. The
metric can reflect the number of hops, the speed of the path, path reliability, path throughput, or administrative properties.
Jason Warren
@jaspnwarren
jasonwarren.ca
habaneroconsulting.com/Insights -
Any best practice/suggestion on giving Id's for UI Component
Hi,
I came to know that for better performance, id's on naming containers shall be less than 7 characters in length.
What about UI Components other than container components?
Is there any best practice available for giving Id's for UI Components and its length?
Do we face any issue if we give ids with more than 7 characters (just to make the id meaningful one)?
Thanks in Advance
Raguramana quotation from
Oracle® Fusion Middleware Performance and Tuning Guide book
11g Release 1 (11.1.1)
E10108-02
>
The "id" attribute should not be longer than 7 characters in length. This is
particularly important for naming containers. A long id can impact
performance as the amount of HTML that must be sent down to the
client is impacted by the length of the ids. -
Ibook to desktop syncing best practices
trying to keep my ibook in sync with my g5 desktop. Client projects in addition to the entourage data files, etc.. I've come across numerous scenarios and recommendations. Anyone with any best practice suggestions, ie: software, syncing scenarios, automation, etc., would be greatly appreciated.
Hello Hugh
The settings that you are looking for are in Itunes. you can choose to sync only unlistened podcasts.
If you go to the podcast section in itunes, there is a filed that says keep and you can choose from the following options:
All episodes
All unplayed episodes
Most Recent episode
Then when you connect your ipod you will then see an optionto only sync the unlistened podcasts and you should be all set. -
IPS Tech Tips: IPS Best Practices with Cisco Remote Management Services
Hi Folks -
Another IPS Tech Tip coming up and this time we will be hearing from some past and current Cisco Remote Services members on their best practice suggestions. As always these are about 30 minutes of content and then Q&A - a low cost high reward event.
Hope to see you there.
-Robert
Cisco invites you to attend a 30-45 minute Web seminar on IPS Best Practices delivered via WebEx. This event requires registration.
Topic: Cisco IPS Tech Tips - IPS Best Practices with Cisco Remote Management Services
Host: Robert Albach
Date and Time:
Wednesday, October 10, 2012 10:00 am, Central Daylight Time (Chicago, GMT-05:00)
To register for the online event
1. Go to https://cisco.webex.com/ciscosales/onstage/g.php?d=203590900&t=a&EA=ralbach%40cisco.com&ET=28f4bc362d7a05aac60acf105143e2bb&ETR=fdb3148ab8c8762602ea8ded5f2e6300&RT=MiM3&p
2. Click "Register".
3. On the registration form, enter your information and then click "Submit".
Once the host approves your registration, you will receive a confirmation email message with instructions on how to join the event.
For assistance
http://www.webex.com
IMPORTANT NOTICE: This WebEx service includes a feature that allows audio and any documents and other materials exchanged or viewed during the session to be recorded. By joining this session, you automatically consent to such recordings. If you do not consent to the recording, discuss your concerns with the meeting host prior to the start of the recording or do not join the session. Please note that any such recordings may be subject to discovery in the event of litigation. If you wish to be excluded from these invitations then please let me know!Hi Marvin, thanks for the quick reply.
It appears that we don't have Anyconnect Essentials.
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 100 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 250 perpetual
Total VPN Peers : 250 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
This platform has an ASA 5510 Security Plus license.
So then what does this mean for us VPN-wise? Is there any way we can set up multiple VPNs with this license? -
CSS best practice / keepalives
We have a Cisco 11503 running 7.40.1.03 (standard feature set) that we are setting up as a load balancer for a new e-mail system. I had two previous threads - thanks to Gilles and the others who responded. The box is now more or less configured to do what we want it to do, but I'm curious about "best practice" suggestions for keepalives.
As I understand it, keepalives are per service. As an example, we have two webmail servers. They are only running SSL, so each server is a service with keepalive type ssl. If webmail1 looses its apache or just dies entirely, the keepalive will not respond, and the CSS will send all traffic to webmail2, which still has its keepalives active.
This is all well and good. But, our IMAP servers are running multiple protocols - 7 of them. I have two services configured; one for each server, with no protocol specification. Then I have a content rule for each seperate protocol, where the port #s are configured.
I am thinking that if I want the most out of the CSS, I need to configure a seperate SERVICE for each protocol for the e-mail servers, with a specific keepalive for each individual protocol. That way if SSH goes away, the CSS will close SSH to email1 and only send that traffice to email2, but will still send IMAP or SIMAP to email1, since those protocols didn't go down.
For me this seems like a configuration disaster. I'd need a seperate service for each server and each protocol, and then a separate content rule as well for every service and every protocol.
Is this correct? Or is there some way of streamlining the configuration to reduce the number of services and/or content rules?
Thank you! And let me know if the configuration would be helpful.
Cheers...The best is to indeed split each protocol and create a separate service and rule for each of them.
2 servers and 7 protocols is not a big config [some customer have 300 servers and 2 or 3 protocols which makes it more problematic to configure].
If you really think this is too much, simply create 1 ip service per server and 1 ip content rule.
You don't monitor the protocols but just ip connectivity.
Easy config, it works but you don't have the granularity to detect specific protocols going down.
Regards,
Gilles. -
I'm sure that other organizations have some policy for this. In our case, we want to keep the mailbox available for others to still access, but disable the user account and remove it from OWA.
In this case, I've disabled the AD object, disabled OWA from the features, and set the mailbox to only receive emails from a dummy mailbox (so that no new emails are accepted).
This all works fine and senders receive a NDR that their mail was rejected, however I'd also like to set a friendlier custom NDR to call the office instead when any sender attempts to send email to that recipient.
What would best practices, suggestions be for this behavior?Hi,
According to your description, the user object in AD has been disabled.
In this case, the mailbox cannot mostly likely be accessed. Thus, maybe OOF couldn’t help you.
If I misunderstand your meaning, please feel free to let me know.
And we can depend on transport rule:
The recipient is
send rejection message to sender with enhanced status code:
http://technet.microsoft.com/en-us/library/bb123506(v=exchg.141).aspx
Thanks,
Angela Shi
TechNet Community Support -
What are Resource Bundle Best Practices techniques for Enterprise App?
Regarding JDeveloper: 11.1.1.6.0, Studio Edition
I was wondering if someone could provide advice on Best Practices for managing Resource Bundles for an international Enterprise Application.
I have been reading textbooks and throughout the web, and I can find different options available. And I can find cautionary tales to get it right at the beginning of Development, but I cannot find Best Practices suggestions.
For instance:
- Should I use XLIFF Resource Bundle, Properties Bundle, or List Resource Bundle?
- What are the benefits and disadvantages of storing the Key/Value pairs in the database?
- It seems that storing in the db would make maintenance easier, because applications do not need to be redeployed, but would they be slower?
- One textbook indicates that "One Bundle per Project" is preferred for ViewController Project, and "One Bundle Per File" is preferred for Model Project. However, I cannot help but think if the whole Enterprise used just one Resource Bundle, it would save typing cust_id/Customer Number in 10 different Bundles.
- One text indicates how to maintain translated versions of Access Keys, if the Bundle is a Properties Bundle, but provides no assistance for other Resource Bundles.
Advice regarding Best Practices would be quite helpful.
Sincerely,
ArieAnyone?
-
Suggest the Best Practice for Procurement of Commodities like crude, copper
Dear Gurus,
Please suggest the best practice for following business Process.
My client is having the procurement need for a comodity whose prices are fluctuating. Say Crude Oil . The prices are changing every day. Now The client would like to pay to vendor on day of good receipt. But it may be possible that the price on GR day is much higher. How to control these kind of procurement. Presently I have activated the price variance through invoice posting but this is not working.
Can you suggest best practice for procurement of comodities.
Thank you for your consistant support.
Regards
Vinod Kakade
Edited by: vinodkakade on Jul 14, 2011 2:34 PMHi Vinod,
Would you know the price by the time the GR is to happen, in this case you can ask the vendor to send the confirmations, just prior to that with the correct price.
Please refer this link
Change in PO Price after goods receipts and goods issue
though the thread is marked unanswered.
Regards
Shailesh -
Can anyone suggest me the OBIEE Repository/Answers best practice document?
Hi,
I'm looking for the OBIEE repository/answers/dashboard development best practice doument.can you suggest me where can i find this document?Hi,
Below the links are helpful for you,
Oracle BI Applications Installation and Configuration Guide
http://download.oracle.com/docs/cd/E12104_01/books/AnyInstAdm/AnyInstAdmTOC.html
Creating a Repository Using the Oracle Business Intelligence Administration Tool
http://www.oracle.com/technology/obe/obe_bi/bi_ee_1013/bi_admin/biadmin.html
Creating Interactive Dashboards and Using Oracle Business Intelligence Answers
http://www.oracle.com/technology/obe/obe_bi/bi_ee_1013/saw/saw.html
Hope its helpful for you and award points,
Thanks,
Balaa... -
Lots of you are hitting the brick wall in updating, and end result is non-recoverable project. In a production environment and with projects due, it's best that you never update while in the middle of projects. Wait until you have a day or two of down time, then test.
For best practice, get into the habit of saving off your projects to a new name by incremental versions. i.e. "project_name_v001", v002, etc.
Before you close a project, save it, then save it again to a new version. In this way you'll always have two copies and will not loose the entire project. Most projects crash upon opening (at least in my experience).
At the end of the day, copy off your current project to an external drive. I have a 1TB USB3 drive for this purpose, but you can just as easily save off just the PPro, AE and PS files to a stick. If the video corrupts, you can always re-ingest.
Which leads us to the next tip: never clear off your cards or wipe the tapes until the project is archived. Always cheaper to buy more memory than recouping lost hours of work, and your sanity.
I've been doing this for over a decade and the number of projects I've lost? Zero. Have I crashed? Oh, yeah. But I just open the previous version, save a new one and resume the edit.Ctrl + B to show the Top Menu
View > Show Sidebar
View > Show Staus Bar
Deactivate Search Entire Library to speed things up.
This should make managing your iPhone the same as it was before. -
We have an homegrown Access database originally designed in 2000 that now has an SQL back-end. The database has not yet been converted to a higher format such as Access 2007 since at least 2 users are still on Access 2003. It is fine if suggestions
will only work with Access 2007 or higher.
I'm trying to determine if our database is the best place to do this or if we should look at another solution. We have thousands of products each with a single identifier. There are customers who provide us regular sales reporting for what was
sold in a given time period -- weekly, monthly, quarterly, yearly time periods being most important. This reporting may or may not include all of our product identifiers. The reporting is typically based on calendar-defined timing although we have
some customers who have their own calendars which may not align to a calendar month or calendar year so recording the time period can be helpful.
Each customer's sales report can contain anything from 1,000-20,000 rows of products for each report. Each customer report is different and they typically have between 4-30 columns of data for each product; headers are consistently named. The
product identifiers included may vary by customer and even within each report for a customer; the data in the product identifier row changes each week. Headers include a wide variety of data such as overall on hand, overall on order, unsellable on hand,
returns, on hand information for each location or customer grouping, sell-through units information for each location or customer grouping for that given time period, sell-through dollars information for each location or customer grouping for that given time
period, sell-through units information for each location or customer grouping for a cumulative time period (same thing for dollars), warehouse on hands, warehouse on orders, the customer's unique categorization of our product in their system, the customer's
current status code for that product, and so on.
Currently all of this data is stored in a multitude of Excel spreadsheets (by customer, division and time period). Due to overall volume of information and number of Excel sheets, cross-referencing can take considerable time. Is it possible to
set-up tables for our largest customers so I can create queries and pivot tables to more quickly look at sales-related information by category, by specific product(s), by partner, by specific products or categories across partners, by specific products or
categories across specific weeks/months/years, etc. We do have a separate product table so only the product identifier or a junction table may be needed to pull in additional information from the product table with queries. We do need to maintain
the sales reporting information indefinitely.
I welcome any suggestions, best practice or resources (books, web, etc).
Many thanks!Currently all of this data is stored in a multitude of Excel spreadsheets (by customer, division and time period). Due to overall volume of information and number of Excel sheets, cross-referencing can take considerable time. Is it possible to
set-up tables .....
I assume you want to migrate to SQL Server.
Your best course of action is to hire a professional database designer for a short period like a month.
Once you have the database, you need to hire a professional DBA to move your current data from Access & Excel into the new SQL Server database.
Finally you have to hire an SSRS professional to design reports for your company.
It is also beneficial if the above professionals train your staff while building the new RDBMS.
Certain senior SQL Server professionals may be able to do all 3 functions in one person: db design, database administration/ETL & business intelligence development (reports).
Kalman Toth Database & OLAP Architect
SELECT Video Tutorials 4 Hours
New Book / Kindle: Exam 70-461 Bootcamp: Querying Microsoft SQL Server 2012 -
Best Practice for Designing Database Tables?
Hi,
I work at a company for tracking devices (GPS Devices). Our SQL Server database is designed to have a table for each device we sell, currently there is 2500 tables in our database and they all have the same columns they only differ in table name. Each device
sends about 4K records per day.
currently each table hold from 10K records to 300K records
What is the best practice to design a database in this situation?
When accessing database from a C# application, which is better to use, direct SQL commands or views?
a detailed description about what is best to do in such scenario would be great.
Thanks in advance.
Edit:
Tables columns are:
[MessageID]
,[MessageUnit]
,[MessageLong]
,[MessageLat]
,[MessageSpeed]
,[MessageTime]
,[MessageDate]
,[MessageHeading]
,[MessageSatNumber]
,[MessageInput]
,[MessageCreationDate]
,[MessageInput2]
,[MessageInput3]
,[MessageIO]Hello Louis, thank you so much for your informative post. I'll describe in detail what situations I came through my 9 months of work in the company (working as a software engineer, but I am planning to take over database maintenance since no one is maintaining
it right now and I cannot do anything else in the code to make it faster)
At every end of the month our clients generate report for the previous month for all their cars, some clients have 100+ cars, and some have few. This is when real issue start, they are calling their data from our server through internet while having 2000
unit sending data to our server, they keep on getting read time out since SQL Server gives priority to insert and hold all select commands. I solved it temporary in the code using "Read Uncommitted" once I initialize a connection through C#.
The other issue is generating reports for a month or two takes lots of time when selecting 100+ units. Thats what I want to solve, the problem is the one who wrote the C# app used hard coded SQL Statements
AND
the company is refusing to upgrade from SQL Server 2003 and Windows Server 2003.
Now talking about reports, there are summary reports, stops reports, zone reports ..etc most of them depend usually on at least MessageTime, MessageDate, MessageSpeed, MessageIO and MessageSatNumber.
So from your post I conclude that for now I need to set snapshots so that select statements don't get kicked out in favor for insert commands, but does SQL Server automatically select from the snapshots or do I have to tell it to do so?
Other than proper indexing what else I need? Tom
Phillips suggested Table partitioning but I don't think it is needed in my case since our database size is 78GB
When I run code analysis on the app, Visual Studio tells me I better use stored procedures, views than using hard coded Select Statements, what difference will this bring me when talking about performance?
Thanks in advance.
Maybe you are looking for
-
Bug: Adding number to existing contact from a sms msg
A friend sent me an updated number in a txt message and I attempted to replace his existing number with the one in the txt message. I tapped the little blue arrow next to the txt message on my iPhone 4 and got a screen in which the phone number was l
-
Error when re-scheduling a report in WebI XI 3.1 SP2
Hi, Im running BOE XI3.1 SP2 and I get that error when re-scheduling a report in WebI. We have just recently patched the system to SP2. Any idea what this error relates to? Thanks Frank
-
Unmountable boot volume error blue screen
I have a toshibia laptop that has crashed, I am eventually getting the unmountable_boot_volume error blue screen, the recovery disks that i ordered will not work, just disk 1 loads windows file then goes to a black screen with the cursor pointer, com
-
Will I be able to use Mountain Lion
I have a macbook pro 4,1. and have been seeing possiblities that I may not be able to run Mountain Lion. Does anyone know? I purchased my machine in March 2008. It is Intel core 2 duo and currently run Snow Leopard. I just pruchased an iPhone an
-
How to resolve damaged PDF file (via GUI_DOWNLOAD)
Dear forumers, I am having problems with the GUI_DOWNLOAD method for downloading PDF files to the presentation server. The SY-SUBRC code is 0, and the PDF file gets downloaded and saved in the presentation server. However, opening any PDF files would