One of the basic but important security issues in web development that you should pay attention to is SQL Injection. Recently HP released a free tool called Scrawlr to test such vulnerabilities.

This tool checks your pages using a simple crawler or Google query and find any SQL Injection problems. This tool can only check issues on GET parameters.

You can check up to 1500 URL in each web site using this free tool.

Download: https://download.spidynamics.com/Products/scrawlr/

 

A few days ago, I found some free time to study some articles and documentation about .netTiers. I tested it on some of my previous projects and result was great. Professional software architecture in generated code, smart code generation based on database tables and columns, ease of use, etc. are amazing features of this open source template for CodeSmith.

.netTiers official website has a documenation you can read online but how I searched, I couldn't find any offline version of this documentation to download. So I saved all documentation sections as HTML files and also created PDF version of each page. You can download this documentation in a compress file here (3.7 MB).

 

AjaxLoad is a good website for you to generate eye catching loading indicators in gif format. Just choose your desired indicator type from a list, choose background and foreground colors and click on Generate It!, then you can see a preview and download it as a .gif file easily.

 

In a recent post I pointed out to a tool introduced by Scott. This tool is Code Style Enforcer that is actually a plugin for DxCore and guides you write your codes in standard way. The coding rules in this tool is based on what IDesign has defined. Personally I'm among those programmers which coding standards is so important to them, so this tool seems to be amazing for me but in my first use I found out that many automatic namings that Visual Studio performs for you is not standard!

For example the first alert your will receive from CSE in an ASP.NET code behind source is Page_Load; CSE says that Page_Load has illegal characters and when you fix, it is converted to PageLoad (A Pascal Case name for a protected method).

I think that these naming conventions are same to what Microsoft suggests, so what is the reason of this automatic namings in VS ?

What do you think?

 

Scott Hanselman, like past years, introduced a 2007 list of developer and power users tools for Windows. If you are familiar with his cool lists you can enjoy his fresh 2007 version of it and if you didn't hear anything about his list before its time to take a look at it.

In addition to those tools I've ever been using, I downloaded these tools in my first look at list and I will read list exactly later!: Query Express, CollectionGen, Code Style Enforcer, Microsoft BPA, Resource Refactor.

Thanks Scott, you are an angel!