Wednesday, 22 October 2014

What is the difference between iisreset, recycle, refresh and restart?

iisreset

iisreset will stop and start the World Wide Web Publishing Service. This, of course, applies to all of your application pools.

Recycle application pool

A process being created for each application pool. This process will handle requests for all websites associated with it. When you recycle an application pool, IIS will create a new process (keeping the old one) to serve requests. Then it tries to move all requests on the new process. After a time-out the old process will be killed automatically.

You usually recycle your application pool to get rid of leaked memory. You might have a problem in your application if this needs to be a regular operation. It is recommended to have a scheduled recycle.

Restarting a website

As for restarting a website, it just stops and restarts serving requests for that particular website. It will continue to serve other websites on the same app pool with no interruptions.

If you have a session oriented application, all of the above will cause loss of session objects.

Refreshing IIS or a website

Refreshing a website has no effect on the service/process/website and is merely a UI command to refresh the tree-view. For example you have added a directory that you don't see in the management console. Then refreshing the website will show the new directory in the treeview.

Tuesday, 21 October 2014

Difference between jQuery.bind() and jQuery.on()?

.on() is a new function available from jQuery version 1.7. .on() can be used to attach an event handler function for one or more events of the selected elements.

The .on() method provides all functionality required for attaching event handlers. So on() is now preferred over other event handling functions .bind(), .delegate() and .live()

Syntax
.on( events [, selector ] [, data ], handler )
Notes

To remove events bound with .on() use .off(). To attach an event that runs only once and then removes itself use .one()

on() vs bind()

These two lines are functionally the same

    $( '#element' ).bind( 'click', handler );
    $( '#element' ).on( 'click', handler );

.on() can also do event delegation, and is preferred.

.bind() is actually just an alias for .on() now. Here's the definition of the bind function in 1.7.1.

    bind: function( types, data, fn ) {
    return this.on( types, null, data, fn );
    }

Friday, 10 October 2014

How to render partial view from different folder?

The usual syntax to render a partial view is

@Html.Partial("partialViewName")

This syntax expects the partial view to be physically present in the current folder or in the "Shared" folder.

If you want to use a partial view which is not in "Shared" but in a different "Views" folder then use below Razor syntax.

@Html.Partial("~/Views/AnotherFolder/_partialView.cshtml")

How to check for null, undefined, or blank variables in JavaScript?

You can just check if the variable has a true value or not. That means

if( value ) {
}

will evaluate to true if value is not:

  • null
  • undefined
  • NaN
  • empty string ("")
  • 0
  • false

Furthermore, if you don't know whether a variable exists (that means, if it was declared) you should check with the typeof operator. For instance

if( typeof foo !== 'undefined' ) {
    // foo could get resolved and it's defined
}

If you can be sure that a variable is declared at least, you can directly check if it has a true value.

Truth, Equality and JavaScript

JavaScript Coercion Demystified

Wednesday, 1 October 2014

Hashing, MD5, SHA1, Salted Password Hashing

Hashing

Hashing is the transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string. Hashing is used to index and retrieve items in a database because it is faster to find the item using the shorter hashed key than to find it using the original value. It is also used in many encryption algorithms.

A hash function is any function that can be used to map digital data of arbitrary size to digital data of fixed size, with slight differences in input data producing very big differences in output data.

Hash algorithms are one way functions. They turn any amount of data into a fixed-length "fingerprint" that cannot be reversed.

Collision / Hash Collision

The hash function is used to index the original value or key and then used later each time the data associated with the value or key is to be retrieved. Thus, hashing is always a one-way operation. There's no need to "reverse engineer" the hash function by analysing the hashed values. In fact, the ideal hash function can't be derived by such analysis. A good hash function also should not produce the same hash value from two different inputs. If it does, this is known as a collision.

MD5

The MD5 message-digest algorithm is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed in text format as a 32 digit hexadecimal number. MD5 has been utilized in a wide variety of cryptographic applications, and is also commonly used to verify data integrity.

SHA1

SHA1 stands for Secure Hash Algorithm makes a larger (160-bit / 20-byte) message digest and is similar to MD4. A SHA-1 hash value is typically rendered as a 40 digits long hexadecimal number.

Password Hashing

Hashing is great for protecting passwords, because we want to store passwords in a form that protects them even if the password file itself is compromised, but at the same time, we need to be able to verify that a user's password is correct.

The general workflow for an account registration and authentication in a hash-based account system is as follows:

  1. The user creates an account.
  2. Their password is hashed and stored in the database. At no point is the plain-text (unencrypted) password ever written to the hard drive.
  3. When the user attempts to login, the hash of the password they entered is checked against the hash of their real password (retrieved from the database).
  4. If the hashes match, the user is granted access. If not, the user is told they entered invalid login credentials.
  5. Steps 3 and 4 repeat everytime someone tries to login to their account.

In step 4, never tell the user if it was the username or password they got wrong. Always display a generic message like "Invalid username or password." This prevents attackers from enumerating valid usernames without knowing their passwords.

It should be noted that the hash functions used to protect passwords are not the same as the hash functions you may have seen in a data structures course. The hash functions used to implement data structures such as hash tables are designed to be fast, not secure. Only cryptographic hash functions may be used to implement password hashing. Hash functions like SHA256, SHA512, RipeMD, and WHIRLPOOL are cryptographic hash functions.

Salted Password Hashing

We can randomize the hashes by appending or prepending a random string, called a salt, to the password before hashing.The salt does not need to be secret. Just by randomizing the hashes, lookup tables, reverse lookup tables, and rainbow tables become ineffective. An attacker won't know in advance what the salt will be, so they can't pre-compute a lookup table or rainbow table. If each user's password is hashed with a different salt, the reverse lookup table attack won't work either.

Salted Password Hashing - Doing it Right