|
Your response was similar to mine when I learned how open the systems were. Granted they aren't mission critical, but they are a shade below critical. Crazy.
Andrew Connell
IM on MSN
andrew@aconnell.com
|
|
|
|
|
Andrew Connell wrote:
suddenly security is a very key component that is brought up in all projects... that and making our applications "open" and extensible.
I can't see how this is possible to combine at all.
You guys must be darn smart or something.
Regardz
Colin J Davies
Sonork ID 100.9197:Colin
More about me
|
|
|
|
|
Colin Davies wrote:
You guys must be darn smart or something
I'd say it's more of a challenge to satisfy mgmt's requests/demand than being damn smart Just like life, it's all about compromises
Andrew Connell
IM on MSN
andrew@aconnell.com
|
|
|
|
|
Are you the guy who creates those awful non-standard GUIs for applications like "S-Firm" or "S-Money"?
--
See me: www.magerquark.de
|
|
|
|
|
Uwe Keim wrote:
Are you the guy who creates those awful non-standard GUIs for applications like "S-Firm" or "S-Money"?
Yes I'm in the StarMoney team, and this GUI isn't MFC stuff, it's based on StarView, a library from StarDivision, now belonging to Sun. The library is somewhat old, I know
But it fits perfectly customer's demands, and sales are high afterall.
|
|
|
|
|
When I forget my internet passwords, I use a program I made to get them out of the Autocomplete-passwords section of the registry.
Protected Storage Explorer
Jeremy Pullicino
http://www.drinkinginthesun.com
"Hey man, Taliban, Tali me Banana."
|
|
|
|
|
My hero.... Thanks.
<bold>Alice thought that running very fast for a long time would get you to somewhere else. " A very slow kind of country!" said the queen. "Now, here , you see, it takes all the running you can do, to keep in the same place".
|
|
|
|
|
Hello - we are programming C++, NOT C. I get heartily sick of people using char arrays and sprintf instead of their C++ equivelants.
Christian
I am completely intolerant of stupidity. Stupidity is, of course, anything that doesn't conform to my way of thinking. - Jamie Hale - 29/05/2002
|
|
|
|
|
Christian Graus wrote:
sprintf instead of their C++ equivelants.
Ok, I admit it. I still have a tendancy to use sprintf when I haven't got MFC CString::Format. So what is the nice C++ equivelant? I do need to learn to code better.
Michael
"Eureka" is Greek for "This bath is too hot"
|
|
|
|
|
Check out my article on ostringstream...
Christian
I am completely intolerant of stupidity. Stupidity is, of course, anything that doesn't conform to my way of thinking. - Jamie Hale - 29/05/2002
|
|
|
|
|
Ugh...
ostringstream is an over kill.
*PRINTF* can be used safely!!!!
Tim Smith
I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
|
|
|
|
|
Tim Smith wrote:
*PRINTF* can be used safely!!!!
Sure. You just need to create ugly, C style strings, handle your own types manually, and create huge buffers to decrease the possibility of overflows.
Christian
I am completely intolerant of stupidity. Stupidity is, of course, anything that doesn't conform to my way of thinking. - Jamie Hale - 29/05/2002
|
|
|
|
|
Or, you can (1) use stack allocated TCHAR buffers, to avoid the unnecessary overhead of dynamic memory allocation that most string classes require, and (2) use _sntprintf(...) to prevent buffer overruns, at the expense of length checking (which you get using C++ string classes, anyway...). This also gives me the benefit of easy (IMHO, compared to the stream modifiers) manipulation of the display/format of a value: I believe that
"0x%08X"
-is easier to type than using stream manipulators.
Although I must admit that using ostrstream is usually faster (at runtime) than sprintf(...) .
Peace!
-=- James.
"Some People Know How To Drive, Others Just Know How To Operate A Car."
(Try Check Favorites Sometime!)
|
|
|
|
|
Not when people using endl.
I see that ALL THE TIME. Using ENDL will bring any application to its knees.
Tim Smith
I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
|
|
|
|
|
You should clarify - endl sends a flush as well as a newline, so using it for every newline will bring an application to it's knees. Using it to do a new line and flush will perform exactly as you would expect.
Christian
I am completely intolerant of stupidity. Stupidity is, of course, anything that doesn't conform to my way of thinking. - Jamie Hale - 29/05/2002
|
|
|
|
|
Yes, but that is due people misunderstanding "how things work" (meaning endl ). Granted, stuff like that happens far too often these days in the Software Development world... Entropy Abounds.
Peace!
-=- James.
"Some People Know How To Drive, Others Just Know How To Operate A Car."
(Try Check Favorites Sometime!)
|
|
|
|
|
Half the reason people switch away from VB is to find out what actually goes on.. and then like me they find out that they weren't quite as good as they thought - they've been nannied.
Alice thought that running very fast for a long time would get you to somewhere else. " A very slow kind of country!" said the queen. "Now, here , you see, it takes all the running you can do, to keep in the same place".
|
|
|
|
|
Wow - the email I got was so full of  's that it was illegible.
You're right that typing in the format is usually more intuitive than using iostream modifiers. That's because we are all used to it, because we were taught C instead of C++. However, given that you agree it's faster, AND there is no way that any printf variant will accept user defined types, isn't it worthwhile learning to do things in C++ ? I find I can format things with iostream modifiers as easily as with printf nowadays. It's just a case of learning how.
Christian
I am completely intolerant of stupidity. Stupidity is, of course, anything that doesn't conform to my way of thinking. - Jamie Hale - 29/05/2002
|
|
|
|
|
James R. Twine wrote:
is usually faster (at runtime)
I once had a app log component changed from streams to snprintf - since the streams were freaking slow. Dunno how thsi fits with your experience, but it has cured from from using streams unequivocally.
Peter
Back in the days before yer Gighertz and Teraflops there was something we old timers called paranoia. Andrew Torrance, The Lounge [sighist]
|
|
|
|
|
I specifically mentioned ostrstream , not streams in general. And it would be interesting to see how the streams in your case were being used, just to be sure that they were not being abused.
Peace!
-=- James.
"Some People Know How To Drive, Others Just Know How To Operate A Car."
(Try Check Favorites Sometime!)
|
|
|
|
|
After using them for a while, I basically came to the conclusion that these streams need to be redesigned fromt he ground up again. Nice start, but they have a lot of limitations (not to mention adding 50k to your program just so you can format a number).
Right tool for the right job. Printf works just fine.
Tim Smith
I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
|
|
|
|
|
Ok, my real point to all this really isn't about if streams are better than *printf. They both work just find but only a fool wouldn't see that streams are safer.
HOWEVER, my real point was that buffer overrun problems extend far outside the formatting of output and strings. Streams will go a long way to fixing these problems, but they won't even come close to correcting all buffer overrun problems.
Tim Smith
I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
|
|
|
|
|
I think you mean sprintf(...) , because the discussion is about buffer overruns...
And snprintf(...) is a simple way to prevent them.
Peace!
-=- James.
"Some People Know How To Drive, Others Just Know How To Operate A Car."
(Try Check Favorites Sometime!)
|
|
|
|
|
Tim Smith wrote:
ostringstream
As a MFC, ATL and WTL programmer I never use any streams at all. Although, I do use stl containers like map, list, set, and vector a lot.
John
|
|
|
|
|
at least use snprintf - to limit the number of chars to be put in the buffer.
-c
shh! the audience (and the NSA) is listening
|
|
|
|