How To Manually Change ASP.NET MembershipProvider Passwords

Login graphic from Windows

Don’t ask me why you find yourself working in ASP.NET. I know there are more effective ways to build a site.

Don’t ask me why you’re maintaining an app written in the style of 2005. I know, but it happens occasionally frequently.

Don’t ask me why your ASP.NET app is using the MembershipProvider system. I know it’s a poor match for the needs of almost all apps and encourages security holes by design.

Don’t ask me what reason could possibly explain needing to change some passwords. Why isn’t this functionality built in to the app? I know, I know…

But you’re there. Your app is using the MembershipProvider system, which saves the passwords in the database in some kind of encrypted form. And now you have to change some passwords quickly, probably for multiple embarrassing reasons, yet the app doesn’t offer you the functionality to do so, and you don’t have the time to add that functionality and re-build and re-deploy the app.

If only it were possible to go into SSMS and change the passwords using only T-SQL.

Now you can.

(more…)

Empty Catch Blocks

Strong Bad

STOP DOING THIS:

[code language=”csharp”]
void ButtonClicked()
{
try
{
SaveEverything();
SubmitMonetaryTransaction();
SendConfirmationEmail();
}
catch
{
// If anything goes wrong, do nothing.
// Don’t log anything.
// Don’t output anything.
// Suppress any sign of the problem.
// Just continue as if everything’s completely okay.
// Also, don’t actually write a comment here.
}
}
[/code]

Let me explain why this is wrong.

(more…)

Is RSS Dead Yet?

So I’m building these web apps in my spare time (because that’s what I do), and I’m adding RSS feeds for certain types of updates, et cetera. But when I think of my immediate friends & family, I don’t picture them using RSS. Not everyone can be so serious about computers, I guess.

So, on a whim, I type into Google something like “Who uses RSS?” But all the articles start with something more like “Who uses RSS any more?

As if it were a fad.

(more…)

Automated Testing in the Real World

Barbosa

Disclaimer: There are no rules, only guidelines. Every project and situation has its own unique needs.

Actually, that’s exactly what this article is about.

* * *

Why do we always talk about unit tests? Why is “unit tests” automatically added to the plan of any or all projects? I think it’s just because it’s an expression we’ve gotten used to hearing. There are an awful lot of “xUnit” packages nowadays.

But what is a unit test, anyway?

(more…)

Style Wars

Doug Crockford

I recently realized that semicolons might be optional in JavaScript. I guess this is something I kinda sorta always knew but didn’t want to think about. JavaScript is a mess of proprietary non-standards, right? Well, maybe ten years ago. It’s okay to care about the syntax now that it’s reliably deterministic.

So should I include them or omit them? Obviously the Spirit of the Art & Logic Style Guide would have the semicolons included. But I still need to ask myself the question for …reasons. I’m not going to be satisfied without understanding all the factors.

But wait, why are there factors? Why isn’t it common knowledge that everyone should stop typing all those “extra” semicolons, case closed? Well, it turns out that semicolons are only optional sometimes.

(more…)