Configure Entity Tags (ETags)

2

If you have ever used the YSlow (http://developer.yahoo.com/yslow/) to analyze the web page to improve the performance, you may have experienced with “Configure ETags” alert.

YSlow Analyse

What is Entity Tags (ETags)

Entity tags (ETags) are a mechanism web servers and the browser use to determine whether a component in the browser’s cache matches one on the origin server. Since ETags are typically constructed using attributes that make them unique to a specific server hosting a site, the tags will not match when a browser gets the original component from one server and later tries to validate that component on a different server. (http://developer.yahoo.com/performance/rules.html#etags)

“Configure ETags” is a recommended best practices for speeding up the web site. If you are an ASP.NET developer, you can configure this by adding following code to the web.config file.

<system.webServer>
  <httpProtocol>
    <customHeaders>
      <clear/>
      <add name="ETag" value=" "/>
    </customHeaders>
  </httpProtocol>
</system.webServer>

How to validate a credit card number?

2

All you know what information contains in your NIC number. But do you know what information contains in the Credit Card Number? Here are some useful details.

Card Length

Typically, credit card numbers are all numeric and the length of the credit card number is between 12 digits to 19 digits.

  • 14, 15, 16 digits – Diners Club
  • 15 digits – American Express
  • 13, 16 digits – Visa
  • 16 digits – MasterCard

For more information refer: http://en.wikipedia.org/wiki/Bank_card_number

Containing Information

Sample Credit Card

1 – Major Industry Identifier (MII)

The first digit of the credit card number is the Major Industry Identifier (MII). It designates the category of the entry which issued the card.

  • 1 and 2 – Airlines
  • 3 – Travel
  • 4 and 5 – Banking and Financial
  • 6 – Merchandising and Banking/Financial
  • 7 – Petroleum
  • 8 – Healthcare, Telecommunications
  • 9 – National Assignment

2 – Issuer Identification Number

The first 6 digits are the Issuer Identification Number. It will identify the institution that issued the card. Following are some of the major IINs.

  • Amex – 34xxxx, 37xxxx
  • Visa – 4xxxxxx
  • MasterCard – 51xxxx – 55xxxx
  • Discover – 6011xx, 644xxx, 65xxxx

3 – Account Number

Taking away the 6 identifier digits and the last digits, remaining digits are the person’s account number (7th and following excluding last digits)

4 – Check digits

Last digit is known as check digits or checksum. It is used to validate the credit card number using Luhn algorithm (Mod 10 algorithm).

For more information please refer.
http://en.wikipedia.org/wiki/Bank_card_number
http://en.wikipedia.org/wiki/List_of_Issuer_Identification_Numbers

Luhn algorithm (Mod 10)

The Luhn algorithm or Luhn formula, also known as the “modulus 10″ or “mod 10″ algorithm, is a simple checksum formula used to validate a variety of identification numbers, such as credit card numbers, IMEI numbers, National Provider Identifier numbers in US and Canadian Social Insurance Numbers. It was created by IBM scientist Hans Peter Luhn. (http://en.wikipedia.org/wiki/Luhn_algorithm)

When you implementing the ecommerce application, it is good practice to validate credit card number before send it to the bank validation. This saves a lot of time and money by avoiding a trip to the bank.

Here are the Luhn steps which can used to validate the credit card number.

4 0 1 2 8 8 8 8 8 8 8 8 1 8 8 1

1. Starting with the check digit double the value of every other digit (right to left every 2nd digit)

Mod 10 Step 1

2. If doubling of a number results in a two digits number, add up the digits to get a single digit number. This will results in eight single digit numbers

Mod 10 Step 2

3. Now add the un-doubled digits to the odd places

Mod 10 Step 3

4. Add up all the digits in this number

Mod 10 Step 4

If the final sum is divisible by 10, then the credit card number is valid. If it is not divisible by 10, the number is invalid.

Here is the code sample that I used to do the mod10 validation

public static bool Mod10Check(string creditCardNumber)
{
 //// check whether input string is null or empty
 if (string.IsNullOrEmpty(creditCardNumber))
 {
 return false;
 }

//// 1. Starting with the check digit double the value of every other digit
 //// 2. If doubling of a number results in a two digits number, add up the digits to get a single digit number. This will results in eight single digit numbers
 //// 3. Get the sum of the digits
 int sumOfDigits = creditCardNumber.Where((e) => e >= '0' && e <= '9')
 .Reverse()
 .Select((e, i) => ((int)e - 48) * (i % 2 == 0 ? 1 : 2))
 .Sum((e) => e / 10 + e % 10);
 //// If the final sum is divisible by 10, then the credit card number is valid. If it is not divisible by 10, the number is invalid.
 return sumOfDigits % 10 == 0;
}

The original article was modified according to the comments made by Code Project super users.

Download Demo Project

Exclude crystal report embedding when building the ASP.Net web site

0

If you have worked with ASP.Net web applications which include number of crystal reports as part of that, you might have experienced it takes a long time to build the web site. This happens, because by default crystal reports are set to be embedded as a resource.In default your “web.config” displays as follows.

Web config default configuration for crystal report

To resolve this, you can simply modify the embedRptInResource=”false” as follows.

<businessObjects>
    <crystalReports>
        <rptBuildProvider>
            <add embedRptInResource="false"/>
        </rptBuildProvider>
    </crystalReports>
</businessObjects>

Connect to Ubuntu from Windows via RDP

0

In my office, we have an Ubuntu box which is installed OWASP tools (I’ll get back with what is OWASP later. For now check https://www.owasp.org). My laptop installed Windows 7 and I wanted to remotely connect to the Ubuntu computer to test the installed software. I guess most of you use “VNC Viewer” to connect Ubuntu from the Windows.

VNC Viewer

VNC requires a separate client running on a PC. But why don’t we use existing RDP (Remote Desktop Client) which is freely come with windows instead of installing separate software? Here are the steps, how to use RDP to connect from Windows to Ubuntu.

1. To enable the RDP, you have to install the RDP server (xrdp – http://www.xrdp.org/) on Ubuntu. Login to the Ubuntu and run the following command on the terminal window

Ubuntu Console

2.  Now login to the Windows PC and open the RDP client. Type the IP address and click “Connect” button

RDP

3. It will prompt the xrdp login window, and enter your Ubuntu username and password and click “OK”

XRDP

4. Here you connect.

Ubuntu with RDP

You may want to know why I used RDP instead of VNC. That is not only to stop installation overhead of separate software; here is one of the complete answers for this.

RDP is semantic. The RDP is aware of controls, fonts, and other similar graphical primitives. This means that when rendering a screen across a network, this information is used to compress the data stream significantly. For instance, if you know that this region of the screen if occupied by a button, with the color grey, then you don’t need to send an image of the button across the network, but merely information such as location of this button, size and color.

VNC is “dumb” in this respect, and largely functions by sending the actual images across the network.RDP is tightly coupled to the Windows platform, whereas VNC is available for most platforms. RDP is also seen as far more performance then VNC, due to the semantic advantage.

http://superuser.com/questions/32495/whats-the-difference-between-rdp-vs-vnc

(413) Request Entity Too Large

2

Recently I worked with a WCF web service which is hosted in IIS7, and I used one of the service methods to send a byte array which contains a picture. This works well with small size images, but when I’m trying to upload a larger picture, the WCF service returns an error: (413) Request Entity Too Large. Same error I got a month ago when I was developing an ASP.Net web application which is hosted on IIS 7 over SSL. In that case, there was no file upload on the page. It occurred when I’m accessing the web pages which are having a grid view control with large number of paging. The same pages worked fine on HTTP but not on HTTPS.
In both scenarios, I googled and found out different solutions.

1. uploadReadAheadSize
In the second scenario, the error occurred because of the size of the page, it is very large and it caused to request entry body become larger when you submitting the page.
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7e0d74d3-ca01-4d36-8ac7-6b2ca03fd383.mspx?mfr=true

Basically, what happens is if you have a website with SSL and “Accept Client Certificates” enabled HTTP requests are limited to the UploadReadAheadSize of the site. To resolve this, you have to increase the UploadReadAheadSize. (Default size 48kb)

appcmd.exe set config -section:system.webserver/serverruntime /uploadreadaheadsize: 1048576 /commit:apphost

2. maxReceivedMessageSize
WCF by default limits messages to 64KB to avoid DOS attack with large message. By default, it sends byte[] as base64 encoded string and it increases the size of the message (33% increase in size). There for if the uploaded file size is ~larger than 48KB then it raises the above error. (48KB * 1.33 = ~64KB) (NB. you can use MTOM – Message Transmission Optimization Mechanize to optimize the message)

By modifying the “maxReceivedMessageSize” in the Web.config file to accept large messages, you can solve this issue.

<system.serviceModel>
  <bindings>
    <basicHttpBinding>
      <binding maxReceivedMessageSize="10485760">
        <readerQuotas ... />
      </binding>
    </basicHttpBinding>
  </bindings>  
</system.serviceModel>

Comparing time part only without comparing date part in SQL

0

Recently one of my colleagues asked how to compare only the time part of the DateTime field. I have seen many of us struggling to find an answer for this (Winking smile including me).

If you are one of them, here is a simple solution…

DECLARE @date_to_compare AS DATETIME = '2010-08-08 05:00:00';
DECLARE @date_start AS DATETIME = '2012-08-21 7:00:00';
DECLARE @date_end AS DATETIME = '2012-10-07 13:00:00';

SELECT 'OK'
WHERE  DATEADD(day, -DATEDIFF(day, 0, @date_to_compare), @date_to_compare)
BETWEEN DATEADD(day, -DATEDIFF(day, 0, @date_start), @date_start) AND DATEADD(day, -DATEDIFF(day, 0, @date_end), @date_end)

Above solution work as follows,
It converts the date part of the entered date in to the SQL default date, and then compares it.

SELECT DATEADD(day, -DATEDIFF(day, 0, @date_to_compare), @date_to_compare)
>> 1900-01-01 05:00:00.00