I wrote a simple tool to decode JWT tokens and I'd like to use it in a similar way as the Interactive Regex Evaluator.
Is there a way to either automatically hide a query (e.g., via the Util class) or to even register it to something like Ctrl+Shift+F2?
Unfortunately that functionality doesn't exist.
You'll notice when using the Interactive Regex Evaluator it's opening the sample of the same name but doing extra work to hide the query panel. Looking at LinqPads code using it's own ILSpy, there's a method called LINQPad.UI.MainForm.miRegex_Click and it's calling the method LINQPad.UI.QueryControl.ToggleFullPaneResults which does that functionality but unfortunately the method is internal.
If you'd like to suggest the feature head over to the LinqPad forums over at http://forum.linqpad.net/ and make the suggestion. Joseph is good at getting back to people.
Related
I need to use the table in from this wiki page https://en.wikipedia.org/wiki/List_of_most_visited_museums to make a database in python (though the latter part is irrelevant atm). I have to use the API (can't scrape) to access it. Right now I'm trying the API's documentation https://www.mediawiki.org/wiki/API:Parsing_wikitext#Example_1:_Parse_content_of_a_page Example #2 from this page is exactly what I want to do, but it's returning an error, and even running the original code in my notebook it also returns an error. Can anyone tell me how to either alter that code so it runs, or direct me to another way to do the same thing? Thanks.
This fetches the content you're after: https://en.wikipedia.org/w/api.php?action=parse&page=List%20of%20most%20visited%20museums&prop=wikitext§ion=2&format=json
If the example isn't working in your notebook, the problem probably lies with the rest of your code and not with the API call.
Yes, I know: when using read stage it is possible to get some properties like the web path, web text, URL etc. But there are not ALL properties available. Nevertheless, when capturing an element via Application Modeller there are some other useful properties like web value, web style. How can I save them into a data item? Via JavaScript this is not possible
It is actually possible via JavaScript, it's just not "one action" simple. That being said, it's not much more difficult - it's "two actions" simple. You need to execute a javascript that will write your value into some element that BP can read from and then use the Reader stage to read that value from it.
You can have a look at similar answer here.
Lets say I am calling a web api such as:
http://testapi.com/search?type=2
That would work fine for a single type, but what if I wanted type 1 and type 2. Is there a standard way to call this? I tried:
http://testapi.com/search?type=2|1
http://testapi.com/search?type=2&type=1
With no success..
Or is the only way typically to do this with web apis to make two calls and then combine the results yourself?
In case it helps - Specifically in this instance I believe the website developer has made the website and API via codeigniter.
So based on the comments it appears that there is no 'standard way'. If you need something like this you have two choices:
a. Place an enhancement request against the API for some custom syntax to allow OR (this is what I did and now use)
or
b. Right code to loop through each of the possibilities and union results.
What is the best way to avoid SOQL Injection when querying salesforce through the APIs?
The two main APIs I am interested in are the SOAP and REST APIs.
My current methods are to never use any input from the user (which is impractical if they are searching for a Company Name) or encoding certain characters within the string.
However I saw that there was parameterisation within the APEX, so i was wondering if there was a similar way of doing it through the APIs.
I think all you really need to do is to make sure that the input, in this case the company name, is escaped properly. I am not aware of a parameterized way of building a query object for either of the API's.
However, if you needed to you could expose a custom web service method from within Salesforce so that you can pass the value in. Then from within the Salesforce Apex Code language you can parameterize the value using a syntax similar to below:
public Account[] queryCompany(string companyName) {
return [SELECT Id FROM Account WHERE Name = :companyName];
}
Philosophical rant
What are you after really :)
If your application should work same way accessed from different sources (Salesforce UI, PHP connector, some mobile applications) then it probably makes most sense to think about Apex like some stored procedures that will be reused. This means you'd be passing safe parameters to them.
If you plan to hand-craft queries & not rely on Apex too hard - maybe what you need is something like database.com or other cloud-based DB solutions?
Actual answer
I'm not aware of an out of the box way to pass separately the query command and separately the params to it (like bind variables/prepared statements) through APIs. Both REST and SOAP API give you what's essentially Database.query() within Apex. Sure, there are some differences like retrieve() command or queryMore() but that's the baseline.
What you could do is to either expose some commonly used searches with methods similar to what John proposed (bonus points for extra performance - they're precompiled) or build something generic?
List<sObject> runQuery(String query, List<List<String>> params){...}
If the runQuery will contain bind variables like params[0] it should work. Looks crazy and I didn't test it though ;) I'd say that bind variables are the best method. Alternative would be to escape user's input but SQL and XSS injections can become amazingly creative. Check Examples of XSS that I can use to test my page input? for a start (yes, I'm aware you asked about SOQL only).
As for actual SOQL injection: http://wiki.developerforce.com/page/Secure_Coding_SQL_Injection. Since "worst that can happen" is that users will search for more than they were supposed to (no way to convert SELECT into INSERT) escaping should be safe-ish...
We are looking for script, which automatically detects url, as you type and shorten it, in text input window, before press "submit". The shortening service used is http://yourls.org/
Have you tried implementing one yourself? Deploy the shortener to your own web site (it's written in PHP, as far as I can see from a cursory glance at the web site) and provide a simple Ajax endpoint which will dynamically perform a shortening conversion, then implement calls to that from the main page using JavaScript.
You might want to impose a reasonable delay to allow the user to finish typing, to avoid performing lots of unnecessary conversions of bogus URLs (which may require, e.g. writes to a file or database - I haven't looked at how the library referenced does things).
I'm not sure what you're trying to achieve; if you create new shortened URLs for each substring before the user has finished typing the full URL, you will just proliferate your database.
I don't see how shortening a URL before it's finished makes sense.
If you want to relieve the user from the arduous task of clicking the submit button, then initiate the submit using javascript (jQuery, or something). I'm not sure if that's what you want to do.
http://monkeytooth.net/2010/12/htaccess-php-how-to-wordpress-slugs/
simple means of implementing the concept its a lot more easier than one would think. Querying a DB or some other means of matching the slug/id with the that of which is found in the URL wouldn't be all to hard either. The linked article doesn't really go in depth as what to do next but catching and breaking the URL apart is the essential process of making it work. I have person used the method myself on several sites and it works like a charm for me and the sites it was used on.